We need to scan newly created or modified files for malware. To achieve this, we added a plist file in the /Library/LaunchDaemons directory and intended to use a daemon process to perform the scans. However, we have encountered an issue where the daemon process cannot access files within Home subfolders such as ~/Downloads/ and ~/Documents/.
When running the process as a user, it fails to scan some files due to lack of read permissions. Conversely, when running the process as root, it cannot scan files in the Home subfolders due to privacy restrictions.
Could you please advise on the best approach to achieve this configuration?