When a user selects a “protected” file or folder in an NSOpenPanel in a non-sandboxed app on Catalina, consent is inferred and the app can access it.
Ah yes, that. I ran into that yesterday as part of a DTS incident and did some poking around. Are far as I can tell this is stored in the
com.apple.macl
extended attribute on the file itself. Here’s that attribute on a newly created file on my desktop:
$ xattr -l test.txt
com.apple.macl:
00000000 01 00 14 FD 16 DD 15 52 4F 5B B1 04 EF 01 B7 F9 |.......RO[......|
00000010 CA 1B 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000040 00 00 00 00 00 00 00 00 |........|
00000048
And here’s what I see after selecting it with the open panel in my test app:
$ xattr -l test.txt
com.apple.macl:
00000000 01 00 14 FD 16 DD 15 52 4F 5B B1 04 EF 01 B7 F9 |.......RO[......|
00000010 CA 1B 01 00 B7 E7 6D 68 EA 39 44 EF AE F3 F8 90 |......mh.9D.....|
00000020 69 AC 56 11 00 00 00 00 00 00 00 00 00 00 00 00 |i.V.............|
00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000040 00 00 00 00 00 00 00 00 |........|
00000048
It seems that 01 00 is a header of some form and B7E76D68-EA39-44EF-AEF3-F89069AC5611 is a UUID associated with my test app. I dug into how that UUID is set up and, well, it’s complex, and more of an implementation detail than I care to go into here on DevForums.
Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"