Third-party app requires root access

Cat9102 wrote:

Hi,

I’ve recently installed an app from a main gaming company. Whenever the app opens, I notice in Activity Monitor that it starts a process called Background Services that uses root access. To enable this, I get a Mac pop-up asking me to enter my login every time I want to open the app. The process quits a couple of seconds after I close the app.

The app isn’t available on the App Store but it is from a reputable company. I am confident that they don’t have malicious intentions.

My question is whether this root access leaves me vulnerable each time I run the app. Could another party use this to get into my system and do damage? Or is that unlikely/are there sufficient protections within the Mac to prevent any serious problems? Should I be worried, or is this actually OK?

Thanks.

I think you maybe referring to System Setting >> Privacy and Security >> Full Disk Access

Not >> root access <<

Understand that giving Full Disk Access gives the Third Party Application access a user's protected files.

The user named root, or superuser, is a special user account in UNIX-like operating systems that has unrestricted read and write privileges to all areas of the file system in OS X 10.10 or earlier. However, in OS X 10.11 or later, the root user’s write access to certain areas of the file system is restricted.

See the Apple Support article About System Integrity Protection on your Mac.

Cat9102 wrote:

Yes, I turned off the ability for the app to do tasks in the background. I think that restricts the time the background services run, which I actually prefer.

The apps don’t know about that feature. All they know is their app is broken and needs to reinstall the components. That’s why it keeps asking to install. Turning it off will break some apps, but others are just update checkers.

Cat9102 wrote:

Yes, I turned off the ability for the app to do tasks in the background. I think that restricts the time the background services run, which I actually prefer.

Unfortunately some apps require those background processes in order to function. If the app can run without those background processes, then the app itself should provide an option to customize those background processes & tasks.

I have no idea why Apple decided to provide the interface for the "Background Tasks" section of the Privacy & Security System Settings. Apple did not provide any information to app developers on how to code their apps properly to work with this "feature" and even some of Apple's own apps don't handle this feature properly. Just ignore that section completely. If you don't want a background process to run & that app does not contain any configuration options, then either live with it or uninstall the app because turning off the Background feature will just cause that app to be broken or require you to enter your admin password each time as you have discovered.

Do you turn off things in the "Load in Background" list under Login Items? That may be why it asks you every time.

Many things run as root, especially background tasks, like license checking and update checking.

Cat9102 wrote:

Thanks for replying.

I have give the app Full Disk Access as this seems to be required for the app to work properly.

But I think you're right that I mean the user named root. That matches what shows in Activity Monitor. If the root user's write access is indeed protected as you say, then that sounds very reassuring.

Thanks again.

You are welcome

Do come back to the Apple Support Communities ( ASC )  in the future if additional questions may arise.