I was curious if a non-sandboxed app (i.e. from an Unidentified Developer) can actually do anything malicious if the user does not grant any permissions to it (like Full drive access, Access to documents, etc)?
For example, can an un-sandboxed app potentially access data in sandboxed apps? Seems highly unlikely but there is absolutely no documentation on this.
Thanks!