A macOS developer has discovered an exploit that can bypass the operating system’s file privacy and security protections.
The exploit, created by developer Jeff Johnson, impacts the “Transparency, Consent, and Control” (TCC) framework that was introduced in macOS Mojave. Johnson also tested the exploit in macOS Catalina and the first macOS Big Sur beta.
Essentially, the TCC framework restricts the ability for apps in macOS to access certain protected files or folders. As an example, Johnson writes that an app may not have access to the ~/Library/Safari folder unless it is explicitly granted.
Read more at AppleInsider.com