I would blame Apple, or Apple as well. For all their security and privacy circus they still don’t have granular settings like “directory specific permissions” i.e Discord wants to go bonkers? Here’s ~/Library/Discord - take a dump in it if that gets you off, Discord, but you can’t even take a sniff at how it smells in ~/Library/Dropbox and vice versa. I mean it should be setting that if set it’s directory access limit — it can’t change that with anything — in fact it shouldn’t be able to ask for permission to change that, it changes only when you go inside in the settings and change it or add or more paths to its access list.

It should clearly ask for separate permissions if needs to have elevated access as in what it needs to do.

Also what’s with password pop-ups on Macs? I find that unnerving. Those plain password entry pop-ups with zero info that just tells you an app needs to do something more serious - but what’s that serious thing you don’t know. You just enter your password (I guess sometimes Touch ID as well) and hope all is well. Hell not sure many of you know that pop-up is actually an OS pop-up and not that app or some other app trying to get your password in plaintext.

They’d rather fuck you and the devs over with signing and notarising shenanigans for absolute control hiding behind safety while doing jack about it in reality.

I am a mobile dev (so please know that I have written the above totally from an annoyed and confused, definitely not an expert, end user pov). But what I have mentioned above is too much to ask on a Mac/desktop? ie give an app specific, with well spelt limits, multiple separate permissions as it needs them — no more “enter the password in that nondescript popup and now the app can do everything everywhere or too many things in too many places” as it pleases. Maybe just remove the flow altogether where an app can even trigger that “enter password to allow me go on god or semi-god” mode.