Somehow, and at some point, I believe recently, my system decided to add the com.apple.quarantine attribute to some files. It was quite a pain and was stopping me running scripts that I'd written in my own editor (BBEdit, that I've used without problems for years till the last few days). I located the problem (the xattrs) and added BBEdit to System Preferences > Security & Privacy > Privacy > Full Disk Access. Now new files are okay.
To track down other files I ran /usr/bin/find ~ -xattrname com.apple.quarantine
but there were quite a few files so I redirected it to a file on my desktop.
The file is 130M large.
I notice there are a lot of git object files in there, but there's a ridiculous number of files there. Is this normal? If not, and I'm going to reckon it's not correct, how can I stop this from happening again?
- Should I add, for example,
git
toFull Disk Access
? - Is
Full Disk Access
the correct permission to relieve an app of this burden? - Would I have to do this for all apps that download anything?
- Why would it suddenly become an issue now?
I will fix this by running xattr -rd com.apple.quarantine
DIR but I'm not entirely sure I should run it across ~
even though it's irritated me enough to want it gone from anything, even actual viruses.
This is not a duplicate of What should I do about com.apple.quarantine? because of the scope and context, I would think it normal to have this happen to the odd download, not my entire account (and I haven't checked beyond that yet).
Any help or insight will be gratefully received.
com.apple.quarantine
doesn't just get set for the odd download - it gets set for all files created by quarantine enabled apps, see What causes OS X to mark a folder as Quarantined?. I have thousands of such files - everything I've ever unzipped, caches for Browsers, MS Office, AppStore etc so yes it is normal. As mentioned in the link you can see what added it withxattr -p com.apple.quarantine <your_file>
- is something in particular causing you issues? I doubt granting Full Disk Access to all internet using apps is the best solution.chmod +x
. The best solution is the one that allows me to get on with my work, I'm all for security - but from scripts I wrote?getxattr
, which means that a file having thecom.apple.quarantine
attribute isn't necessarily quarantined. I depends on the contents of that attribute.