Access to ~/Library/Containers/com.apple.mail/Data/ denied

filesystemmojaveSecurity

Since installing Mojave, I can no longer access ~/Library/Containers/com.apple.mail/Data/:

pse@Mithos:~$ ll ~/Library/Containers/com.apple.mail/Data/
ls: DataVaults: Operation not permitted

I've granted Full Access to Terminal in System Preferences, nevertheless the error message remains.

What makes this directory so special and how can I get access?

Best Answer

The DataVaults directory has to do with entitlements. Access is prevented unless the owner of the entitlement grants the access. The entitlements for Mail.app can be listed as follows and provides an XML plist.

codesign -d --entitlements - /Applications/Mail.app/

At this time, the only other method to acquire access to the directory is to turn off SIP.

For more details on DataVaults see No Entry ⛔️: access controls in Mojave. The section on DataVaults starts off with

Introduced in later releases of High Sierra, and used more in Mojave, are folders to which only Apple’s software has even read access, DataVaults. My account here is largely based on comments generously provided here by an anonymous source, as these don’t appear to have been mentioned anywhere by Apple (not even at WWDC 2018), nor can I find other descriptions.

so it all seems to be kind of mystery still.

Related Question