It’s also using the permissions users grant via the OS dialog to edit a SQLite configuration file to put itself on the Accessibility list - although it’s certainly not making it plain that’s what users are granting when they respond to the prompt for their admin password. The intent was never to frustrate people or override their choices.” made by Apple),” he said.Īs to why Dropbox needs admin privileges in the first place, he said: “We check and set privileges on startup - the intent was to make sure Dropbox is functioning properly, works across OS updates, etc. The dialog box you see is a native OS X API (i.e. “We never see or store your admin password. Newhouse also asserted that Dropbox is not viewing or storing Mac users’ admin passwords. We’ve been working with Apple to eliminate this dependency and we should have what we need soon,” he added. “We use elevated access for where the built-in FS APIs come up short.
“We use accessibility APIs for the Dropbox badge (Office integrations) and other integrations (finding windows & other UI interactions).”
To clarify: It is a legitimate OS X dialog with misleading text + they hack around the OS security for accessibility Īddressing criticisms about the scope of the permissions the client requires, Newhouse said: “We only ask for privileges we actively use - but unfortunately some of the permissions aren’t as granular as we would like.