Since you are experiencing sandbox-related errors, it is important that you describe which kind of sandbox-related access your application needs, and which kind of file your application is opening.
Do you want your app to open any SQLite file on the disk? Or only documents created by your app? In this case, are you developing an NSDocument-based app where SQLite databases are embedded inside document bundles, or not? Or are you developing an application that opens a database embedded as a resource in your app (for example, a dictionary app)? Or are you developing an application that creates one unique, shared, database (for example, a Notes.app-like app)?
Do you understand why these pieces of information, as well as your intents, are needed in order to spot the origin your problem? One does not just tick random checkboxes in Xcode until errors go away (I swear I wish it were sufficient )
Besides, you wrote:
It seems it might be the temporary files SQLite creates causing the error.
SQLite uses temporary files indeed. Well, based on the context of your app, your growing knowledge of the macOS sandbox, and your reading of Apple documentation, does this sentence ring some bell to you?
For me, you are on the way to a real understanding of what's wrong. When you have taken the time to gather the required information, the picture will be much more clear, as well as the solution. Please come back with the needed information.
What I am after is the app to create the database at the users specified location that I would get from the Prefs for the app, using $HOME/Documents as a default. However, for my initial testing I want to be able to connect for read/write to a test SQLite DB on my desktop. So, it would not be bundled inside a document bundle.
I printed the temp directory while running the app which is
(witch is really /private)/var/folders/g4/ws52m6lx2776vmpkwvd0b8l00000gn/T/CHCS.GRDBTest/. Nothing gets created in this directory. The path permissions are all rwx for directories and other things write in the T directory (T for TEMP)
So, it does look like I need to add some permissions within Xcode.
All right, thank you for the context! It's much more clear now :-)
I am no sandbox expert, but please follow my reasoning. Sandbox is all about restricting applications from accessing parts of the file system, right? You have already seen dialogs like "App X wants to access your Documents folder - Accept - Deny", right?
Checking "User Selected File" in Xcode applies to files explicitly created by the app, or explicitly selected by the user in an Open dialog box (likely with NSOpenPanel).
Reading this, I think you may want to change your strategy for your initial testing. Maybe just jump directly to NSDocument bundles, so that your app does not fight against the system sandbox.
Now this thread is not about GRDB. It is not about SQLite either. It is about macOS file system fundamentals. The system just won't let your app open a file. It does not matter that this is an SQLite file, or that you use GRDB. You could not even deal with plain text files, or jpeg images, do you see?
This forum is no longer the best place to discuss this topic. You'll find better and more focused answers, from more knowledgeable people, on StackOverflow, or the Apple Developer Forums.
You are on the right track. And we all know this is a lot of information to learn! MacOS file system is... not quite the same as on iOS. Once this beast has been tamed, you'll be able to use GRDB just as on iOS.