Following Dropbox-related security concerns that surfaced earlier this month, developer Phil Stokes has confirmed that macOS Sierra now explicitly requires apps to ask for user permission to access Accessibility (via Daring Fireball). Users can give access to an app, or click "not now" to deny the request.

dropbox-accessibility-permission
Concerns were raised after it was demonstrated that Dropbox appears in System Preferences > Security & Privacy under Accessibility, despite the fact that users were never prompted to grant access to the features. More details can be found in our previous coverage and in a Dropbox support document.

Let’s assume for the sake of argument that Dropbox never does any evil on your computer. It remains the fact that the Dropbox process has that ability. And that means, if Dropbox itself has a bug in it, it’s possible an attacker could take control of your computer by hijacking flaws in Dropbox’s code. Of course, that’s entirely theoretical, but all security risks are until someone exploits them. The essence of good computer security and indeed the very reason why OSX has these kinds of safeguards in place to begin with is that apps should not have permissions greater than those that they need to do their job.

At the time, Dropbox said it was working with Apple to reduce its dependence on elevated access in macOS Sierra, and would respect when people disable the app's Accessibility permissions, but now a much-needed safeguard exists regardless.

In a new blog post, Dropbox still recommends that Mac users running macOS Sierra update their Accessibility permissions, if needed, to ensure smooth syncing and access to certain features of the cloud storage service.

Advanced Dropbox collaboration features, such as the badge, require Accessibility permissions. You’ll be prompted to grant these permissions when you install the Dropbox desktop app on macOS Sierra. To do so, follow the instructions on screen. The same will apply for older versions of OS X in the coming weeks. For more information on Dropbox Mac permissions, visit our help center.

macOS Sierra was publicly released today as a free update on the Mac App Store.

Related Forum: macOS Sierra

Top Rated Comments

dragje Avatar
66 months ago
Drop-who?

However in all seriousness, I abandoned Dropbox ages ago and migrated to Google Drive and have never looked back.

Dropbox are "ok" no doubt but lack so many features and compared to Google are seriously slow. My file transfers since switching to Google Drive have more than tripled!
I'll never move my documents to Google Drive which enables the company to look inside within each document for commercial exploitation usage. For the same very reason I rarely using Google as a search engine, simply because I truly hate the so called targeting adds, as if I'm considdered to be a f*beep*ing monkey that would be interested in camera's for weeks just because I was searching for one at one given day. Google makes sure that all the adds on websites, in one way or the other, has something to do with camera's.

I'll regret the day that I might not care about this any longer, that I'm willingly stop using my brains and surrender myself entirely to commercial exploitation and accept that I've become a slave for a company by providing them personal information about myself and by agreeing that "to think yourself" is something one should not do. For the same reason I don't make use of facebook, delete apps that requires a facebook and/or a Google account and doesn't enable me to login besides these options.

I grew up in the world where the internet became big. And I'm really became fascinated with the phenomenon called the internet. And I should because it delivers also so much good. But I've never been able to understand why people willingly give away all of their private information, especially knowing that there is no such thing as: 'I've nothing to hide'
Score: 7 Votes (Like | Disagree)
simonmet Avatar
66 months ago
I came here to say the same thing. No matter which box you click: "Not Now", "Learn More", or obviously the third one, it puts itself in Accessibility.

My response was to remove Dropbox from my computer.
This is an OS X behaviour and unrelated to Dropbox. OS X is putting it there and this I believe is nothing new. The problem before was that Dropbox seemingly exploited loopholes or weakness in OS X to enable those privileges without asking.

It also replicates behaviour in iOS. If you deny an app permission to send you notifications or have access to your location the app still appears in the relevent settings so you can subsequently enable the permissions later if you so choose without having to delete and reinstall the app.

So it's entirely appropriate and normal that OS X puts it there.
Score: 5 Votes (Like | Disagree)
Michaelgtrusa Avatar
66 months ago
Well done Apple.
Score: 2 Votes (Like | Disagree)
Pakaku Avatar
66 months ago
I chose "Not Now" and Dropbox still jumped into Accessibility—though unchecked. My question is, how does it get in there?
Sounds like the OS itself just keeps a history of whatever has attempted to ask for permission, and anything the user denied permission for is just left there unticked.
Score: 2 Votes (Like | Disagree)
sesnir Avatar
66 months ago
I chose "Not Now" and Dropbox still jumped into Accessibility—though unchecked. My question is, how does it get in there?
I came here to say the same thing. No matter which box you click: "Not Now", "Learn More", or obviously the third one, it puts itself in Accessibility.

My response was to remove Dropbox from my computer.
Score: 2 Votes (Like | Disagree)
smacrumon Avatar
66 months ago
Drop-who?

However in all seriousness, I abandoned Dropbox ages ago and migrated to Google Drive and have never looked back.

