Open in app

Sign in

Write

Sign in

Mastodon

Snake&Apple IX — TCC

Introduction to Transparency, Consent, and Control on macOS

Karol Mazurek
18 min read5 days ago

INTRO

Welcome to another article in the series on macOS security internals!

Transparency, Consent, and Control (TCC) is the final layer in the Apple App Security mode. Similar to the Sandbox, it aims to mitigate the threat of malware running successfully on macOS. However, there is a distinction between them. TCC manages access to user data (through user consent), while the Sandbox controls app behavior (via system-imposed restrictions).

These two mechanisms work together. For example, an app must first have the appropriate entitlement in the sandbox profile if it wants to access the camera. TCC only prompts the user that the app wants to access the camera.

This article will examine TCC components, such as its daemons, databases, permissions dialogs, entitlements, and where to find related APIs.

The table below summarizes all of the subjects described in this article:

Please note that some topics have been intentionally omitted and will be addressed in future articles. However, leave a

Create an account to read the full story.

The author made this story available to Medium members only.
If you’re new to Medium, create a new account to read this story on us.

Continue in app
Or, continue in mobile web

Already have an account? Sign in

Karol Mazurek

1.2K Followers

Offensive Security Engineer 🍎 BIO: https://github.com/karmaz95

More from Karol Mazurek

See all from Karol Mazurek

Recommended from Medium

Lists

Coding & Development

11 stories908 saves

General Coding Knowledge

20 stories1751 saves

Predictive Modeling w/ Python

20 stories1677 saves
Breaking News: Tim Cook unveils Vision Pro headset in Apple’s most significant launch since iPhone

Apple's Vision Pro

7 stories80 saves
See more recommendations

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams