Apple is adding more privacy protections in macOS 10.14 Mojave. Mac applications must request permission before accessing data like your photos, emails, webcam, microphone, calendars, and contacts. If an app tries accessing protected resources without permission, it may crash.
macOS Mojave provides additional protection for your private data. In the past, apps running on your Mac could access much of this data without asking you for permission. Now, to better protect against malware or sneaky apps viewing your data without your permission, apps must request access to more resources.
This permission system is similar to the one on Apple’s iPhones and iPads. However, it’s a bit clunkier because Apple designed the mobile iOS operating system for permissions from day one. On the macOS side, there’s a universe of older Mac applications that don’t understand permissions. These apps assume they have access to these resources, which can cause problems.
Most of the time, you won’t even notice this new permission system, and you won’t need to think about it. Any problems should become rarer as app developers update their applications to work properly with macOS Mojave, too. But you may have some teething issues while running older applications.
This works differently from standard file and folder permissions, which still work in the traditional way. For example, if you’re running an application from your user account, it can only access files to which your user account has access. But, with these additional permissions, that app won’t have access to your photo library unless you explicitly allow it—even though your user account has access to your photo library. It’s an additional, more granular layer of restrictions.
Apps must prompt you for permission before accessing location services, contacts, calendars, reminders, and your photo libraries. They must also get your permission before accessing your camera, microphone, or your Mac’s automation features. Importantly, the app’s developer has to declare these capabilities as part of the app. In other words, if an app’s developer hasn’t designed the app to ask for photo permission, you can’t give the app access to your photo library.
Apps also don’t typically have access to special types of application data, including anything in your Mail app, messages, Safari browsing history, Safari cookies, Time Machine backups, and iTunes backups, without your permission. These types of special application data are included in the “Application Data” category in your Mac’s settings. You can give any app access to this special application data. There’s no way for app developers to request access to it.
The “accessibility” permission that allows apps to control your computer still exists, too.
Apps are supposed to prompt you when they want to access protected private information, such as your photos or contacts. You might see prompt messages when an app wants to access this data. Just agree to the prompt to give the app access, or click “Don’t Allow” to block it.
You can also configure these restrictions from your Mac’s System Preferences window. In fact, you might have to use this window if the app doesn’t prompt for access. You can also head here to revoke permission you’ve given, or allow permission you’ve previously denied.
To find these settings, click Apple menu > System Preferences > Security & Privacy > Privacy.
Go through the categories here to see which installed apps are capable of accessing which types of content. For example, to see which apps can access your photos, click the “Photos” category.
You can’t give an app access to this data if it doesn’t ask for it. If you want to provide an installed app access to your photo library but it doesn’t appear in this list and doesn’t ask for access to the photo library in the app itself, there’s no way to add it. The developer has to declare that capability in the app and release an update.
However, you can always export a photo from your library and save it in an unprotected folder, like your Documents or Desktop folders, and then open it in another application.
To choose which apps can access miscellaneous other app data, click the “Application Data” category. First, click the lock icon and type your password. You can then click the “+” button to add any installed app in this list, giving it access to application data like your mail, messages, history, cookies, and backups.
There’s no way for apps to request access to this data or declare they can handle it. You have to go to this pane and add them to the list manually if they need this access. For example, you might need to come here and give system tools access to your application data if they need to work with these protected folders.
Two problems might occur if an app doesn’t have access to a resource and you try accessing it. The app might simply crash, as macOS Mojave terminates it for trying to do something that isn’t allowed.
In other cases, macOS Mojave will just not let the app see the data. For example, you may try opening a protected folder only to see its contents as blank and empty.
If the app crashes or can’t access data, but doesn’t prompt for access, go into your Security & Privacy pane and give the app access to the category of data, if possible.
If you need to access a file in a protected location, copy it to a not-protected location. For example, if you have an email attachment you want to open, go into Mail and save the attachment to a folder like your Documents or Desktop folders, which aren’t protected. If you want to access a photo in your photos library, export a copy of the photo to your Documents or Desktop.
If the app needs to access a type of data, but you can’t give it access to that data, contact the app’s developer and let the developer know the problem. This is likely an issue the app developer needs to fix. Problems should become less common as developers update their apps for Mojave.