Answer: Because modern-day Apple has subscribed to a particular brand of mitigation for the "noobs will always click 'Allow' especially if you ask them to first" problem. The mitigation is that Apple just dumps you on step 2 of a little 4-5 step mini sysadmin adventure where you prove, every time, that you're sophisticated enough to deserve an exception to the padded-cell walled garden mode they've sealed off 'for your safety.'
As a complete nerd, you'd think maybe I'd like that I can prove my skills like this, but it comes off as deeply disrespectful to me as the user that I can't disable this.
What's my solution to prevent grandma or a 10-year-old from clicking "Allow full filesystem access and keylogging" to an executable she downloaded from facebook-security-center-and-password-verification-cgi-bin-ab383 dot xyz? IDK, that's their problem, but they should offer a way for those of us who aren't clueless to turn whatever it is off.
You seem to have understood the problem. But then you didn't follow. If there was a way to disable this, first thing that the grandma would do is watch a video how to disable that and lose security from then on.
Of course it is not perfect, but their approach here is really decent. And also, if you find yourself needing to go through that often I think that's not a good sign security-wise.
On the flip side, many websites ask if I want to allow notifications. I almost never do. I was looking at settings recently and surprised how often I’d clicked yes by accident (maybe about 5% false click rate?)
It’s used for writing keyloggers.
That’s it. It’s the permission that lets you write a keylogger. It SHOULD NOT be just a click away. It should require some extra song and dance, because this is an especially dangerous permission, and the extra friction is justified.
I'm not sure if it's what you're asking for, but you can disable SIP:
https://developer.apple.com/documentation/security/disabling...
But do that and the very next thing that happens when you try to open a browser or a link in an email?
"Your browser has been changed from Safari to Chrome. Would you like to use Safari or keep using Chrome?" and for a little salt, the default is "Use Safari".