Security vulnerability discovered on multi-user macs

For those sharing a mac with others, there is a vulnerability in which non-admin users can gain read-only access to everyone else’s files.

This is achieved by accessing local Time Machine snapshots or forcing the system to create a new APFS snapshot. In turn the attack vector would be either the Terminal with full-disk access enabled or the Finder (that already has implicit full-disk access permission).

Full details here.


Fortunately I’m the only user on my Mac. Wonder how many people are using them as multi-user