![]() The first reason is that there’s an oddity about the way macOS treats requests to access these areas. This “hardening” of user data in Mojave 10.14 is certainly a good idea given, for example, the recent revelations of Apple App Store apps abusing browsing history, but whether this will have much impact on bad actors seems doubtful for a couple of reasons. This process of discovery, we suspect, is going to produce a lot of IT Support Desk calls from frustrated users. Once added and relaunched, the chosen app will then have permission to access all users’ protected folders on that Mac, just as they have on High Sierra and earlier versions of macOS. Users will have to discover for themselves that the workflow for accessing these folders is to go into System Preferences and manually add the app that they want to provide access for to the list of apps allowed in the Full Disk Access category in the Security & Privacy pane: ![]() Interestingly, there’s no user feedback here to explain either the lack of access or how to deal with it. Note that users can browse into these folders without restriction through the Finder, but trying to do so through other applications is blocked by default. These include Mail, Messages, Cookies, Suggestions and Safari. ![]() ![]() However, on Mojave, we see that certain folders in the user’s own Library are off limits: The simple AppleScript command choose file presents us with an open file dialog from which to pick files for use in a script. We can use Script Editor as an example of how the new protections are supposed to work. Many of these features are designed to stop Apple Events – the technology that underlies AppleScript, osascript, JXA (JavaScript for Automation), Automator, and a great deal of other interapplication communication – from accessing user data without explicit authorisation. ![]() As we noted here, 10.14 ushers in a raft of new security-related features that will change the way many people interact with the Mac operating system. One of the signature features of Apple’s macOS Mojave is user safety. With Mojave’s security hardening, any local or remote user can bypass Apple’s new Full Disk Access requirement using ssh. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
December 2022
Categories |