"Google Chrome wants access to control Finder", should I be worried?
Solution 1:
Is this normal or should I be worried about malware?
I'd say it's not unusual that apps ask for additional access to the file system or permissions to control other apps, and you shouldn't be worried about malware, but that doesn't mean you have to blindly accept such requests.
I recommend that you ponder carefully whether to grant them by answering these three questions:
- Do you understand what is requested?
- Was the request triggered by user interaction (like launching the app, saving a document to disk or starting an Automator Quick Action)?
- Does the app require the requested access for normal or desired operation?
If you can't answer all questions with "yes", be wary of granting the permission. (Note that this is not a bullet-proof security checklist, but a rule of thumb that has helped me in the past, so I share it here).
Let me give you some real-life examples:
-
VMware Fusion, an app that let's you run virtual machines, asks at launch for access to the system's accessibility features, so I ask:
- Do I understand what is requested?
Yes, by requesting access to accessibility features, the app can control my Mac. That's quite a lot to ask, although VMware nicely documents why some of their apps need it.
- Was the request triggered by user interaction?
Yes, when launching the app. - Does the app require the requested access for normal or desired operation?
After declining the request I don't notice any performance issues, so the answer is no and I won't grant access in future requests.
- Do I understand what is requested?
-
The Terminal app requests access to my Desktop folder when running a shell script, so I ask:
- Do I understand what is requested?
Yes, if I let Terminal access my Desktop, it will be able to read all files and folders on my Desktop, including the script I'm about to run. - Was the request triggered by user interaction?
Yes, when running the script. - Does the app require the requested access for normal or desired operation?
Yes, because I trust the shell script and need it to process files on the Desktop, so I grant access.
- Do I understand what is requested?
As you see, there are no "right" answers, they depend on your use case, but a healthy dose of mistrust doesn't harm.
Is there anything you would recommend to make sure my system is safe?
In the context of downloading and running apps, these three questions will help to keep your system safe:
- Is the app made available on the Mac App Store or on the the developer's website of a reputable developer?
- If a website asks you to download an app, is it simply providing a link to the developer's website?
- Is the app supported?
If you can answer all questions with "yes", you are most probably on the safe side.
Again, let me give you a real-life example:
-
After clicking a link on an e-commerce website some days ago, I came across this page:
The page claims you need Adobe Flash Player to continue and insistently asks you to download from one of the offered links, so I ask:
- Is the app made available on the Mac App Store or on the the developer's website?
No, it's not, this is not Adobe's Flash Player download page. - If a website asks you to download an app, is it simply providing a link to the developer's website?
No, the link provided doesn't point to Adobe. - Is the app supported?
A quick Google/DuckDuckGo search leads to this end-of-life information page on Adobe's website, which makes it clear the developer doesn't support it anymore so you don't download anything and remain safe.
(In case you're wondering, this is an actual phishing website which I reported to Amazon AWS through their report abuse form.)
- Is the app made available on the Mac App Store or on the the developer's website?