1 Reply
      Latest reply on Dec 5, 2019 11:49 PM by Mussau
      Mussau Level 1 Level 1 (0 points)

        My app uses a helper application to move files around in the file system, and it's invoked via an AppleScript which is constructed on the fly as:

        do shell script "(helper path) (source) (destination)" with with administrator privileges

        Each of the arguments is done with "quoted form of" to ensure that there are no surprises with malformed names.


        The helper application is a dead simple Swift command-line tool:

        import Foundation
        let argumentCount = CommandLine.argc
        let argumentList = CommandLine.arguments
        assert(argumentCount == 3, "Usage: \(argumentList[0]) <source file> <destination folder>")
        let sourcePath = argumentList[1]
        let sourceURL = URL.init(fileURLWithPath: sourcePath)
        let destinationPath = argumentList[2]
        let destinationURL = URL.init(fileURLWithPath: destinationPath)
        let fileManager = FileManager.default
        do {
            try fileManager.moveItem(at: sourceURL, to: destinationURL)
        } catch {
            // Don't worry about errors at this point


        The problem is that, in Catalina but not in earlier systems, this fails if the destination is a protected folder (in this particular case, it will always be /Library/Keyboard Layouts). I get an error message that I don't have permission (if I put something into the catch block to see it). I can do the file move in the Finder by authenticating, so it should be possible. It looks as though the helper isn't getting the administrator privileges that I've given it.


        Am I diagnosing it correctly? Can something be done about it? I'd adopted this solution to get around the need to have a privileged helper that I had in the past, so it would be unfortunate if this can no longer be done.



        • Re: Different AppleScript problem with Catalina?
          Mussau Level 1 Level 1 (0 points)

          No answers?


          I've tried other methods of doing the move, such as avoiding the helper application and calling /bin/mv or /bin/cp directly in the shell script, but these apparently end up being sandboxed and so unable to move files. Trying to make the AppleScript into a 'tell application "Finder"' also fails, even if I give the app the capability of sending Apple events to other applications. Do I need to try constructing an actual Apple event and sending that? I've also tried giving both the main app and the helper app full disk access in System Preferences, but that hasn't helped.


          So, am I totally out of luck with Catalina? Is there a way for an app to move files into a folder which requires administrator privileges? Or do I have to tell users to do it with Finder, which some struggled to do?