Following Dropbox-related security concerns that surfaced earlier this month, developer Phil Stokes has confirmed that macOS Sierra now explicitly requires apps to ask for user permission to access Accessibility (via Daring Fireball). Users can give access to an app, or click "not now" to deny the request.

dropbox-accessibility-permission
Concerns were raised after it was demonstrated that Dropbox appears in System Preferences > Security & Privacy under Accessibility, despite the fact that users were never prompted to grant access to the features. More details can be found in our previous coverage and in a Dropbox support document.

Let’s assume for the sake of argument that Dropbox never does any evil on your computer. It remains the fact that the Dropbox process has that ability. And that means, if Dropbox itself has a bug in it, it’s possible an attacker could take control of your computer by hijacking flaws in Dropbox’s code. Of course, that’s entirely theoretical, but all security risks are until someone exploits them. The essence of good computer security and indeed the very reason why OSX has these kinds of safeguards in place to begin with is that apps should not have permissions greater than those that they need to do their job.

At the time, Dropbox said it was working with Apple to reduce its dependence on elevated access in macOS Sierra, and would respect when people disable the app's Accessibility permissions, but now a much-needed safeguard exists regardless.

In a new blog post, Dropbox still recommends that Mac users running macOS Sierra update their Accessibility permissions, if needed, to ensure smooth syncing and access to certain features of the cloud storage service.

Advanced Dropbox collaboration features, such as the badge, require Accessibility permissions. You’ll be prompted to grant these permissions when you install the Dropbox desktop app on macOS Sierra. To do so, follow the instructions on screen. The same will apply for older versions of OS X in the coming weeks. For more information on Dropbox Mac permissions, visit our help center.

macOS Sierra was publicly released today as a free update on the Mac App Store.

Related Forum: macOS Sierra

Top Rated Comments

dragje Avatar
65 months ago
Drop-who?

However in all seriousness, I abandoned Dropbox ages ago and migrated to Google Drive and have never looked back.

Dropbox are "ok" no doubt but lack so many features and compared to Google are seriously slow. My file transfers since switching to Google Drive have more than tripled!
I'll never move my documents to Google Drive which enables the company to look inside within each document for commercial exploitation usage. For the same very reason I rarely using Google as a search engine, simply because I truly hate the so called targeting adds, as if I'm considdered to be a f*beep*ing monkey that would be interested in camera's for weeks just because I was searching for one at one given day. Google makes sure that all the adds on websites, in one way or the other, has something to do with camera's.

I'll regret the day that I might not care about this any longer, that I'm willingly stop using my brains and surrender myself entirely to commercial exploitation and accept that I've become a slave for a company by providing them personal information about myself and by agreeing that "to think yourself" is something one should not do. For the same reason I don't make use of facebook, delete apps that requires a facebook and/or a Google account and doesn't enable me to login besides these options.

I grew up in the world where the internet became big. And I'm really became fascinated with the phenomenon called the internet. And I should because it delivers also so much good. But I've never been able to understand why people willingly give away all of their private information, especially knowing that there is no such thing as: 'I've nothing to hide'
Score: 7 Votes (Like | Disagree)
simonmet Avatar
65 months ago
I came here to say the same thing. No matter which box you click: "Not Now", "Learn More", or obviously the third one, it puts itself in Accessibility.

My response was to remove Dropbox from my computer.
This is an OS X behaviour and unrelated to Dropbox. OS X is putting it there and this I believe is nothing new. The problem before was that Dropbox seemingly exploited loopholes or weakness in OS X to enable those privileges without asking.

It also replicates behaviour in iOS. If you deny an app permission to send you notifications or have access to your location the app still appears in the relevent settings so you can subsequently enable the permissions later if you so choose without having to delete and reinstall the app.

So it's entirely appropriate and normal that OS X puts it there.
Score: 5 Votes (Like | Disagree)
Michaelgtrusa Avatar
65 months ago
Well done Apple.
Score: 2 Votes (Like | Disagree)
Pakaku Avatar
65 months ago
I chose "Not Now" and Dropbox still jumped into Accessibility—though unchecked. My question is, how does it get in there?
Sounds like the OS itself just keeps a history of whatever has attempted to ask for permission, and anything the user denied permission for is just left there unticked.
Score: 2 Votes (Like | Disagree)
sesnir Avatar
65 months ago
I chose "Not Now" and Dropbox still jumped into Accessibility—though unchecked. My question is, how does it get in there?
I came here to say the same thing. No matter which box you click: "Not Now", "Learn More", or obviously the third one, it puts itself in Accessibility.

My response was to remove Dropbox from my computer.
Score: 2 Votes (Like | Disagree)
smacrumon Avatar
65 months ago
Drop-who?

However in all seriousness, I abandoned Dropbox ages ago and migrated to Google Drive and have never looked back.

