What does it mean to give apps access to Documents folder on Mac?
Solution 1:
The normal Unix permissions system gives the user an area of the disk for their files (the user domain). Apps and other processes launched by the user run 'as the user' and can read and write anywhere in the user domain, (but not in another user's domain, or in system areas.)
Similarly, processes run by other users can't read or write in your user account. (Note that System processes are often 'other users'.)
Catalina and Big Sur are even stricter, requiring the user's express permission for an app to read and write to the Documents folder. This essentially creates a white-list of apps that are allowed in the Documents folder. There are similar white-lists for your Desktop folder, Downloads, and network volumes and external drives.
This added security means that a malicious app, unwittingly launched by the user, can't access your files in the Documents folder, without your express permission. Thus, the Documents folder is safer than other folders on the disk.
Other folders in your user domain are not protected in this way, and can be read or written by any process that you launch.
It comes at the cost of a significant annoyance factor and user tendency to click "Yeah, yeah, yeah" whenever they see it, which somewhat reduces its efficacy.
Normally, we expect apps to be able to read and write our files. If MS Word couldn't read .docx
files, and couldn't save them either, then the app would be useless.
You can reasonably expect commercial applications not to rifle through your correspondence in the hope of finding and transmitting something of use or value. The discovery of such a practice would lead to customers abandoning the app, and likely legal proceedings. (Unless you've agreed that the company can scan your data, as with Gmail and Google docs.)
The best way to secure your data is by encrypting your disk with FileVault, using strong passwords on the user account at login and wake from sleep, and by following good practice for safe computing, e.g. not downloading anything from dodgy sites, or when told 'you need to install Flash' etc.