How are folder protections implemented? How do settings for Full Disk Access interact with those in Files & Folders for specific protected locations? And how does this involve making screenshots?
privacy
How TCC gets to authorise whether apps can obtain listings and open files in protected folders. The attribution chain and its effect on command tools.
Privacy protected folders are widely misunderstood and users end up giving apps Full Disk Access unnecessarily. Concepts are explained and experienced using a simple app, Insent.
How to remove all the privacy redactions, and reveal network diagnostics including the URLs connected to by your Mac.
Local network privacy protection, introduced in macOS Sequoia, doesn’t use TCC as most others do, but sets up a packet filter in Network Extension. Here are details.
Although Sequoia and Tahoe have restrictions on what can connect to local network addresses, most everyday features are exempted. This explains what you need to know in case you come across one of its privacy prompts.
Why do so many files now have quarantine and other extended attributes, although they’re not apps, and may never have left that Mac?
Deconfusing the term permissions from security controls and privacy protection. While permissions are set in a file’s attributes, privacy is controlled through elaborate rules.
The four types of log entry, all the fields they can contain, and those they are likely to include, shown in the order and colour scheme used in LogUI. Censorship and how to disable it, with a signed profile to do so.
Four eras: rebuilding the Desktop, repairing permissions, resetting Home permissions, and most recently cursing privacy protection. A cynical history?
The Eclectic Light Company 