macOS 10.15 Catalina Adds Additional Filesystem Restrictions

| | 4 Comments| 5:47 PM
Categories:

macOS 10.15 (Catalina) has added additional Privacy restrictions that require user intervention before applications can access the certain portions of the filesystem. Not only that, but taking screenshots for this post required permissions to be explicitly granted to Skitch. If you find that Skitch only gives you a screenshot of your Mac’s background, this is the post for you. The fact that macOS 10.15 introduces new security and privacy safeguards is unsurprising as we got introduced to stricter automation controls in Catalina’s predecessor.

Let’s look at what happens when we try to cd ~/Documents in the macOS 10.15 Terminal app:

We’re greeted by a dialog box presented by Finder requesting specific permission for Terminal to access files in the Documents folder:

"Terminal" would like to access files in your Documents folder. Once this permission is granted, Terminal can access the contents of ~/Documents. If the permission isn’t granted, trying to ls ~/Documents results in something along the lines of:

[code lang=text]
# ls ~/Documents
ls: Documents: Operation not permitted
[/code]

Updating which filesystem access permissions have been granted for a given application can be accomplished in the Security & Privacy preference panel. In this example Terminal has been granted access to the Documents folder whereas iTerm has not been granted any access.

It was an added bonus while writing this post that even trying to take a screenshot with Skitch on Catalina prompted a dialog requesting explicit access. The final result was that I’ve now authorized Skitch to capture my screen:

There has been much speculation regarding Apple’s WWDC 2019 announcement of Sign in with Apple as to its real intent. What is clear (to me, at least) is that Apple is positioning itself as the guardian of security and privacy (compared to Facebook and Google who are clearly not in the interest of safeguarding either), whether it is Sign in with Apple or tighter controls around what applications can access your data on your own Mac.

4 thoughts on “macOS 10.15 Catalina Adds Additional Filesystem Restrictions”

  1. Skitch will do screen grabs for me but i can not share them directly with neither the messages nor Mail app. I have to drag the capture and drop it somewhere on the hard drive… And then in finder drag the image to either of those apps

  2. MacBook Pro newby here, read this before installing and it work way better than Skitch does on my Win2016 workstation. I always wanted to try a Mac. Windows is not allowed on any of my personally owned computers and I needed more power than I have on my junker Linux computers. Tomorrow will be a week on my Amazon Refurbished MacBook Pro 15 – mid 2015/Catalina. Everything I try has been resolved by google, usually in 5 minutes or less. Rock and Roll!

Leave a Reply to Alex Cancel reply

Your email address will not be published. Required fields are marked *