Dropbox are "ok" no doubt but lack so many features and compared to Google are seriously slow. My file transfers since switching to Google Drive have more than tripled!
And I guess you're happy for Google to peruse your files on a daily basis.
[doublepost=1474429813][/doublepost]This is really interesting. Who would have thought MacOS could be circumvented like this? I certainly didn't. Yep post those permission warnings just like iOS vigilantly does.
Score: 1 Votes (Like | Disagree)

Top Stories

affinity designer contour tool

Serif Updates Affinity Photo, Designer, and Publisher With New Tools and Functions

Thursday February 4, 2021 1:58 am PST by
Serif today announced across-the-board updates for its popular suite of Affinity creative apps, including Affinity Photo, Affinity Designer, and the Apple award-winning Affinity Publisher for Mac, all of which were among the first professional creative suites to be optimized for Apple's new M1 chip. "After another year which saw record numbers of people switching to Affinity, it's exciting to...
studio buds family

Beats Studio Buds Debuting Today With Active Noise Cancellation, Stemless Design, and More for $150

Monday June 14, 2021 8:00 am PDT by
We've seen a lot of teasers about the Beats Studio Buds over the past month since they first showed up in Apple's beta software updates, and today they're finally official. The Beats Studio Buds are available to order today in red, white, and black ahead of a June 24 ship date, and they're priced at $149.99. The Studio Buds are the first Beats-branded earbuds to truly compete with AirPods...
maxresdefault

Craig Federighi and Greg Joswiak Discuss iPadOS 15, macOS Monterey, Privacy, Shortcuts on Mac, and More

Saturday June 12, 2021 6:12 am PDT by
As is tradition, Apple executives Craig Federighi and Greg Joswiak joined Daring Fireball's John Gruber in an episode of The Talk Show to discuss several announcements that Apple made over this weeks WWDC, including iPadOS 15, macOS Monterey, and a large focus around privacy. Federighi kicks off the conversation discussing the common architecture, now thanks to Apple silicon, across all of...
youtube apple tv

YouTube Discontinuing 3rd-Generation Apple TV App, AirPlay Still Available

Wednesday February 3, 2021 3:09 pm PST by
YouTube is planning to stop supporting its YouTube app on the third-generation Apple TV models, where YouTube has long been available as a channel option. A 9to5Mac reader received a message about the upcoming app discontinuation, which is set to take place in March.Starting early March, the YouTube app will no longer be available on Apple TV (3rd generation). You can still watch YouTube on...
adobe photoshop sketch ipad

Adobe Removing Photoshop Sketch and Illustrator Draw From App Store in July

Saturday June 26, 2021 4:02 pm PDT by
Adobe this week reminded customers that its Photoshop Sketch and Illustrator Draw apps will no longer be available for download on iOS and Android starting July 19. Adobe plans to stop supporting the apps for existing users on January 10, 2022. In a support document, Adobe said users can easily migrate to its Fresco app, which combines many Photoshop Sketch and Illustrator Draw drawing and...
REC ASA CODE2016 20160601 205816 2745

Elon Musk Reportedly Demanded to Become Apple CEO as Part of Potential Tesla Acquisition [Update: Musk Denies]

Friday July 30, 2021 9:04 am PDT by
Tesla CEO Elon Musk reportedly once demanded that he be made Apple CEO in a brief discussion of a potential acquisition with Apple's current CEO, Tim Cook. The claim comes in a new book titled "Power Play: Tesla, Elon Musk and the Bet of the Century," as reviewed by The Los Angeles Times. According to the book, during a 2016 phone call between Musk and Cook that touched on the possibility of ...
homepod feature blue2

Looking to Grab a HomePod Before They're Gone? These Retailers Still Have Stock

Monday March 15, 2021 6:54 am PDT by
Apple last week discontinued the original HomePod, marking just over three years on the market for the full-size smart speaker. If you're looking to purchase the larger HomePod before it's completely gone, there are still some options online today. The biggest retailer with remaining stock on the HomePod is Apple itself, which has the White HomePod for $299.00 on its website. Space Gray is...
september 2021 event ar logo

Apple's September 14 Event Page Features AR Logo on iPhone

Tuesday September 7, 2021 9:23 am PDT by
Apple this morning announced a digital-only event that will be held on Tuesday, September 14, and if you view the event webpage on an iPhone, you can tap on the logo to open up Apple's Safari AR viewer and you'll see the three-dimensional logo move in real-time in the real world. Just open up the event site on an ‌iPhone‌ or iPad and tap right on the logo to open up the AR version. The...
iphone 11 night mode photos

Apple Reveals New Night Mode Photo Feature Exclusive to iPhone 11 Series

Tuesday September 10, 2019 12:23 pm PDT by
Apple today announced the iPhone 11, iPhone 11 Pro, and the iPhone 11 Max, all-new models that boast improved cameras, and specifically, a dramatic new Night Mode photo feature. Last year, Google introduced its impressive Night Sight camera mode, a software-based feature that allows users to take detailed pictures in dark environments using Google Pixel smartphones. Apple's new Night...
iPhone 13 Dummy Thumbnail 2

Kuo: iPhone 13 to Feature LEO Satellite Communications to Make Calls and Texts Without Cellular Coverage

Sunday August 29, 2021 7:39 am PDT by
The iPhone 13 will feature low earth orbit (LEO) satellite communication connectivity to allow users to make calls and send messages in areas without 4G or 5G coverage, according to the reliable analyst Ming-Chi Kuo. In a note to investors, seen by MacRumors, Kuo explained that the iPhone 13 lineup will feature hardware that is able to connect to LEO satellites. If enabled with the relevant...