Privacy & Security Settings Don’t Show Intent-Based Access
Thus, access to a protected folder by user intent, such as through the Open and Save Panel, changes the sandboxing applied to the caller by removing its constraint to that specific protected folder. As the sandboxing isn’t controlled by or reflected in Privacy & Security settings, that allows TCC, in Files & Folders, to continue showing access restrictions that aren’t applied because the sandbox isn’t applied.
[…]
It’s possible for an app to have unrestricted access to one or more protected folders while its listing in Files & Folders shows it being blocked from access, or for it to have no entry at all in that list.
[…]
Most concerning is the apparent permanence of the access granted, requiring an arcane command in Terminal and a restart in order to reset the app’s privacy settings.
I was aware that access could be granted in this way, but I think I assumed that it only lasted until the app quit. Oakley says that it actually persists until you run tccutil reset All and restart. (I guess the specific TCC identifier is undocumented; clearly it’s not SystemPolicyDocumentsFolder.)
I generally have the opposite problem, with access not lasting as long as expected:
- I keep getting prompts to allow the same apps to access my Documents folder. I’m not resetting anything, but TCC seems to keep forgetting that I’ve granted access.
- Sandboxed apps try to save access to certain folders using security-scoped bookmarks, which keep breaking and needing to be refreshed.
Previously:
- Sploitlight
- TCC and Gatekeeper Bypasses
- Reporting a Full Disk Access Bug to Apple
- Persistent File Access via com.apple.macl Xattr
- Resetting TCC
- Terminal and Full Disk Access
- Sandbox Doesn’t Protect Files From stat()
