Why does Dropbox ask for your computer password

@Leon N: did you test for the Dropbox Badge (Project Harmony - Microsoft Office integration) feature or the sync badges in Finder? Dropbox uses the accesibility features of the OS for the "Project Harmony" feature.

They could just as easily have used Apples APIs

According to the Dropboxer that posted on the other site, they did use Apple's API. Emphasis mine.

We never see or store your admin password. The dialog box you see is a native OS X API (i.e. made by Apple).

Someone else then commented:

To clarify for others: In /Library/DropboxHelperTools, you'll find a folder for each user full of setuid tools which run as root and do various privileged things. I assume that the client is presenting the normal OS X "ask for elevated access" UI and then using that elevated access to configure and install these. (I don't work for Dropbox or anything; I've just been poking around.)

Anything else I should test?

Razvan's got it. It's not the green check or blue sync badges that go over your files. It's the Dropbox Badge feature formerly known as Project Harmony that uses accessibility features. This is used to notify you when another user opens a file that you're in, updates your document to the latest version when someone else makes a change to it, etc.

There is no excuse for dropbox to re-add itself, especially after you removed the application. They are hacking users and hurting them.

Exactly! When the user removes the permission, DB should at least ask for it again.  And if it's not given (which you can only do on first install or by following the instructions of the author of the post), DB shouldn't be asking for it every time the system reboots, specially when everything works just fine without those permissions.

Looking forward for this "feature" to be removed in the near future.  In the meantime my files go somewhere else.

I've never heard of Project Harmony and don't use integration with MS Office, so I guess that's why I haven't had a problem.

I see that Dropbox has created a help article about this. Still, the approach doesn't sit well with me. I can understand that certain elevated permissions are required for some features. Dropbox is the kind of tool that needs to be integrated into the OS to provide all of the capabilities that it does. The way it goes about this is what concerns me.

It needs to be clearer about what it needs permissions for. For example, I don't recall seeing any notice that the app would automatically update itself. Every other app I use that has an autoupdate function (including macOS) asks if I want auto updates. There are very good reasons to give the user control over this function (being on a low bandwidth connection, needing to test software changes before using them in production, etc.). Also, if accessibility is only required for MS Office integration, ask if I want to use it rather than installing it and changing accessibility settings. There could be very good reasons why I wouldn't want the integration.

Dropbox also should not give itself the ability to make changes to the system that require elevated privileges without prompting. If I remove a feature like accessibility, Dropbox should not add it back without asking permission. What if a hacker figures out how to hack the Dropbox client into letting malware have the same privileges? This may be a very rare scenario, but how do the ease of use benefits outweigh the security needs? If Dropbox needs access that I took away, it can detect it and prompt me to allow it again, warning me what will break and, if appropriate, letting me keep it off permanently.

https://techcrunch.com/2016/09/09/dropbox-responds-to-accusations-its-mac-desktop-client-hacks-os-x-security/

https://www.engadget.com/2016/09/10/dropbox-addresses-mac-app-security/

http://www.macrumors.com/2016/09/12/dropbox-responds-to-mac-security-risk-accusations/

I don't have Office.  And even if I did, I wouldn't care about the integration.  Dropbox should prompt users specifically for the office integration bit, and if they consent should then do the admin prompt and set up the Accessibility insertion.  I still think it's a bad idea, but there's no better solution for cross-app control like that.

At the very least, Dropbox should absolutely not be so pernicious about virally restoring its Accessibility permissions.  Like… literally checksumming the SQL injection executable and overwriting it on startup is insane.  The only way that executable could get overwritten (but not removed) to something other than the what Dropbox created is if a user is actively trying to prevent Dropbox from doing its Accessibility tricks.

I would be a lot more OK with this situation if it were possible to opt out as a user without generating admin prompts every time I start Dropbox.  I mean, it's still a massive breach of user trust, but at least it would be a tenable situation.  But as things are…  Dropbox is basically acting as a virus which hasn't yet done anything with its control of my computer.

"Trust is the foundation of our relationship with hundreds of millions of people and businesses around the world."

https://blogs.dropbox.com/dropbox/2016/06/transparency-report-jul-dec-2015/ 

I would like a statement from Dropbox CEO accepting how seriously this behaviour is a betrayal of trust, explaining how Dropbox came to decide that this working in this way was acceptable, and what changes are going to be made to stop similar choices being made in the future.

My reaosns for this are actually true because..:

(a on one hand while the dialg asking for authentication "could" be fake, Apple takes a different view, saying this just cannot happen..

(b many app apps for authentication. not just dropbox as valid reason

and

c) The fact dropbox appears in accessibility, puts the fear into everyone thinks the whole thing its a phish attempt..

oh ya ..and

(d the dialog is miss-leading... (you can argue this for anything)