Full Disk Access label is still "Denied" even after adding the app in the "Security & Privacy" section

[danielemaddaluno]

I'm using a macOS Catalina 10.15.3.
I have launched PermissionsKitTestApp-Sandboxed.
After launched it i clicked on Full Disk Access "Authorize", then I manually add the "PermissionsKitTestApp-Sandboxed.app" to the list.
It prompts me to restart the app, when restarted the UI is exactly as before ("Denied" is still there).

[danielemaddaluno]

Inside the _fullDiskAuthorizationStatus of MPFullDiskAccessAuthorizer.m I noticed that:
after this line:
NSData *data = [NSData dataWithContentsOfFile:path];
data is always nil (in both cases, with permission on and off in the Security and Privacy)

[zackdotcomputer]

Yup - I'm seeing the same thing after translating this code out into Swift on OS 10.15.7. It looks like Apple has protected the files in Safari's Library folder from binaries even if they have full disk access, so that check always returns false. I've confirmed that my app can read and write from other locations like ~/Desktop even though the check shows "denied"

[zackdotcomputer]

I wrote that comment before I actually understood what was going on here. The issue I was having (and perhaps what OP was having as well) is that Full Disk Access doesn't actually give you full disk access if your app is running sandboxed. Apple should probably prevent you from adding a sandboxed app to the Full Disk Access list as it just causes confusion but shrug here we are. You either have to remove the sandbox (in which case you can't distribute through the app store) or work around the need for Full Disk Access some other way.