Privileged Helper tool not getting access to write to disk

I have an application that uses a PrivilegedHelper to read/write external disks (eg. backup or restore SD cards).

This has been working great and reliable in Mojave.

In Catalina (10.15, 19A573A) this no longer works and produces the error:


Sandbox: (2301) System Policy: deny(1) file-write-data /dev/rdisk3


I was under the assumption that one of the applications of a priviligedhelper tool is to actually have root access rights.

Note: running my application with sudo does work, but obviously that is not the right way to do it.


Is there anyone who would know how to resolve this issue?

Any help would be greatly appreciated, as I have been unable to find proper documentation.


Note: both application and helper tool are 64 bit, not sandboxed, signed, notarized (the DMG) and not distributed through the App Store.

Replies

Doh ... I think I found a way around this issue, even though I'm not happy about the way this is done;


Open "System Preferences" -> "Security & Privacy" -> "Privacy".

From the list on the left select "Full Disk Access".

Click the padlock, and unlock your settings.

Now click "+" to add your application to the exception list.

You will have to restart your application but now writing works under Cataline without the need for running it as sudo.

That’s interesting that it would work with sudo. I had thought that Full Disk Access was a higher privilege level. I’ll have to check that.

The problem still persists in the final release of Catalina. 😞

I've posted more details in another post - my bad for posting twice, for some reason I didn't get a notification of your reply, and I had already forgotten that I had asked this question here - my sincere apology for the late response and for posting twice.


I do see that similar applications, like CCC and Etcher, experience the same issue. 😞