MacOS security of files and folders, best practice in 2022

Hi, I’m a little frustrated about security in recent versions of macOS.

I have and app that stores three folders (those can be anywhere, but normaly on external drives). Those path are stored in text files. And the user can choose from these text files. (the file store information about path, templates and projects…pretty basic). But trying to do anything like create folders inside these path, always gives me access problems… I have to choose those path all the time for them to work…

so, can someone point me in the right direction now in 2022… is it:
Add Kit from Ohanasoft
CFbookmarks from MBS
SSB and all those
recent items

I was so close to put this app out on the mac app store, but this is a really big show stopper :slight_smile:


yours sincerely

To avoid this for Mac Store apps, create folders in

If the user wants the data elsewhere, copy it to their external drive if they want a ‘backup’
And probably offer a ‘restore from external’ if they choose.

Any documents they create, give them a ‘save dialog’ and you should be fine to use documents. (or possibly a documents folder specific to your sandboxed app at any rate)

OSX will allow you easy access to these folders, and painful access to anything else.

Outside of the App Store, I recommend my customers turn on permission for my app to use documents , downloads, and similar folders.

(Sooner or later , Nanny McApple will deny me access to those again, and I will have to think of something else)

Mac App Store demands your app to be in the Sandbox and to ask for permission if it wants to read/write outside the Sandbox.

Sandbox gives you access to some folders (like Desktop, Documents, Downloads, Movies, Music, Pictures and tmp) with an entitlement. For everything else you will have to ask the user for permisson or use security-scoped bookmarks, if you don’t want to ask the user every time…

Having a version in the Mac App Store does make it findable from within the Mac App Store application, and there is a percentage of potential customers who won’t buy apps from outside of the App Store (They’re worried about being scammed, but are more likely to be scammed from within the App Store). In reality, putting you app on the Mac App Store, doesn’t magically generate you sales, you still need you to promote/market your application, just like you would if you hosted it on your own site.

The recommended way to do what you want is.

  1. Use a Open, Save or SelectFolder dialog to ask the user the location for the files (requires an entitlement to display such a dialog).
  2. Create a SSB and store it somewhere your application can easily access (like preferences or application support).
  3. Every time your application need to access anything within those folders, you request permission from the macOS, do your thing and then relinquish permission. You have 90 seconds to get everything you need done (or do it in smaller chunks), otherwise the OS will release it for you, too many OS releases and it can lead to your application being locked out from all files.

Or avoid all that nonsense and just distribute it on your own site.

1 Like