After installing the GlobalProtect app on MacOS Catalina, why does the user receive popups requesting for access to local folders when attempting to connect?

After installed the GlobalProtect app on MacOS 10.15 Catalina, the user receive popups requesting for access to local folders when attempting to connect.





Why does GlobalProtect request permission to access these local folders?

• Palo Alto Firewalls.
• GlobalProtect Apps.
• MacOS 10.15 Catalina
• PAN-OS 7.1, 8.1, 9.0, and later
• GlobalProtect App 5.0.4 and later

When the GlobalProtect application connects to the portal it will start a hip data collection via OPSWAT. This triggers a permission request for ~/Downloads, ~/Desktop, ~/Documents, and other folders.

Some conclusions are listed below:

1. GlobalProtect never had  the permissions for those folders.
2. To get rid of those popups, one can disable the hip data collection in the portal configuration.
3. If the hip data collection is required, but have concerns about those permission requests, disallow them.
4. As for the reason why just these specific folders' (~/Downloads, ~/Desktop, ~/Documents) permissions are requested when the scanning happens, it should be a MacOS issue. The customer should see some similar behaviors happen on other apps. If the customer does not want to see those popups, they can file issues to Apple or OPSWAT.