How can Privacy & Security show that access by an app to a protected folder is disabled, yet the app can still access that folder? With additional details of privacy controls over storage locations.
TCC
Seven different locations examined to see how privacy protection is applied to them, including control over writing files, and listing folder contents. Some surprises too, and a new version of Insent.
How to gain access to the contents of privacy-protected folders even though Privacy & Security settings say that access is denied.
How are folder protections implemented? How do settings for Full Disk Access interact with those in Files & Folders for specific protected locations? And how does this involve making screenshots?
How TCC gets to authorise whether apps can obtain listings and open files in protected folders. The attribution chain and its effect on command tools.
Privacy protected folders are widely misunderstood and users end up giving apps Full Disk Access unnecessarily. Concepts are explained and experienced using a simple app, Insent.
Which problem-solving techniques are still available in macOS Tahoe? While Intel Macs still have a few, Apple silicon Macs don’t have many left.
Deconfusing the term permissions from security controls and privacy protection. While permissions are set in a file’s attributes, privacy is controlled through elaborate rules.
XProtect, XProtect Remediator, XProtect Behaviour Service, kernel extension excludes, incompatible apps, and some historical remnants, including a database that’s downloaded then vanishes.
Overview of how different subsystems work together during launching a notarized app, from LaunchServices to checking WritingTools and AI availability.
The Eclectic Light Company 