Help

Apple Script TCC Bypass

Euwanh
New Contributor III

Posted on ‎01-12-2024 04:05 AM

Hi All,

I was just wondering if the following was possible, I would like to use JAMF to remove the kTCCServiceAppleEvents entitlement of Script Editor.

I have tried to use this guide https://learn.jamf.com/bundle/jamf-school-documentation/page/Privacy_Preferences_Policy_Control.html but not having any luck I have put the

identifier as
com.apple.ScriptEditor2

and the Cod requirement as
identifier "com.apple.ScriptEditor2" and anchor apple


Any help would be appreciated. 

 

0 Kudos
2 REPLIES 2

mm2270
Legendary Contributor III

Posted on ‎01-12-2024 06:30 AM

I highly recommend downloading and using Jamf's PPPC Utility (found here) to create such PPPC profiles. It takes a lot of the guesswork out of what settings are needed. When you open the application, you can add any existing app on the Mac you're using it on by clicking the little + icon in the bottom left. Just find the app you want to grant the PPPC access to to add it in, then use the GUI options to set up the access.

0 Kudos

Euwanh
New Contributor III
In response to mm2270

Posted on ‎01-16-2024 02:58 AM

I have tried creating a custom configuration profile using the following, it still does not work am I missing something?

Preference Domain - com.apple.ScriptEditor2

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>PayloadContent</key>
<array>
<dict>
<key>PayloadDescription</key>
<string>Restricts Apple Events for Script Editor.</string>
<key>PayloadDisplayName</key>
<string>Privacy Preferences Policy Control</string>
<key>PayloadIdentifier</key>
<string>com.myorganization.scripteditor.appleevents</string>
<key>PayloadOrganization</key>
<string>MyOrganization</string>
<key>PayloadScope</key>
<string>System</string>
<key>PayloadType</key>
<string>com.apple.TCC.configuration-profile-policy</string>
<key>PayloadUUID</key>
<string>12345678-1234-1234-1234-1234567890AB</string>
<key>PayloadVersion</key>
<integer>1</integer>
<key>Services</key>
<dict>
<key>AppleEvents</key>
<array>
<dict>
<key>Allowed</key>
<false/>
<key>CodeRequirement</key>
<string>identifier "com.apple.ScriptEditor2" and anchor apple</string>
<key>Identifier</key>
<string>com.apple.ScriptEditor2</string>
<key>IdentifierType</key>
<string>bundleID</string>
</dict>
</array>
</dict>
</dict>
</array>
<key>PayloadDisplayName</key>
<string>Script Editor Apple Events Restriction</string>
<key>PayloadIdentifier</key>
<string>com.myorganization.scripteditor.restriction</string>
<key>PayloadOrganization</key>
<string>MyOrganization</string>
<key>PayloadRemovalDisallowed</key>
<false/>
<key>PayloadScope</key>
<string>System</string>
<key>PayloadType</key>
<string>Configuration</string>
<key>PayloadUUID</key>
<string>87654321-4321-4321-4321-210987654321</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
</plist>

0 Kudos