diff --git a/safesocket/safesocket_darwin.go b/safesocket/safesocket_darwin.go
index fbcd7aaa6..f6e46bc50 100644
--- a/safesocket/safesocket_darwin.go
+++ b/safesocket/safesocket_darwin.go
@@ -37,14 +37,16 @@ type safesocketDarwin struct {
 	sameuserproofFD *os.File // file descriptor for macos app store sameuserproof file
 	sharedDir       string   // shared directory for location of sameuserproof file
 
-	checkConn   bool        // Check macsys safesocket port before returning it
-	isMacSysExt func() bool // For testing only to force macsys
+	checkConn        bool        // Check macsys safesocket port before returning it
+	isMacSysExt      func() bool // For testing only to force macsys
+	isSandboxedMacos func() bool // For testing only to force macOS sandbox
 }
 
 var ssd = safesocketDarwin{
-	isMacSysExt: version.IsMacSysExt,
-	checkConn:   true,
-	sharedDir:   "/Library/Tailscale",
+	isMacSysExt:      version.IsMacSysExt,
+	isSandboxedMacos: version.IsSandboxedMacOS,
+	checkConn:        true,
+	sharedDir:        "/Library/Tailscale",
 }
 
 // There are three ways a Darwin binary can be run: as the Mac App Store (macOS)
@@ -66,6 +68,10 @@ func localTCPPortAndTokenDarwin() (port int, token string, err error) {
 	ssd.mu.Lock()
 	defer ssd.mu.Unlock()
 
+	if !ssd.isSandboxedMacos() {
+		return 0, "", ErrNoTokenOnOS
+	}
+
 	if ssd.port != 0 && ssd.token != "" {
 		return ssd.port, ssd.token, nil
 	}
diff --git a/safesocket/safesocket_darwin_test.go b/safesocket/safesocket_darwin_test.go
index 80f0dcddd..465ac0b68 100644
--- a/safesocket/safesocket_darwin_test.go
+++ b/safesocket/safesocket_darwin_test.go
@@ -17,6 +17,7 @@ import (
 func TestSetCredentials(t *testing.T) {
 	wantPort := 123
 	wantToken := "token"
+	tstest.Replace(t, &ssd.isSandboxedMacos, func() bool { return true })
 	SetCredentials(wantToken, wantPort)
 
 	gotPort, gotToken, err := LocalTCPPortAndToken()
@@ -37,6 +38,8 @@ func TestSetCredentials(t *testing.T) {
 // returns a listener and a non-zero port and non-empty token.
 func TestInitListenerDarwin(t *testing.T) {
 	temp := t.TempDir()
+	tstest.Replace(t, &ssd.isSandboxedMacos, func() bool { return true })
+
 	ln, err := InitListenerDarwin(temp)
 	if err != nil || ln == nil {
 		t.Fatalf("InitListenerDarwin failed: %v", err)