I submitted a bug report for this, but posting here as well hoping for some answers.
There is a regression in macOS 11 in which TCC automatically denies privacy access by default when an executable is run from the lldb debugger, if the executable needs privacy access for folders like Desktop.
Expected behavior:
This is reproducible in a simple C++ executable - attached to this question is the contents of a makefile that generates an executable and starts it in the debugger:
The relevant entries in the unified system log for TCC say stuff like " Refusing authorization [...] without NSDesktopFolderUsageDescription key". This indicates that access is being automatically denied because there is no key. However, this is an executable, not an app bundle, and it therefore does not have an Info.plist file. In addition, this issue did not occur in 10.15, and I don't see any release notes that mention something changing.
There is a regression in macOS 11 in which TCC automatically denies privacy access by default when an executable is run from the lldb debugger, if the executable needs privacy access for folders like Desktop.
Expected behavior:
In macOS 10.15, building an executable that lives in the Desktop folder and running it in the debugger causes a privacy dialog to appear, prompting for access to the Desktop folder
This is expected because hash is regenerated with every build
However, in macOS 11, the behavior has changed - instead of a privacy dialog appearing, no dialog appears, and privacy access is immediately denied by default. When run from the Desktop, the executable fails to run with the error “file system sandbox blocked open()”. However, if the executable is compiled and run from the /tmp directory, the executable runs normally without error, although we don’t get a privacy dialog like we do in macOS 10.15.
This is reproducible in a simple C++ executable - attached to this question is the contents of a makefile that generates an executable and starts it in the debugger:
The relevant entries in the unified system log for TCC say stuff like " Refusing authorization [...] without NSDesktopFolderUsageDescription key". This indicates that access is being automatically denied because there is no key. However, this is an executable, not an app bundle, and it therefore does not have an Info.plist file. In addition, this issue did not occur in 10.15, and I don't see any release notes that mention something changing.
