top | item 41598917

(no title)

skrrtww | 1 year ago

This prompt is not even tied into the underlying TCC system; it's basically purely decorative. Failing to respond to the prompt, or responding "Open System Settings" to the prompt, does not even revoke the existing permission.

The prompt is also not even tied to the application bundle's code signature; tampering with the signature will not re-trigger the prompt. Nor will the prompt be re-triggered even if the application's entire bundle ID (com.example.example) changes.

No; the only way to re-trigger this prompt for an application is to rename the app bundle itself. That's right. Renaming Test.app to Test-dumb.app will trigger the prompt when nothing else will.

This isn't really worth criticizing that much because the prompt I think is designed as purely like a "don't forget about this" type of measure, and not one tied into actual security. But also that speaks greatly to the design challenges facing the TCC system more broadly, that this type of thing is seen as necessary.

discuss

pantulis|1 year ago

> I think is designed as purely like a "don't forget about this" type of measure

I believe this to be the correct way to see the "feature". While annoying, it's not bad to be reminded of sensitive shit you have installed. A month seems reasonable to me, but perhaps and override ("don't ever remind me any more") should be available.