diff --git a/.changes/check-permission-on-macos.md b/.changes/check-permission-on-macos.md
new file mode 100644
index 000000000000..f6017de6d929
--- /dev/null
+++ b/.changes/check-permission-on-macos.md
@@ -0,0 +1,5 @@
+---
+"tauri": "patch:bug"
+---
+
+Fix check temporary path permission on macos.
diff --git a/core/tauri/src/api/path.rs b/core/tauri/src/api/path.rs
index 7edd76c3e049..fd7f895e2d95 100644
--- a/core/tauri/src/api/path.rs
+++ b/core/tauri/src/api/path.rs
@@ -293,7 +293,7 @@ pub fn resolve_path<P: AsRef<Path>>(
       BaseDirectory::App => app_config_dir(config),
       #[allow(deprecated)]
       BaseDirectory::Log => app_log_dir(config),
-      BaseDirectory::Temp => Some(temp_dir()),
+      BaseDirectory::Temp => temp_dir().canonicalize().ok(),
       BaseDirectory::AppConfig => app_config_dir(config),
       BaseDirectory::AppData => app_data_dir(config),
       BaseDirectory::AppLocalData => app_local_data_dir(config),
diff --git a/core/tauri/src/endpoints/operating_system.rs b/core/tauri/src/endpoints/operating_system.rs
index 61b11d457232..365cb4059e76 100644
--- a/core/tauri/src/endpoints/operating_system.rs
+++ b/core/tauri/src/endpoints/operating_system.rs
@@ -42,7 +42,7 @@ impl Cmd {
   }
 
   fn tempdir<R: Runtime>(_context: InvokeContext<R>) -> super::Result<PathBuf> {
-    Ok(std::env::temp_dir())
+    Ok(std::env::temp_dir().canonicalize()?)
   }
 
   fn locale<R: Runtime>(_context: InvokeContext<R>) -> super::Result<Option<String>> {
diff --git a/core/tauri/src/scope/fs.rs b/core/tauri/src/scope/fs.rs
index 52bf2d23e380..8b952ba87e5c 100644
--- a/core/tauri/src/scope/fs.rs
+++ b/core/tauri/src/scope/fs.rs
@@ -391,4 +391,27 @@ mod tests {
       assert!(scope.is_allowed("C:\\home\\tauri\\anyfile"));
     }
   }
+
+  #[cfg(unix)]
+  #[test]
+  fn check_temp_dir() {
+    use std::{
+      env::temp_dir,
+      fs::{remove_file, write},
+    };
+
+    let scope = new_scope();
+    scope.allow_directory(temp_dir().canonicalize().unwrap(), true).unwrap();
+
+    let test_temp_file = temp_dir().canonicalize().unwrap().join("tauri_test_file");
+    if test_temp_file.exists() {
+      remove_file(test_temp_file.clone()).unwrap();
+    }
+
+    assert!(scope.is_allowed(test_temp_file.clone()));
+
+    write(test_temp_file.clone(), ".").unwrap();
+
+    assert!(scope.is_allowed(test_temp_file.clone()));
+  }
 }