I believe Zoom has a very iffy history on Mac's. In the early days it created a permanent background media server that was exploitable. It just kept running even after you'd quit the program itself.
I've got in to the habit of running Zoom sessions in a VM. And only in a VM (virtual machine).
Since then Mac's have got much more secure and require users to actively grant permission to access the file system. As you note.
I still avoid Zoom when ever possible.
There is one available in the App store, VM, that works very well. There is charge for it, but there's also a free version if you install it from the providers website.
UTM runs Linux very well indeed and I've used it for Alpine, Ubuntu and Fedora. I try to install as few as possible programs, even from the app store. If there something I really need that Apple doesn't provide I fire up a VM.
Even then I don't install Zoom, but run it from a sandboxed browser.
On a general note, I think a Raspberry Pi makes a very good companion machine for all those tasks that you might have to complete and helps in avoiding installing lots of software directly on your main devices. A VM and Raspeberry Pi make for a decent addition layer of security.
https://www.digitaltrends.com/computing ... e-for-mac/The exploit was discovered by Patrick Wardle
https://objective-see.org/about.htmlPatrick is a well know Mac security specialist
https://twitter.com/patrickwardleMine offer a privacy focused proxy server, VPN, meta search engine and very stripped down operating system to provide as flat attack service as possible. I even run chaff on occasion.
https://adnauseam.io/ and
https://www.trackmenot.io/ make for very noisy networks. Offering a level of obfuscation.
Personally, I loathe Zoom and Eventbrite.