For better or for worse, many sandboxed apps ask for "/" access via an Open Panel, and then save a Sandbox Bookmark to that location. They are then able to work freely in the File System (for the user's benefit). This is accepted sandbox behavior by App Review.
Catalina adds a new "Full Disk Access" permission to System Preferences.
At WWDC and in the betas, I believe that this new permission was added to grant access to "SIP-like" private files in the filesystem (such as the Mail database, iMessages, etc.) that even apps with "/" access should not have access to.
Two questions:
1. Does adding Full Disk Access grant access, as if you had a Sandbox Bookmark? Or is it that *IF* you have an existing Sandbox Bookmark, you can additionally access the SIP-like files?
2. Assuming that it does grant access, can a tutorial for the user to enable Full Disk Access be used as an ALTERNATIVE to the (error-prone and unintuitive) granting of "/" sandbox access via an Open Panel? Are there any App Store Guidelines or real-world Reviews that show that this can or can't be used in the App Store?
