CLI on Sequoia via ssh - settings.json: operation not permitted

This can be worked around by granting full disk access to every terminal app (iTerm, Terminal, Visual Studio Code, etc)

I'm not sure there's a way around this. It's been like this for me (even without op completion zsh) with both iTerm2 and Terminal for a few macOS versions now. Full Disk Access will likely be needed depending on which directories need to be accessed.

I wish there was a way to make the access controls more flexible (e.g, grant specific applications access to specific directories.) Kind of off topic, but if you find a way to make this work better, please post an update.

I'm having a related problem with local terminals. I have op completion zsh in my profile, so every time I launch a terminal I get a "whatever.app would like to access data from other apps" message, and I assume the same would happen if I removed the op completion zsh line and then tried to use some other op command.

This can be worked around by granting full disk access to every terminal app (iTerm, Terminal, Visual Studio Code, etc), but it would be great not to need to disable the group container file sandbox.

This appears to be some security feature of Sequoia and not directly related to 1Password. I'm unable to access the files under ~/Library/Group\ Containers/2BUA8C4S2C.com.1password/ when logged in via ssh. 😞

Example:

```shell
head -2 ~/Library/Group\ Containers/2BUA8C4S2C.com.1password/Library/Application\ Support/1Password/Data/settings/settings.json
{
"version": 1,

❯ ssh localhost
Last login: Mon Nov 25 23:02:46 2024 from ::1

❯ head -2 ~/Library/Group\ Containers/2BUA8C4S2C.com.1password/Library/Application\ Support/1Password/Data/settings/settings.json

head: /Users/USER/Library/Group Containers/2BUA8C4S2C.com.1password/Library/Application Support/1Password/Data/settings/settings.json: Operation not permitted
```

Ugh. Anyone have a way to work around this?