The Apple API reports a misleading value. However, the ugly hack in my bug report DOES accurately report the true value regarding whether the application can read a file or not. It does this by physically reading the first byte of the file and using try...except to detect a failure. If this hack replaced LazFileUtils FileIsReadable() for MacOS, it would support the write-once compile anywhere nature of Lazarus, with projects that use FileIsReadable accurately detecting that a file could not be read.
Here is the ugly hack:
function IsReadable(fnm: string): boolean;
var
f: file;
b: byte;
begin
result := false;
if not fileexists(fnm) then exit;
if FileUtil.FileSize(fnm) < 1 then exit;
AssignFile(f, fnm);
{$I+}
try
FileMode := fmOpenRead; //Set file access to read only
Reset(f, 1);
if ioresult <> 0 then
exit;
b := 0;
BlockRead(f, b, sizeof(b));
CloseFile(f);
result := true;
except
result := false;
end;
if result then exit;
writeln('Unable to read file (not in sandbox?): '+fnm);
end;