After installed GlobalProtect app on macOS Catalina, why does the user receive popups requesting for access to local folders when attempting to connect?

After installed GlobalProtect app on macOS Catalina, why does the user receive popups requesting for access to local folders when attempting to connect?

11898
Created On 02/04/20 21:47 PM - Last Modified 03/27/20 23:54 PM


Question
After installed GlobalProtect app on macOS 10.15 Catalina, the user receive popups requesting for access to local folders when attempting to connect.

User-added image
User-added image
User-added image

Why does GlobalProtect request permission to access these local folders?


Environment
  • Palo Alto Firewalls.
  • GlobalProtect Apps.
  • macOS 10.15 Catalina
  • PAN-OS 7.1, 8.1, 9.0
  • GlobalProtect App 5.0.4 and later


Answer
When GP connects to the portal, it will start a hip data collection via OPSWAT. This triggers the permission requests for ~/Downloads, ~/Desktop, ~/Documents, and other folders. Some conclusions are listed below:
  1. Global Protect never had  the permissions for those folders.
  2. To get rid of those popups, one can disable the hip data collection in the portal configuration.
  3. If the hip data collection is required, but have concerns about those permission requests, disallow them.
  4. As for the reason why just these specific folders' (~/Downloads, ~/Desktop, ~/Documents) permissions are requested when the scanning happens, it should be a macOS issue. The customer should see some similar behaviors happen on other apps. If the customer does not want to see those popups, they can file issues to Apple or OPSWAT.


Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000POXqCAO&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Attachments