Non-clickbait title: "How Dropbox uses the root access that you give it during installation to give itself Accessibility authorization without triggering the usual popup".
replies(7):
If every app I installed did this then my mac is closer to getting hacked.
Anyway, Apps that asks for root password on installation always makes me cringe, e.g. they could turn on SSH and put a pubkey into authorized_keys, or they could upload SSH identity files. But I still proceed to enter my password.
You don't need root to do any of those things. If you're going to run the SSH server on port 22, sure, but it can be run on any port above 1024 by a regular user in user space.
If you're already running an SSH server, a non-root app can most likely edit your ~/.ssh/authorized_key file. It's just a regular file, nothing special about a malicious app adding an entry to it.
Think a NAT is going to save you? A malicious program can SSH out and create a reverse tunnel to circumvent it.
Short answer: running anything you don't know or trust is dangerous, root access just makes it more dangerous.
That file is -rw-r--r--, so only the owner or root can change it, unless I am misunderstanding you?