In macOS Catalina, Apple has introduced a whole new permissions system so that applications cannot access system files or user files by default. In order for Kolide to properly function, it needs to be granted explicit full disk access.
Why does Kolide need full disk access?
Kolide needs full disk access to perform the following tasks:
- To list other apps that also have disk access that may not need it.
- To inspect system files that give us a better understanding of the security of the device.
- To look for evidence of plain text credentials in your downloads, documents, and desktop folders.
- Finally, to read the file name of our installation package to assist with user-to-device association.
Kolide takes having full disk access to your mac very seriously and will never transmit the content of your personal files to our server.
If there are questions or concerns about this, please contact us at firstname.lastname@example.org, or speak with your admin.
Follow the instructions below:
First, click on the Apple icon on the top left corner and select System Preferences.
From here, you will want to go to Security & Privacy.
Once here, click on the Privacy tab, and scroll to Full Disk Access.
In the bottom left corner, click the lock to make changes. This will prompt you for your computer password. Type that in and click Unlock.
Click the '+' button to add a new permitted application:
Now, on your keyboard, press Command+Shift+G.
In the dialog that appears, type in
/usr/local/kolide-k2/bin/launcher and click Go.
This easily finds Kolide's agent (named launcher). Click Open.
Great! Now Kolide is primed and ready. Here is what this will look like:
That's it! You can close this window, and Kolide can now run its security checks. Thank you for your time!