Is this a bug, security vulnerability, or just an oversight? It’s not clear to me.
As a precaution would it be a good idea to run that reset command for all apps?
Is this a bug, security vulnerability, or just an oversight? It’s not clear to me.
As a precaution would it be a good idea to run that reset command for all apps?
This is an oversight in the UI. None of the systems are malfunctioning, it's just that there's no affordance in the UI for the implicit consent flow.
These are considered security UI bugs. They are a subcategory of security bugs, since they result in users lacking control or awareness over permissions. If this were a Chromium bug it would get a CVE.
No?
It’s Apple’s performative “security” (showing popups and asking the user for all sorts of permissions) overlapping with some pragmatic choices about how files and folders work. For me the gap is in Settings & Privacy - 1) it should be clear that the app has been given permission and 2) it should be harder to give permission once you’ve explicitly disabled it. 3) (nice to have) Apple should get rid of permissions that make you restart the app because it’s 2026 lol.