Can't add applications to "Full Disk Access" list

Hmm... I have a similar problem on macOS Mojave version 10.14.2 (18C54) and I am running ESET Cyber Security version 6.7.300.0, so I am beginning to suspect the ESET anti-virus. My computer is fairly new and a clean install as of July 2018. The System Preferences > Security & Privacy > Privacy settings used to work fine up until about 1 or 2 months ago (around, perhaps, mid-November). Now, whenever I try to add a new program to the Accessibility, Full Disk Access, or other subsections I experience what I believe is the same symptoms as you do: initially I see programs in the subsection pane, I click the lock and enter the admin password to allow me to edit the settings, I click the plus sign and select a program (or alternatively drag-n-drop a program from a Finder window into the pane), and then NOTHING. All of the programs previously listed disappear, and the newly added program still has no rights. The existing permitted programs only reappear upon reboot, although the access for them appears to continue to remain in place even though the disappeared from the preference panel.

I have read that these settings are actually stored in a SQLite database filed named "~/Library/Application Support/com.apple.TCC/TCC.db". This file, however, is protected by default by Apple's System Integrity Protection (SIP) mechanism. In theory, you should be able to list the entries in the database by executing the terminal command: " sqlite3 ~/Library/Application\ Support/com.apple.TCC/TCC.db 'SELECT * FROM access' ". However, SIP will prevent you from doing so even if you use sudo. The only way to actually manipulate the database file is to disable SIP by rebooting into Recovery mode and disabling SIP from there. I did this just to see if my TCC.db file appeared obviously corrupt, and was able to see the database entry detail... but I had no way to tell if it was indeed corrupt. I even tried deleting this file in the hopes that the System Preferences utility would recreate the database file as a brand new blank database. None of that worked. In fact, it just made things worse as I lost most of the program entries within Security & Privacy. So I restored the file from a Time Machine backup, re-enabled SIP, and was back to square one with no improvement whatsoever for my efforts.

However, seeing your post is encouraging... because it definitely gives me ESET as a lead. That sounds like the common denominator for each of us. I will search ESET's support forums or open a ticket with them. I will reply if I find out anything more.

So, the first question I have is: why do you think you need an AV app? I wouldn't trust any company that tries to sell you AV anything for iOS since there is no way a virus can install itself on an iDevice.

Wonderful. I wouldn't allow any AV software within 10 miles of any of my Macs. It would essentially render the built in Mac protection semi- to fully worthless since it demands full disk access. So it hacks your system. And you tell me how it would actually know if an email is a phishing attempt since today's crooks are rather resourceful even spoofing Apple's address. Ditto for "antispam". And, you don't need a second/third firewall: you already have one on your Mac and, if you have a router, that one would be much better anyway. And, I would not use remote management since I would not know if it was safe or if that company would be able to access my device.

I've opened a ticket with ESET and will see what they say. If I'm reading your comments correctly, the solution isn't really a solution, if you have to uninstall ESET... update your preferences... and then re-install ESET. At that point, I would likely consider removing the AV altogether. This seems like a new issue having to do with some combination of Apple and ESET updates.

As for the anti-virus software on a Mac debate, I don't really care to wade too far into that one. My attitude is largely "to each their own" when it comes to AV philosophy. However, I do have a couple of comments; but know that if you care to reply solely on the AV issue I probably won't comment further as I don't want to de-rail the original point of this thread.

First, I've had an ESET product on macOS / OS X for many years (probably around 5 or 6 years, if I recall correctly)... this is the first compatibility / usability issue I have encountered to the best of my recollection. It *has* previously detected and quarantined malware. Most often attachments on unsolicited spam email in my junk folder that would not likely have been clicked upon anyway, but nonetheless were real occurrences. The types vary... admittedly most often some variant of Windows malware, but occasionally I have seen OS X types, and sometimes they are other application or protocol specific. Even if the malware is not macOS specific, or mac application specific, I don't want to be a party to transmitting or forwarding malware for other platforms.

Second, no platform is 100% immune to malware. It largely comes down to market share and "biggest-bang-for-the-buck" calculations on the part of hackers. Windows is a bigger market, so historically Windows has been a bigger target. Yes, Apple has Gatekeeper, app sandboxing (for App store apps), and other malware prevention techniques. But Apple isn't infallible. For some statistics see for example... https://www.cvedetails.com/vendor/49/Apple.html versus https://www.cvedetails.com/vendor/26/Microsoft.html based off of the official data at http://cve.mitre.org. The numbers for Apple, and macOS / OS X specifically, are not zero.

Finally, macOS / OS X is not the same as iOS. So comparisons between the two aren't necessarily accurate. I would largely agree that AV is unnecessary on iOS... as the sandboxing is enforced far more stringently in the iOS app store versus the macOS app store (well, MAS also enforces sandboxing as a requirement but there appear to be more rights elevations / escalations necessary for various categories of general purpose computing as opposed to iDevice software). Indeed, all iOS apps have to come from the app store, where that is not the case with Mac... nor would I argue should it be the case. Directly downloaded apps are generally not sandboxed to the best of my knowledge.

Ok, I now understand what you were saying... you need to roll-back to a version of ESET prior to 6.7.x.x. I've rolled back to 6.6.300.1 and I believe it is working correctly. For others that may be having this issue and need additional detail, this is the response I received from ESET technical support:

Hello,

Thank you for contacting ESET North America Technical Support.

We apologize for the inconvenience, the issue you're currently experiencing is a known bug that our developers are currently fixing. For now a workaround would be to install ESET Cyber Security Version 6.5. You can follow the forum post regarding this issue via the link below:

https://forum.eset.com/topic/17661-cyber-security-is-blocking-my-systems-accessibility-features-in-security-and-privacy/

For version 6.5 of ESET Cyber Security you can use the link below, please uninstall the current version of ESET before attempting to install the previous build.

https://eset.sharefile.com/share/view/s7f565bb16c144a48

Thank you for using ESET security products,

ESET Technical Support

North America

Finally, macOS / OS X is not the same as iOS

Yes, most everyone knows that (and I do run both, including Mac OS on one of my bootable clones of Mavericks for my video work). However, it has been discussed on various forums that Apple appears to be slowly melding the two with some form of iOS being the result. To me, that is good news; the less you are able to mess/hack the original OS, the less one needs to worry about issues. The walled garden has its advantages. I avoid third party anything that messes with the system and I've only gotten one malware redirect attempt (MacKeeper) which did render the device useless at the time (unless I paid them money to "fix" my "8,573 viruses". That was 5 - 6 years ago. I never open attachments (or some emails, for that matter) unless I know the source. And, obviously, I do not do Windoze, nor do I attempt to download anything unless it is from a known developer or the app store and I pay for whatever I do download.

Considering that, I feel AV software or a so called "cleaning" app would be superfluous and may cause a problem.

I can not attach application in accessibility