MacOS Protection Gates

[Zexthero]

Q:

So in my invented scenario I'm installing a Legit app from a verified developer. - MacOS

Let's say that for a "unspecified reason" the developer is including some malware in the next update for his app.

If the app does not have access to

-Sudo privileges

-Administrator Privileges

-Full Disk Access

-Not even Basic Folders like Documents or Desktop

Can the app affect my Mac or steal any information or data in any way?

I know it's a beginner question but I'm wondering how secure macOS really is.

 

[galad]

Such app will still be able to read/write to all of your other user folders, only user Documents / Desktop / Downloads and a few others are protected. So if you want to protect something better put it in those folders.

A sandboxed app instead won't be able to access (almost) anything unless you allow it manually. So sandboxes apps are a bit more secure. All App Store apps (with the exception of a few apps made by Apple) are sandboxed.

However, operating systems are so complex that it's always possible to find a bug to workaround every security barrier, so you can't never be sure. But such bugs are hard to find, and it's much easier to prompt the user for permission, because most people don't read anything and just click "OK" anyway.

I wouldn't worry to much. Avoid downloading things from weird websites.

 

[Zexthero]

Such an app will still be able to read/write to all of your other user folders, only user Documents / Desktop / Downloads and a few others are protected. So if you want to protect something better put it in those folders.

A sandboxed app instead won't be able to access (almost) anything unless you allow it manually. So sandboxes apps are a bit more secure. All App Store apps (with the exception of a few apps made by Apple) are sandboxed.

However, operating systems are so complex that it's always possible to find a bug to workaround every security barrier, so you can't never be sure. But such bugs are hard to find, and it's much easier to prompt the user for permission, because most people don't read anything and just click "OK" anyway.

I wouldn't worry to much. Avoid downloading things from weird websites.

That’s fascinating, I didn't know some of these things.

Actually my main concern is the Apple app “Notes” I keep there my passport and lots of important files, I still wanna know if it's possible for a malware to access those informations. Excluding of course full disk access and sudo privileges.

 

[hwojtek]

Actually my main concern is the Apple app “Notes” I keep there my passport and lots of important files, I still wanna know if it's possible for a malware to access those informations. Excluding of course full disk access and sudo privileges.

Your main concern should be storing sensitive information in an app that is not designed to hold sensitive information. There is a reason "secure notes" are available in Keychain Access.app.

 

[Zexthero]

Your main concern should be storing sensitive information in an app that is not designed to hold sensitive information. There is a reason "secure notes" are available in Keychain Access.app.

I don't think that "Secure Notes" have support for PDF's or neither JPG files. Also, I need access to that information on my iPhone to, which is impossible using "Secure Notes", that's why I chose to store my data on the "Notes" app because is more simple and convenient, but just for a security measure I still need to know if malware can read "Notes" data on MacOS, in a scenario where the malware doesn't have Full disk access, neither Sudo Privileges.