How to revoke “Always allow” privileges from an application

command linekeychainpermissionSecurityterminal

The application I have in mind is the security command line tool bundled with Macos. The man page describes it as:

security -- Command line interface to keychains and Security framework

At some point recently I wanted to get a password from my keychain using the command-line. Which is done using the following command:

matt@laptop ~ $ security find-generic-password -a 'foobar'

The first time I ran it I saw the usual Always Allow, Deny, and Allow dialogue. I (foolishly) picked Always Allow and now I can't find how/where to undo that.

I've looked using Keychain Access to see if the security tool appears there but it doesn't. The closest thing I could find was an entry for CommCenter but it was last modified before I ever used the security command.

Best Answer

Launch the Keychain Access Utility and find the entry you used that password:

  • Right click it to bring up its info window
  • Click the Access Control Tab and there you will see a list of applications that have "Always allow access" enabled
  • Highlight the application in the list that you want remove and click the [-] button to remove it from Always allowed access.

Chrome Safe Storage configuration dialogue, Access Control tab

Related Question