yuanyuanxiang/SimpleRemoter
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 4 Wiki Activity

Fix: Full Disk Access permission check using actual file read

Browse Source
This commit is contained in:
yuanyuanxiang
2026-05-01 09:32:15 +02:00
parent 979f309497
commit cfa9b581fc
2 changed files with 30 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
macos/Permissions.mm
View File

@@ -49,30 +49,38 @@ void Permissions::openAccessibilitySettings() {
bool Permissions::checkFullDiskAccess() { bool Permissions::checkFullDiskAccess() {
// There's no official API to check Full Disk Access. // There's no official API to check Full Disk Access.
// We try to read a protected file that requires FDA permission. // Try to actually read a protected file that requires FDA.
// Safari bookmarks is a commonly used test file.
NSArray* testPaths = @[ NSString* testPath = [NSHomeDirectory() stringByAppendingPathComponent:@"Library/Safari/Bookmarks.plist"];
[NSHomeDirectory() stringByAppendingPathComponent:@"Library/Safari/Bookmarks.plist"],
[NSHomeDirectory() stringByAppendingPathComponent:@"Library/Safari/CloudTabs.db"],
@"/Library/Application Support/com.apple.TCC/TCC.db",
[NSHomeDirectory() stringByAppendingPathComponent:@"Library/Application Support/com.apple.TCC/TCC.db"]
];
NSFileManager* fm = [NSFileManager defaultManager]; NSFileManager* fm = [NSFileManager defaultManager];
for (NSString* path in testPaths) { if ([fm fileExistsAtPath:testPath]) {
if ([fm fileExistsAtPath:path]) { // Try to actually read the file (more reliable than isReadableFileAtPath)
// File exists, try to read it NSData* data = [NSData dataWithContentsOfFile:testPath];
if ([fm isReadableFileAtPath:path]) { if (data != nil) {
return true; // Can read protected file = FDA granted NSLog(@"FDA check: OK (can read Safari bookmarks)");
} else { return true;
return false; // File exists but can't read = FDA not granted } else {
} NSLog(@"FDA check: FAILED (Safari bookmarks exists but unreadable)");
return false;
} }
} }
// If none of the test files exist, assume FDA is granted // Safari bookmarks doesn't exist, try TCC database
// (edge case: fresh system without Safari history) testPath = @"/Library/Application Support/com.apple.TCC/TCC.db";
if ([fm fileExistsAtPath:testPath]) {
NSData* data = [NSData dataWithContentsOfFile:testPath];
if (data != nil) {
NSLog(@"FDA check: OK (can read TCC.db)");
return true;
} else {
NSLog(@"FDA check: FAILED (TCC.db exists but unreadable)");
return false;
}
}
// No test files exist, assume OK
NSLog(@"FDA check: SKIPPED (no test files found)");
return true; return true;
} }

7
macos/main.mm
View File

@@ -496,10 +496,11 @@ int main(int argc, const char* argv[])
Permissions::requestAccessibility(); Permissions::requestAccessibility();
} }
// FDA check is unreliable (no official API), just log a warning
if (!Permissions::checkFullDiskAccess()) { if (!Permissions::checkFullDiskAccess()) {
NSLog(@"Full Disk Access permission not granted."); NSLog(@"Full Disk Access: not detected (may be false negative).");
NSLog(@"Please grant permission in System Preferences > Privacy & Security > Full Disk Access"); NSLog(@"If file access issues occur, grant FDA in System Preferences > Privacy & Security > Full Disk Access");
Permissions::openFullDiskAccessSettings(); // Don't auto-open settings since detection is unreliable
} }
// Create client // Create client