Two common problems with log: all the censored contents, which can make them meaningless, and the sheer number of entries. How to use logging preferences to tackle them.
privacy
Introduced in Catalina to enable ‘privacy by user intent’, these contain header-UUID pairs, with the UUID identifying the app granted access. But UUIDs change with every restart, so can’t be used to track access prior to the current session.
How can Privacy & Security show that access by an app to a protected folder is disabled, yet the app can still access that folder? With additional details of privacy controls over storage locations.
Seven different locations examined to see how privacy protection is applied to them, including control over writing files, and listing folder contents. Some surprises too, and a new version of Insent.
One of the requirements of App Store apps is that they run in a sandbox. What does mean, and how does it affect the app? And why does privacy protection also use a sandbox?
How to gain access to the contents of privacy-protected folders even though Privacy & Security settings say that access is denied.
How are folder protections implemented? How do settings for Full Disk Access interact with those in Files & Folders for specific protected locations? And how does this involve making screenshots?
How TCC gets to authorise whether apps can obtain listings and open files in protected folders. The attribution chain and its effect on command tools.
Privacy protected folders are widely misunderstood and users end up giving apps Full Disk Access unnecessarily. Concepts are explained and experienced using a simple app, Insent.
How to remove all the privacy redactions, and reveal network diagnostics including the URLs connected to by your Mac.
The Eclectic Light Company 