macOS Mojave’s privacy controls are found in the Privacy tab of the Security & Privacy pane in System Preferences, and in one command tool,
There are three different sets of behaviours, depending on the type of protection.
- Location Services – your location
- Contacts – the contents of ~/Library/Application Support/AddressBook
- Calendars – the contents of ~/Library/Calendars
- Reminders – often bundled with Calendars, sometimes considered separately
- Photos – .photoslibrary files in ~/Pictures
- Camera – access to the built-in camera
- Microphone – access to the built-in microphone.
You cannot add items to these manually. If you use an app which needs access to any of them, it should prompt you with a dialog inviting your consent. Only if you give your consent will that app be added to that list. Once added, you can disable its access to that private data by unchecking the checkbox next to it. You cannot remove the item from that list except by using
- Accessibility – includes access to Automator’s Watch Me Do recording and playback of user actions
- Full Disk Access – access to the whole disk, within the limits of normal permissions.
Apps cannot normally add themselves to these lists, although Apple’s apps can add items to Accessibility but not enable them. You can add apps, command tools and other items as you wish, to grant access to those protection categories. To add an app, click on the + tool at the foot of the list, select the app in the dialog, and click Open.
Adding items embedded within an app is best done using drag and drop: in a Finder window, locate the item, if necessary using Command-Shift-. to show hidden items, or by opening an app’s bundle using the Finder’s contextual menu, and drag and drop it into the list.
Once added, you can temporarily disable its access to that private data by unchecking the checkbox next to it. You can also remove that item from the list by selecting it within the list and clicking on the – tool at its foot. Once removed, you can always add that item back in the normal way, as this is not a permanent ban.
In addition to the Contacts, Calendars, Reminders, and Photos data controlled by specific classes and listed above, Full Disk Access also gives access to:
- Mail – the contents of ~/Library/Mail
- Messages – the contents of ~/Library/Messages
- Safari browsing history – the contents of ~/Library/Safari
- Cookies – the contents of ~/Library/Cookies
- iTunes backups (when present)
- Time Machine backups – all your backup folder
- Miscellaneous – the contents of ~/Library/HomeKit, ~/Library/IdentityServices, ~/Library/Metadata/CoreSpotlight, ~/Library/PersonalizationPortrait, and ~/Library/Suggestions, most of which are new to Mojave.
- Automation – the ability of one app to control the behaviour of another using AppleEvents, AppleScript, and similar.
This lists pairs of items: the first is the app which controls the second. You cannot add pairs to this manually. If you use an app which needs to control another app, it should prompt you with a dialog inviting your consent. Only if you give your consent will that pair be added to that list. Once added, you can disable control over specific apps by unchecking the checkbox next to the controlled app. You cannot remove the pair from that list except by using
Analytics and Advertising cover other aspects of privacy protection.
tccutil can only clear apps currently given access to certain classes of protected data. It cannot be used to add or enable apps in those classes. It is used in one of two forms:
tccutil reset service
clears all current settings for the named service, or
tccutil reset service bundleID
clears the bundle identified by bundleID, e.g. co.eclecticlight.myApp, from the named service.
Named services currently include:
Accessibility AddressBook AppleEvents (for Automation)
Calendar Camera Microphone Photos Reminders All.