MacOS X Security - Is it normal to allow Dropbox.app "to control your computer"?

Hello Gene, I was sufficiently intrigued to pose the question directly to Dropbox Support.

Ticket #3172481: DB: Dropbox app listed under "Allow the apps below to control your computer".

I'm sure there's a perfectly reasonable explanation why Dropbox needs permission to control Mac computers, I'd just quite like to know what it is.

Here is the reply, make of it what you will.

Thank you for writing in regarding the security of your account information. I can certainly understand you wanting to ensure the security of data you have entrusted to Dropbox. I will be happy to explain the measures taken by Dropbox to ensure the security of everyone's account.

Permission to control the computer is just another way of saying that there are certain system permissions Dropbox needs to function, and many of those permissions are to establish secure connections in order to protect the data contained within your Dropbox folders.

Operating system permissions prevent files from being viewed or edited by unauthorized logins. Permissions can be set any number of ways and can be restored manually through a fairly simple process.

Another possible cause of issues with Dropbox arise when conflicts exist between your local network sharing or folder redirection preferences setup in folders or files within your Dropbox. Similar effects can also happen when your Dropbox folder or its system files are located in a mounted network drive or a remote location (like roaming profiles) since this could cause Dropbox to not have constant access or permissions to operate in those locations. This is especially an issue if other people in the network could be accessing the same data. For these reasons, I'd suggest that you ensure that your setup does not include any of the above scenarios.

Additional permissions my be required when syncing mobile devices, particularly when photos or photo albums are involved. Since there is a great deal of personally identifying information stored in the metadata for a photo file (yes, people can find you if they know how to decrypt this metadata), some of the additional permissions required for our Carousel app, for example, include:

iOS

-Contacts
-Photos
-Camera
-Notifications
-Background App Refresh
-Use Cellular Data

Android

-In-app purchases
-Device & app history
-Identity
-Contacts/Calendar
-Photos/Media/Files
-Camera/Microphone
-Wi-Fi connection information
-Device ID & call information

Facebook does not offer a large amount of granularity or retroactive permissions control, so we need to request all the permissions we need or even may need in the future.

I want to reiterate the point that all these steps are taken in order to prevent access to your data, not to facilitate access to your data. Dropbox takes great pride in being a company worth of the trust of our users, and we would never ask you to allow us access with the intent of violating that trust.

I hope this helps clarify our account security measures regarding permissions. Thank you so much for using Dropbox, and please let me know if there's anything else I can help with.