Full Disk Access

Is it realistic to expect App Store review approval when requesting Full Disk Access? Under what conditions or use cases is such permission typically accepted by Apple?

You haven't really said how you intend to implement what you call 'Full Disk Access.' I currently have two desktop applications with the 'Full Disk Access' capability with read/write permissions. If that's what you are talking about, your application is allowed to have read and write permissions, as opposed to just 'read' if the application is designed to save files to the disk. So, again,

Is it realistic to expect App Store review approval when requesting Full Disk Access? Under what conditions or use cases is such permission typically accepted by Apple?

I would say 'Yes.' But reviewers are not predictable. I had one desktop application rejected by a reviewer 6 or 7 years ago. His or her reason was, as I recall, the application did not write files to the disk when in fact the application did use NSSavePanel to let the user save files to the disk. I had the rejection reversed soon, but you know... That's how the review process works.

Actually, I may be wrong in my earlier statement. I am not certain how one of my desktop applications has gained the Full Disk Access' status although it has read/write permissions. I have a lot of home-brewed desktop applications with read/write permissions, but they aren't listed in Full Disk Access.

Full Disk Access is a user privacy setting. App Review can't give that to your app. Only your users can give your app Full Disk Access.

Furthermore, Mac App Store apps are sandboxed. That's a separate layer of privacy protection. You have to ask the user to give your app access to a given folder (or root) and then the user would also have to give your app Full Disk Access.

Technically, it is possible. A few years ago, I had an app that did all that in the Mac App Store. I don't remember the relevant App Review communications at the time, but I remember thinking that I was not allowed to ask for Full Disk Access or direct users to it. I had an option in app settings to provide it, but users had to find that on their own. I could give them instructions on the web site, but not inside the app itself.

I can't say what App Review's current policies are. All I can do is relate my own experience. I would also suggest that you're entering into a dangerous area. What kind of data from third party web browsers are you looking for? That's a suspicious Big Red Flag. Merely asking for such access can trigger a closer look at your app.

You might ask, "What's the worst that App Review can do? Reject my request?" No. The worst that App Review can do is kick your app out of the store and you out of the developer program. Apple has over 51 million developers. They don't lose any sleep over terminating 100-400k developers per year. And the #1 category for app removals is "utility".

You're talking about a Mac app. How much money are you really going to make from it? Even if you succeed, it's a horrible user experience.

Thank you very much for your honest advice. I currently publish a macOS utility app that checks browser bookmarks for broken links and allows users to remove those invalid URLs.

Nowadays, major browsers support multiple user profiles, and each profile has its own separate bookmark data. What I would like to implement in the next version is the ability to detect available browser profiles, display them to the user, let the user choose which profile’s bookmarks should be checked, then scan those bookmarks for broken links and optionally delete the invalid ones.

So this is the actual purpose of my app. The files I would like to access are only the profile metadata (profile name information) and the bookmark data files themselves.

Given this use case, do you still think this would be considered too risky or difficult to get approved?

So this is the actual purpose of my app.

But the access you are attempting to obtain would also give you unrestricted ability to read and modify bookmarks, browsing history, image caches, cookies, extension data, etc.

That's very valuable information. And having that access would, in turn, make your app valuable. Even if you only checked for invalid links, you could sell your app, and its Full Disk Access, to some other, less-scrupulous company.

do you still think this would be considered too risky or difficult to get approved?

I'm sorry, but wasn't clear enough before.

I don't work for Apple or for App Review. My opinions have no part in their review. I've already described Full Disk Access as "a suspicious Big Red Flag" and "a horrible user experience".

You asked for advice and experiences. I've provided both.

Thank you for your quick reply and for your additional advice. I’ve decided not to pursue Full Disk Access and will instead move forward with an approach where users explicitly select the folders or profiles they want to work with.

If I run into any difficulties as I continue development, I would greatly appreciate any further advice you may be willing to share.

I think you have your answer here, but I wanted to stress that file system access control is really rather complicated on macOS these days, and I have a general explanation of the subsystems involved in On File System Permissions.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"