This macOS app needs to access a file which is located in a custom dot folder (~/.folder/file)
but it is not clear how this should be done. Below are a few options I have considered.
Request Permission
Have the app request permission from the user with the path predefined. Then I expect I would need a security-scoped bookmark to retain access across app launches. Is it possible to predefine the path or does the user have to use a Finder window to select the file?
Agent
An agent could read the file and use XPC to communicate with the app. Perhaps this may have different access than a full a macOS app though there are not examples which I could follow for this use case.
Command Line Tool
The app installer could include a tool which the macOS app runs via shell and it would have the access that is needed. It would output JSON to stdout which can be read in with Swift/Codable. Using a shell to run a command may not allow access though. It would likely have the same restrictions as the app itself.
Access to a single file is all I need for now. I would like the option to access all contents of a folder for other use cases, so any API which allow that to work would be appreciated as well.
What is the best way to do this?
Related:
Another option I am considering is having the certificate which is stored in this file copied into a keychain item which could be accessed with a keychain access group. Then Mac apps can access it and monitor it for changes.