0 Replies
      Latest reply on Nov 7, 2019 5:14 PM by Cotin
      Cotin Level 1 Level 1 (0 points)

        According to WWDC 701 "Advances in macOS Security", Apple's suggestion is to use  FileManager.default.isReadableFile, FileManager.default.isWritableFile to test filesystem authorization. But these APIs always return true and we can always delete files in the folder, no matter the user allows the app to access these folders or not.

         

        Following is the code and phenomenons

         

        let path = "/Users/xxx/Documents"
        let file = "/Users/xxx/Documents/1.png"
        let isReadable = FileManager.default.isReadableFile(atPath: file) //return true
        let isWritable = FileManager.default.isWritableFile(atPath: file) //return true
        try? FileManager.default.removeItem(atPath: file) // file will be deleted
        guard let files = try? FileManager.default.contentsOfDirectory(atPath: path) else {
                    return
        } //This will trigger user consent prompt for the first time
        

         

        File in the protected folder can be deleted before authorization. Is this Apple's Bug?