Window Overview
Is mainly about entering in the Privacy messages for accessing these folders or volumes. Modern versions of the macOS won't allow an application to access these locations unless the Privacy message are set.
When "Read" is selected, it allows the application to display a "Open File" dialog. When "Write" is selected, the application can display a "Save File" dialog.
When "Read" is selected, it allows the application to read files in these locations. When "Write" is selected, the application is allowed to write to files in these locations.
When "App" is selected it allows the app to create Application referenced Security-Scoped Bookmarks, which enables the application to save "access permissions" for files and folders. Only this application can read these bookmarks.
"Doc" allows the app to create Document specific Security-Scoped Bookmarks, which enables any application that can read the document, to have access to the files or folders referenced by these bookmarks.
When the options are selected, it allows the application to access this data when the application is Sandboxed1, or to request access to this information when it is not. The matching Privacy usage message must be filled in.
Automatic access to this data may change in the future, please make sure matching Privacy fields are filled in, in case Apple change their minds.
These options govern how the application utilizes network access. The App Sandbox options are required for Sandboxed applications, but are expected to become required otherwise.
These options are for both App Sandboxed and Hardened Runtime, please fill in the corresponding Privacy message when selecting options.
You may need to select the "Audio" entitlement in order to play back video or audio, not just for recording.
Lists options to disable certain security mechanisms that are enabled with the "Hardened Runtime" protocol.
For help figuring out which options your application may require please read Hardened Runtime Issues
Hardened Runtime increases the time it takes to code sign an application as it forces Apple's code signing tools to connect to Apple, it seems it must be done for each and every single file that is code signing.
Make sure that the debug application launches before disabling this option.
Select the "Use Apple Script to control other applications" checkbox and enter in a Privacy message.
If the application is Sandboxed, you're also required to provide a list of the applications that this application will control.
The use of Apple Script in apps sold via the App Store is discouraged. Tim Apple sees Apple Script as security risk. It is still allowed under certain circumstances.
No overview available
Application groups allow modern security focused apps to share data via a unique folder.
To use Application groups in a Xojo app, you'll need to add code.
Use the "+" button in the top right hand corner of the section to add identifiers. They typically start with team id from the code signing certificate. If you enter in "$(certTeamID)", App Wrapper will automatically replace this during wrapping.
Click on the "-" icon next to the group that is to be removed. Confirm it is to be removed. This option is not undoable.