codesigning and app permissions for programs that need filesystem access
nate at manicmind.earth
nate at manicmind.earth
Sat Apr 24 03:17:06 UTC 2021
I am running the latest Big Sur update. I was on Catalina last week and it had the same behavior.
> On Apr 23, 2021, at 9:12 PM, Andrew Janke <apjanke.floss at gmail.com> wrote:
>
> What version of macOS are you running? The SIP and sandboxing stuff
> changes from version to version...
>
>> On 4/23/21 8:12 PM, Nathaniel W Griswold wrote:
>> Do apps like emacs need to be ad-hoc codesigned to access privileged folders like Documents?
>>
>> The first time i installed the emacs-app-devel subport, it prompted me the first time i used it for accessibility control and access to folders like ~/Documents. Everything worked fine.
>>
>> But then i upgraded it and find-file started failing when accessing ~/Documents. The gui open still worked, though. I noticed in the system console errors that tccd was having trouble transferring info in the system databases about the app, so i ad-hoc codesigned Emacs.app and relaunched, and it reprompted me for access and everything started working as normal again.
>>
>> But did i have to do this? Are features like access to ~/Documents supposed to work without code signing? I did notice some errors in the console about a missing file /private/var/db/DetachedSignatures (what i understand from googling to be a system sqlite db). I think this might be used for unsigned apps that need features like this, like for this exact situation, but i don’t have it on my system for some reason and these errors don’t cause it to be created.
>>
>> Anyone know about this?
>>
>> Nate
>>
More information about the macports-dev
mailing list