Why are the Posix permissions wrong?
They’re not wrong (-: The issue here is that Apple platforms have multiple levels of access control:
-
Posix permissions
-
ACLs
-
Mandatory access control (on macOS)
-
App Sandbox
The isXxxFile(atPath:) methods are based on access (see its man page) which takes into account all of these. I suspect that SystemData is protected by the sandbox, which is why access is reporting less privileges than the Posix permissions would suggest.
I’m not sure why resourceValues(forKeys:) is return rwx.
Honestly, I don’t lose a lot of sleep on this stuff. If there’s one thing you should take away from the above is that it’s very hard to preflight file system operations. Rather than looking at the permissions to see whether you can do something, you should instead try that thing and then deal with the error.
Share and Enjoy
Quinn “The Eskimo!” @ DTS @ Apple