macOS app whitelist

I’m having a startup problem with my app on Big Sur, on a friend’s machine. The app has never been on her machine before. She’s running Bug Sur.latest on a MacBook Air. The problem occurs right at the start of execution, where the app is checking that it can write to where it needs to, which ought to be Specialfolder.Documents. It quits if it can’t do that, with the message as reported by my friend. The app is codesigned and notarised courtesy of Our Sam.

Now, I wondered if, when an app is installed, macOS is more lenient if the app was already on the machine and had been carried over from older OS versions. My wife is running the same Big Sur on an M1 Mini. I just tried removing the app and then downloading from my website just as my friend did. That one I could put in /Applications with no trouble and run as expected.

Does macOS keep a list of apps it has previously OKed a list of receipts where I could remove that one and retry here? It would be a lot quicker if I can duplicate the failure here on my wife’s machine, without having to dust off an old Mini and install Big Sur on it.

I think the most likely culprit will be the Security preferences, under the Privacy tab, Files and Folders. It sounds like this person chose no when asked if the app could access the documents folder. Otherwise, it sounds kind of like sandboxing, but I doubt you’ve sandboxed your app.

1 Like

Ah could be could be. I tried disabling that on my wife’s machine and got a message that hails from a touch later in the startup sequence, but I’ll pass this onto my friend 6000 miles away and meanwhile fiddle around a bit more here.


Thom is most likely correct, In the “Capabilities” pane of App Wrapper, make sure you fill in the usage message for “Documents” folder, as the request for permission dialog may not even show without a message being set. Some do and some don’t.

Getting very tired of people doing this / Apple for having caused the situation.

Been doing some testing on an Intel Air running Big Sur. Results were at best patchy, in terms of whether the permission dialog showed or not. But this did improve after I added a usage message as you suggested and had AppWrapper 4.4 (210) build a .pkg installer. I could then install on the Air and run the app, variously allowing and refusing permission.

This did create a new oddity. First time running the pkg installer, it put my app into /Applications/Adobe/ with no option to choose a destination. So I went back and looked through AppWrapper to see what I might have overlooked and tried Destination on the General pane. Result of this, though, was that the installer completed as previously but no sign of the app anywhere on the Air. What AppWrapper options do I need to set in order for the pkg installer to have the Destination option enabled with /Applications as the default?

There are no options for the installer to set the destination. This - as usual - is handled by Apple’s “we know best what you want”. I had fun with the installer installing apps into the trash after I moved an app to the trash.