PermissionScanner 1.5 can now perform shallower scans

I’m very grateful for the many comments which you’ve made recently about my free utility to check permissions, PermissionScanner. Rather than respond to them piecemeal, this article explains what’s possible and what’s not, and provides a new version which hopefully addresses at least some of the issues you’ve raised.

It’s very important to remember what PermissionScanner is trying to do: to alert the user to files, particularly Property Lists containing preference and other settings, which apps and other software expect not only to be able to read, but to write too. One common reason for software failing to do what it needs with such files is that their permissions prevent it, and that’s how Apple got into advising users of how to go about correcting permissions on files in the user’s Home folder.

What PermissionScanner does is to perform a thorough or ‘deep’ search through any of five set locations. This is ‘deep’ in the sense that it looks in every folder and sub-folder that it can find, and keeps burrowing down until there are only files to check. For each file that it finds, it checks whether the current user is able to read or write to that file. Although it normally also checks symbolic links, it doesn’t resolve those, nor does it follow them into a linked folder and examine its contents as well (something I had previously misunderstood).

From several comments, some users have folders they want to check in which there are many broken symbolic links, and in previous versions of PermissionScanner this has resulted in very long lists of non-writable or non-readable files. It’s a moot point as to whether such problems should be reported here, as broken symbolic links could be the cause of problems themselves. To accommodate this as well as possible, this new version of PermissionScanner now has a Shallow option, which eliminates checks on any symbolic links found. In testing here, it reduces the number of items listed as not being writable in the Home Library option from 3984 out of 1,330,843, to 129 out of 1,309,333.

permscan1502

Opinion is divided on whether ~/Documents should be included at all, or whether it should be another option. While some apps may still store settings and similar files in ~/Documents, in Catalina that is a bad choice because of its new privacy protection. The five options offered by PermissionScanner cover:

~/Library/Preferences, the most important and relevant folder.
~/Library/Preferences, together with ~/Library/Containers, ~/Library/Group Containers, and any preference files elsewhere in ~/Library, which casts the net as wide as practical.
the whole of ~/Library, which includes ~/Library/Application Support, and custom folders.
the whole of your Home folder at ~, which includes ~/Documents and other folders as well.
/Library/Preferences, a smaller but important folder which Apple doesn’t include in its recommendations, but which can cause problems.

In the context of the primary functions of PermissionScanner, I think that selection covers what is required, and goes above and beyond. If you want to check preference files without those confined to ~/Library/Containers or ~/Library/Group Containers, then the first of those is ideal. If you want to check all preference files, the second should be perfect. If you want include other app support and custom folders, then the third is the only wise choice.

PermissionScanner doesn’t formally check Unix permissions on the items that it examines. What it does is ask the file system whether, as the current user, that item is readable or writable, according to the option set by the user. In terms of the app’s functions, that is the only question necessary, as it alerts the user to the potential problem, so that they can inspect that file’s permissions and flags to determine what needs to be corrected, if anything.

PermissionScanner version 1.5 is now available from here: permscan15
from Downloads above, from its Product Page, and through its auto-update mechanism. I hope that it addresses your needs better, and look forward to your further comments.

5Comments

Add yours

1

John Gilbert on February 21, 2020 at 10:40 am

I like the “shallow” tick box. I now have just one unreadable file in all of ~. I certainly have a more manageable unwritable list into which it is worth putting some effort to check for potential problems and weirdness. My only quibble is that the name “shallow” is not very intuitive. “Skip links” might convey its meaning better, but might not be strictly correct.

Weirdness: What is “orpsurum” as in /Library/Preferencs/.orpsurum?

LikeLiked by 1 person
- 2
  
  lestertwice on February 21, 2020 at 3:50 pm
  
  Did you install Murus Pro? Read orpsurum backwards from the end.
  
  LikeLiked by 1 person
  - 3
    
    hoakley on February 21, 2020 at 4:08 pm
    
    Thank you: I was wondering why that was written there five years ago!
    Howard.
    
    LikeLiked by 1 person
- 4
  
  hoakley on February 21, 2020 at 4:13 pm
  
  Thank you.
  You’ve quite cheered me up, as I feared that this was all going horribly wrong.
  I thought about ‘shallow’ quite carefully. The trouble with referring to links or aliases is that they’re even more confusing!
  Howard.
  
  LikeLike
5

John Gilbert on February 21, 2020 at 10:52 pm

lestertwice, Murus Pro of course. And there was me checking a Latin dictionary!

Howard, Your recent posts about permissions and resetting them have got me to realise that PermissionScanner is a handy tool to have around. And stay with “shallow”. Being not obvious will encourage reading of the help file – I am a believer in rtfm.

LikeLiked by 1 person

Share this:

Like this:

Related