I was building a lightweight imitation of OpenClaw. Just a Claude.md and iMessage watcher. I had to play around with Privacy a lot to be able to read my iMessages database, and do a lot of iTerm restarting.
I was building a lightweight imitation of OpenClaw. Just a Claude.md and iMessage watcher. I had to play around with Privacy a lot to be able to read my iMessages database, and do a lot of iTerm restarting.
I remember it being worse a while ago. But most of the time I can drag a binary into Settings->Privacy & Security->Full Disk Access or other things (Accessibility API). Maybe other issues come up.
I feel like it should still be much easier, but the general sandboxing model seems directionally functional. (My understanding is containerization isn't a silver bullet security-wise, still requires fiddling, and would be a resource hog ram-wise if not CPU?)
I wish I could pick a parent folder/file and get a box to control everything (network/disk/folders/peripherals/accessibility).