Introduced in macOS Mojave (10.14), Full Disk Access (FDA) is at the heart of macOS privacy and security settings, making it impossible for apps to easily access your content, Calendar, Contacts, Camera, and Microphone. With global data leakages happening daily, you should not ignore this important set of permissions and restrictions protecting your most important data. But what is it and how to enable or revoke it? Keep on reading to find out. 

What is Full Disk Access?

The Full Disk Access (FDA) feature is much like a security check at an airport. When you grant “Full Disk Access” to an app, it is added to the whitelist of applications that are now marked as safe to work with your data. At the same time, all other applications will be greeted with “You Shall Not Pass.” The protected areas that require Full Disk Access permission are your Mail, Messages, Safari, Home, and Time Machine.

Full Disk Access gives access to certain parts of your drive, although it’s not as “full” as the name suggests. For example, it doesn’t give anyone access to your personal files outside of the ~/Library folder. But it does allow access to configuration files, as stated here in this guide from Apple.

What if an app tries to go beyond its allowed zone?

According to Apple, “if your app attempts to access any data that is part of one of the protected categories, the system will automatically terminate it.” And by “terminate,” Apple really means a forced crash.

How to grant Full Disk Access on Mac?

FDA is administered via System Settings > Privacy & Security. Here’s how to give Full Disk Access on Mac:

  1. Click the Apple icon > System Settings.
  2. Go to Privacy & Security > Full Disk Access.
  3. Switch on those apps you want to give access to (or use + to add other applications to the list).
Full Disk Access permissions on Mac

For example, if you need to grant Full Disk Access to Terminal, just find it in the list and enable the permission. If it is not there, click +, type Terminal in the search bar, and click Open > Quit & Reopen. 

How to grant Full Disk Access permission to Terminal

If you want to revoke the Full Disk Access permission, disable the app by switching the toggle to the off position. Alternatively, you can select an app and click the minus (-) button at the bottom of the window. It will remove your unwanted application from this list.

Tip

If you still run macOS Monterey or older, you can find Full Disk Access in System Preferences > Security & Privacy > Privacy. To grant or revoke it, you will need to select or deselect the checkboxes next to the app, respectively.

You can read more about Apple privacy settings in this article from Apple Support.

When should you grant Full Disk Access for an application?

First, if an app comes from a credible developer and you want it to do its job properly. Obviously, a daily scheduler or some app from the “Productivity” category would absolutely need to access your Calendar in order to simply function. On the other hand, if a Chess application asks to access your Mail, you should be concerned about its real intentions.

Normally, credible apps would politely explain why they want to access your disk and specify their activity limits. For example, like disk cleaners or disk backup software, apps from the utility category are designed to analyze your disk contents to do their job properly, so giving them “Full Disk Access” makes sense. But even if you don’t, these apps will still retain much of their functionality, though they will be limited in certain actions. To sum it up, providing “Full Disk Access” is perfectly normal if you follow these 2 main conditions:

  1. An app comes from a trusted source.
  2. The explanation for the Full Disk Access is reasonable.

If you doubt the app’s declared intentions, you can contact the app developers — usually, their response will be quick and to the point.

Tip: To protect yourself against malware, you should opt to use a non-administrative account on your Mac. The standard account, as opposed to an administrative one, doesn’t allow serious system-wide intrusions.

What are Full Permissions and how to give them?

How is Full Disk Access different from standard permissions requests on macOS? Permissions are granted for individual actions, like accessing your Photos, whereas FDA gives unrestricted rights to do multiple operations on your Mac. 

System permissions come in 3 types:

  • Read
  • Write
  • Execute

Permission-protected areas are contacts, microphones, webcam, Mail, remote desktop control, and Calendars. Whenever an app wants to have access to your a, b, c..., it will initiate a standard dialogue box (you’ve seen it a million times) where you can click either “OK” or “Don’t Allow.” In the second case, an app will crash if it attempts to access the restricted areas on your Mac. 

The new reality is that permissions have become an important part of data culture, not just a boring thing to click through. You should rather view permissions as a tool, which means you can grant and revoke permissions when necessary. 

How to fix broken permissions on Mac?

The problem comes when some user permissions get lost or broken. One morning, you may find that you no longer can open a file or access a certain folder on your Mac. Luckily, there is an easy way to fix it.

Corrupted permissions

We usually fix disk permissions with a tool called CleanMyMac, which has a pretty strong reputation within the Mac community.

To fix broken disk permissions:

  1. Start your free CleanMyMac trial — you can test it for 7 days without any limitations.
  2. Click Performance > Scan > View All Tasks.
  3. Select Repair Disk Permissions and click Run.

If you perform the rest of the maintenance tasks, you may even see your Mac running faster and smoother.

How to fix it if Full Disk Access is not showing?

Sometimes, users cannot see Full Disk Access in Privacy & Security settings. First off, make sure that it is not because of the scroll position — in macOS versions later than Ventura, you may need to scroll down to find it. You can also use search at the top of System Settings to find it.

If that is not your case, it may be because of a bug. Restart your Mac, and if the problem has not fixed, check for a macOS update in System Settings > General > Software Update. 

Note

If you are on a work computer, a configuration profile (MDM) might be hiding this setting or managing it automatically, making the manual toggle invisible or disabled. In that case, contact your admin for more information.

How to fix Privacy Permissions not working (Camera and Mic)?