Dropbox are "ok" no doubt but lack so many features and compared to Google are seriously slow. My file transfers since switching to Google Drive have more than tripled!
And I guess you're happy for Google to peruse your files on a daily basis.
[doublepost=1474429813][/doublepost]This is really interesting. Who would have thought MacOS could be circumvented like this? I certainly didn't. Yep post those permission warnings just like iOS vigilantly does.
Score: 1 Votes (Like | Disagree)

Top Stories

iphone 12 colors 2021

iPhone 12 Colors: Deciding on The Right Color

Thursday November 5, 2020 8:35 am PST by
The iPhone 12 and iPhone 12 Pro arrived last October in a range of color options, with entirely new hues available on both devices, as well as some popular classics. The 12 and 12 Pro have different color choices, so if you have your heart set on a particular shade, you might not be able to get your preferred model in that color. iPhone 12 mini and iPhone 12 The iPhone 12 mini and iPhone 12...
iPhone 13 Dummy Thumbnail 2

Full iPhone 13 Feature Breakdown: Everything Rumors Say We Can Expect

Tuesday August 31, 2021 7:50 am PDT by
With the launch of Apple's iPhone 13 lineup believed to be just a few weeks away, we have compiled all of the coherent rumors from our coverage over the past year to build a full picture of the features and upgrades coming to the company's new smartphones. For clarity, only explicit improvements, upgrades, and new features compared to the iPhone 12 lineup are listed. It is worth noting that...
original iphone

Phil Schiller Says iPhone Was 'Earth-Shattering' Ten Years Ago and Remains 'Unmatched' Today

Monday January 9, 2017 7:15 am PST by
To commemorate the tenth anniversary of the iPhone, Apple marketing chief Phil Schiller sat down with tech journalist Steven Levy for a wide-ranging interview about the smartphone's past, present, and future. The report first reflects upon the iPhone's lack of support for third-party apps in its first year. The argument inside Apple was split between whether the iPhone should be a closed...
macbook air deals

Deals: Amazon Drops Price of 256GB M1 MacBook Air to New Low of $849.99 ($149 Off)

Friday August 27, 2021 6:16 am PDT by
Amazon today introduced new low prices on the M1 MacBook Air for both 256GB and 512GB storage options. To start, you can get the 256GB model for $849.99, down from an original price of $999.00. Note: MacRumors is an affiliate partner with Amazon. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running. Only Silver and Gold are...
iCloud General Feature

iCloud+'s New Custom Email Domain Feature Now Available in Beta

Wednesday August 25, 2021 7:48 am PDT by
Starting with iOS 15, iPadOS 15, and macOS Monterey, users with a paid iCloud+ storage plan can personalize their iCloud email address with a custom domain name, such as johnny@appleseed.com, and the feature is now available in beta. iCloud+ subscribers interested in setting up a custom email domain can visit the beta.icloud.com website, select "Account Settings" under their name, and select ...
iPhone 13 Dummy Thumbnail 2

Kuo: iPhone 13 to Feature LEO Satellite Communications to Make Calls and Texts Without Cellular Coverage

Sunday August 29, 2021 7:39 am PDT by
The iPhone 13 will feature low earth orbit (LEO) satellite communication connectivity to allow users to make calls and send messages in areas without 4G or 5G coverage, according to the reliable analyst Ming-Chi Kuo. In a note to investors, seen by MacRumors, Kuo explained that the iPhone 13 lineup will feature hardware that is able to connect to LEO satellites. If enabled with the relevant...
maxresdefault

New MacBook Pro Models Coming at WWDC, Suggests Leaker

Monday May 24, 2021 1:27 pm PDT by
New MacBook Pro models are coming at WWDC, according to leaker Jon Prosser who has a mixed track record when it comes to predicting Apple's plans. Subscribe to the MacRumors YouTube channel for more videos. Prosser provided no additional information, but there are new 14 and 16-inch MacBook Pro models in the works. The new MacBook Pros will feature the most radical redesign to the MacBook Pro ...
omg lightning cable comparison

Security Researcher Develops Lightning Cable With Hidden Chip to Steal Passwords

Thursday September 2, 2021 6:59 am PDT by
A normal-looking Lightning cable that can used to steal data like passwords and send it to a hacker has been developed, Vice reports. The "OMG Cable" compared to Apple's Lightning to USB cable. The "OMG Cable" works exactly like a normal Lightning to USB cable and can log keystrokes from connected Mac keyboards, iPads, and iPhones, and then send this data to a bad actor who could be over a...
ted lasso notchless phone

No, That Notchless iPhone Spotted in 'Ted Lasso' Isn't the iPhone 13

Tuesday August 31, 2021 2:15 am PDT by
Recent sightings of a notchless iPhone in highly popular Apple TV+ comedy "Ted Lasso" have led to sensational headlines suggesting this is a canny bit of product placement on Apple's part and that the iPhone 13 will be notchless. In actuality – and this could go without saying – the phone in question is very likely just showing a poorly superimposed display added in post-production. Notchless ...
calculatorapp

iOS 11 Bug: Typing 1+2+3 Quickly in the Calculator App Won't Get You 6

Tuesday October 24, 2017 2:03 pm PDT by
A bug in the built-in Calculator app in iOS 11 is getting some major attention this week, despite the fact that it's been around since iOS 11 was in beta testing. At issue is a calculator animation that causes some symbols to be ignored when calculations are entered in rapid succession. You can try it for yourself: Type 1+2+3 and then the equals sign into the Calculator app quickly. Due to...