[mathemagics]

Agree that it is overall an improved experience. After upgrading, I discovered that a VPN app wanted access to my Documents folder. No reason it would need that, so I simply denied it. Lo and behold, the app continues to work just fine as expected. IMO, this alone is a big reason to upgrade to Catalina.

[cactus2093]

I wonder if maybe it just stores a settings file in there or something?

I've seen similar things with apps that request access to Dropbox or Google Drive just not being scoped granularly enough, so they just ask for access to your entire account to control a single file or folder. Which leads to a shitty situation, either you give up functionality like being able to declaratively override settings and sync them between machines, or you compromise your security and allow access. There's no way the PM for the product actually cares about granular permission scoping, so of course nobody actually implements in a safer way where you don't have to make this choice.

I haven't looked closely at the new MacOS permissions and how granular they can be, but I'm kind of curious how this will turn out. I suspect the average person will just get used to clicking allow on everything, so developers won't actually care about only asking for what they need, and not much will actually improve about security. But I hope to be proven wrong.

[mathemagics]

Apple provides APIs for saving app settings in the app's sandbox. They require no additional permissions.

You're probably right that it's not nefarious in this app's case, but rather just developer ignorance. But even so, this is the right path to nudge developers towards better security practices.

Also, the permissions are contextual. I didn't see this dialog until I launched the app. Similarly, the first time an app wants to show a notification, the system prompts you to allow / deny it. I'm sure Apple can polish this more over time. But I will take this over the "nearly full-system access by default" paradigms that dominate desktop OS's.

[72deluxe]

Settings should be under ~/Library somewhere (perhaps ~/Library/Preferences?) and not in the Documents directory.

[cactus2093]

I've seen a number of apps that store settings or presets in Documents. Kind of the same ideas as dotfiles in your home directory, which seems pretty reasonable and I don't think there's one agreed right place for any of this.

A nice benefit of storing them in Documents is that it syncs to icloud automatically even on the free tier, so you can share it between all your computers.

[Osiris]

Another issue that comes up in these scenarios is after denying to change your mind. How do you give the app access now?

It's often not straight forward and often getting in some system settings somewhere. Android has this problem.

[mathemagics]

Had the same concern, but the dialog tells you how to change it. Not only that, it'll take you directly to the correct location in system preferences, where all the apps & their permission status are listed.

[draugadrotten]

So what you are saying is that you don't trust the application to access your Documents folder, but you trust it with creating a VPN tunnel to keep your network traffic safe?

uhmm....

To me, it seems that if the Documents permission dialogue in fact caught the app doing anything bad, it should remove all trust for the app and the developer. It's all or nothing, really.

[mathemagics]

No, what I'm saying is that a VPN application does not need access to my Documents folder, and if it tries to access it, then I'd like to know about it.

Nor do I entrust it with all my network traffic. As to whether it warrants completely removing the app or not, it's up to the user to decide, isn't it?