An often-reported issue is camera and microphone permissions not working properly. While Apple’s own apps handle camera and mic perfectly well, many third-party apps (like Skype) end up becoming totally unusable due to missing permissions or “Full Disk Access denied.” In such cases, a dialogue box that requests permission is never displayed for whatever reason. And if a program hasn’t requested permission — you guessed right — there is no way to make it work. What can you do?

  1. Reinstall the app in question.
  2. Add the app to the Full Disk Access folder (see above).

How to deal with macOS privacy changes (and challenges)?

Apple’s decision to harden security requirements on macOS was a long-expected move. During the first days of the macOS Mojave release — the first macOS with tougher security standards — the users faced a swarm of software conflicts linked with macOS permissions. Some have reported their audio apps crashing while attempting to enable microphone access. Still, a stronger grip on security turned out to be beneficial for all of us in the long run.

To save yourself from the misfortune of constantly crashing software, it is recommended that you update all your apps to the latest available versions. The good news is that it no longer means hours of googling. You can use the tool we described above, CleanMyMac, which has a quick built-in Updater module.

  1. Run CleanMyMac (get your free trial here).
  2. Click Applications > Scan > Manage My Applications > Updater.
  3. Select apps you’d like to update and click Update.
applications updater detailed results

This will reduce the chances of your apps crashing, especially after updating macOS.

With another tool — Protection — you can quickly manage all app permissions:

  • Run the Protection scan and click Manage Privacy Items > Application Permissions.
  • Now you can see which app can do what. Apparently, many apps will have more permissions than you thought. Select these apps and click Revoke.

Check other tools in the sidebar, too, to remove any malware that may have sneaked onto your Mac and get rid of any data that may compromise your privacy.

The benefits of using CleanMyMac

  • Comes with 25+ tools to declutter, maintain, and protect your Mac
  • Moonlock engine povering all antimalware features in CleanMyMac successfully passed a quality check by AV-Test, detecting 93.3% of the malicious samples provided in the test
  • MacPaw — the developer behind CleanMyMac — has been in the market for over 17 years

Try CleanMyMac for free — see how easy it is to stay on top of Mac app permissions and privacy threats. 

Final thoughts

Under today’s security standards, users must explicitly authorize an app, i.e. “an opt-in” logic will become prevalent. Previously, malicious programs could simulate consent using the so-called synthetic clicks — a term from a hacker universe. This practice becomes more difficult, but it doesn’t mean “data leaks” will disappear anytime soon.

The described pre-authorization logic is nothing new for iOS users and has gradually become an industry standard. But who would complain about having stronger security on their Mac? Eventually, we’ll get there, even if it means a few more thoughtful clicks on our part every day.

Key takeaways

  • Full Disk Access is a set of permissions allowing apps to access locations on the disk considered sensitive, but "full" is a misnomer since it mainly permits access to the ~/Library folder
  • When to grant it: when you install a reputable third-party tool that does need such a level of permissions to work properly (backup tool, disk cleaner, or antivirus software)
  • When not to grant Full Disk Access: when it is unreasonable (e.g., when games ask for it)
  • Where to manage FDA: System Settings > Privacy & Security > Full Disk Access
  • How to troubleshoot Full Disk Access issues: restart your Mac, update macOS, remove and re-add an app 

Frequently asked questions

Why does an app keep requesting Full Disk Access every restart even after you've already granted it?

It may be caused by a bug in macOS (particularly Ventura/Sonoma), a damaged TCC (Transparency, Consent, and Control) permissions database, or the app's helper tools not having their own permission granted. Re-granting the permission, restarting a Mac, or updating it usually help fix the glitch. To re-grant the permission, remove the app from the list of all apps in Full Disk Access settings using the minus (-) button and re-add it using the plus (+) button to refresh its entry. Do not forget to click Quit & Reopen.

Why do I need to grant Full Disk Access to Terminal? 

By default, Terminal does not have Full Disk Access permission. It is a precaution preventing you from running commands that may break your macOS or executing malicious commands and scripts. If you are absolutely sure how to work with Terminal, you need to grant FDA to it to run commands that may implement system-wide changes. Note that scripts and command-line tools running inside Terminal inherit its Full Disk Access permissions.

Is it safe to grant Full Disk Access, what are the actual risks, and how do you assess whether an app can be trusted?

Granting Full Disk Access on macOS is generally not safe for unknown or untrusted applications, but it is a standard, safe requirement for trusted system tools and third-party apps. So, as long as you download an app from a trusted developer and from their official website or the App Store, you can give Full Disk Access to it.

Should you grant Full Disk Access to Norton, Malwarebytes, or other third-party antivirus software and why do they need it?

Yes, you should generally give Full Disk Access to reputable antivirus software. Such apps need this permission for comprehensive scanning, real-time protection, and effective quarantine. Otherwise, they might fail to complete the scans, detect malware, or remove found threats.

Should XProtect have Full Disk Access, and is it normal to see Apple's own security tools in the list?

Yes, XProtect should have Full Disk Access, and it is absolutely normal to see Apple's own tools in the list, so do not disable it.

What does "fpsaud full disk access" mean and should you allow it?

"Fpsaud" stands for Flash Player Auto Update Daemon (for macOS), a background process designed by Adobe to check for and install Flash updates. You should not allow it Full Disk Access, and ideally, you should delete it entirely. Because Adobe Flash was officially discontinued in 2020, this process is obsolete and, if appearing now, is likely a security risk or malicious fake.