Notes on File System Protection on macOS on 10.14.5 (Mojave)

FDA.md

List of paths, protected by Full Disk Access, on 10.14.5 (Mojave):

/.Spotlight-V100
/Library/Application Support/com.apple.TCC
~/Library/Application Support/MobileSync
~Library/Application Support/CallHistoryTransactions
~Library/Application Support/com.apple.TCC
~Library/Application Support/AddressBook
~Library/Application Support/CallHistoryDB
~Library/IdentityServices
~Library/Calendars
~Library/Messages
~Library/HomeKit
~Library/Mail
~Library/Safari
~Library/Suggestions
~Library/Containers/com.apple.VoiceMemos
~Library/Containers/com.apple.Home
~Library/Containers/com.apple.Safari
~Library/Containers/com.apple.iChat
~Library/Containers/com.apple.mail
~Library/Containers/com.apple.news
~Library/Containers/com.apple.stocks
~Library/PersonalizationPortrait
~Library/Metadata/CoreSpotlight
~Library/Metadata/com.apple.IntelligentSuggestions
~Library/Cookies
~Library/Caches/com.apple.safaridavclient
~Library/Caches/CloudKit/com.apple.Safari
~Library/Caches/com.apple.Safari
~Library/Caches/com.apple.Safari.SafeBrowsing

No_sudo_access.md

List of paths, that we can't access (read) even with root privileges and having FDA:

/private/var/db/fpsd/dvp
/private/var/db/ConfigurationProfiles/Store
/private/var/folders/yf/xwbknfl51y74081w2d0cx5380000gn/0/SafariFamily
/private/var/folders/yf/xwbknfl51y74081w2d0cx5380000gn/0/com.apple.Safari/SafariFamily
/private/var/folders/yf/xwbknfl51y74081w2d0cx5380000gn/0/com.apple.LaunchServices.dv
/private/var/folders/yf/xwbknfl51y74081w2d0cx5380000gn/0/com.apple.nsurlsessiond
/private/var/folders/yf/xwbknfl51y74081w2d0cx5380000gn/0/com.apple.routined
/private/var/folders/yf/xwbknfl51y74081w2d0cx5380000gn/C/com.apple.WebKit.WebContent.Sandbox
/private/var/folders/yf/xwbknfl51y74081w2d0cx5380000gn/C/com.apple.QuickLook.thumbnailcache
/private/var/folders/yf/xwbknfl51y74081w2d0cx5380000gn/C/com.apple.WebKit.Networking.Sandbox
/private/var/folders/zz/zyxvpxvq6csfxvn_n00000sm00006d/0
/private/var/folders/zz/zyxvpxvq6csfxvn_n00000sm00006d/C
/private/var/folders/zz/zyxvpxvq6csfxvn_n00000y800007k/0/com.apple.nsurlsessiond
/private/var/folders/zz/zyxvpxvq6csfxvn_n00000z000007r/0/com.apple.nsurlsessiond
/private/var/folders/zz/zyxvpxvq6csfxvn_n00000z000007r/0/com.apple.routined
~/Library/VoiceTrigger/SAT

SIP.md

List of paths, stored in /System/Library/Sandbox/rootless.conf–which are protected by System Integrity Protection.

				/Applications/App Store.app
				/Applications/Automator.app
				/Applications/Books.app
				/Applications/Calculator.app
				/Applications/Calendar.app
				/Applications/Chess.app
				/Applications/Contacts.app
				/Applications/Dashboard.app
				/Applications/Dictionary.app
				/Applications/DVD Player.app
				/Applications/FaceTime.app
				/Applications/Font Book.app
				/Applications/Game Center.app
				/Applications/Home.app
				/Applications/Image Capture.app
				/Applications/Launchpad.app
				/Applications/Mail.app
				/Applications/Maps.app
				/Applications/Messages.app
				/Applications/Mission Control.app
				/Applications/News.app
				/Applications/Notes.app
				/Applications/Photo Booth.app
				/Applications/Photos.app
				/Applications/Preview.app
				/Applications/QuickTime Player.app
				/Applications/Reminders.app
				/Applications/Safari.app
				/Applications/Siri.app
				/Applications/Stickies.app
				/Applications/Stocks.app
				/Applications/System Preferences.app
				/Applications/TextEdit.app
				/Applications/Time Machine.app
				/Applications/Utilities/Activity Monitor.app
				/Applications/Utilities/AirPort Utility.app
				/Applications/Utilities/Audio MIDI Setup.app
				/Applications/Utilities/Bluetooth File Exchange.app
				/Applications/Utilities/Boot Camp Assistant.app
				/Applications/Utilities/ColorSync Utility.app
				/Applications/Utilities/Console.app
				/Applications/Utilities/Digital Color Meter.app
				/Applications/Utilities/Disk Utility.app
				/Applications/Utilities/Grab.app
				/Applications/Utilities/Grapher.app
				/Applications/Utilities/Keychain Access.app
				/Applications/Utilities/Migration Assistant.app
				/Applications/Utilities/Screenshot.app
				/Applications/Utilities/Script Editor.app
				/Applications/Utilities/System Information.app
				/Applications/Utilities/Terminal.app
				/Applications/Utilities/VoiceOver Utility.app
				/Applications/VoiceMemos.app
				/Applications/iTunes.app
TCC				/Library/Application Support/com.apple.TCC
CoreAnalytics			/Library/CoreAnalytics
NetFSPlugins			/Library/Filesystems/NetFSPlugins/Staged
NetFSPlugins			/Library/Filesystems/NetFSPlugins/Valid
				/Library/Frameworks/iTunesLibrary.framework
KernelExtensionManagement	/Library/GPUBundles
MessageTracer			/Library/MessageTracer
				/Library/Preferences/SystemConfiguration/com.apple.Boot.plist
KernelExtensionManagement	/Library/StagedExtensions
SoftwareUpdate			/Library/Updates
				/System
MobileAsset			/System/Library/Assets
MobileAsset			/System/Library/AssetsV2
*				/System/Library/Caches
KernelExtensionManagement	/System/Library/Caches/com.apple.kext.caches
*				/System/Library/Extensions
				/System/Library/Extensions/*
UpdateSettings			/System/Library/LaunchDaemons/com.apple.UpdateSettings.plist
MobileAsset			/System/Library/PreinstalledAssets
MobileAsset			/System/Library/PreinstalledAssetsV2
*				/System/Library/Speech
*				/System/Library/User Template
				/bin
ConfigurationProfilesPrivate	/private/var/db/ConfigurationProfiles/Settings
cvms				/private/var/db/CVMS
SystemPolicyConfiguration	/private/var/db/SystemPolicyConfiguration
RoleAccountStaging		/private/var/db/com.apple.xpc.roleaccountd.staging
datadetectors			/private/var/db/datadetectors
dyld				/private/var/db/dyld
timezone			/private/var/db/timezone
*				/private/var/folders
				/private/var/install
				/sbin
				/usr
*				/usr/libexec/cups
*				/usr/local
*				/usr/share/man
*				/usr/share/snmp
# symlinks
				/etc
				/tmp
				/var