macOS handles some security items in a custom database, which may or may not be SQLite. The official way to interact with such database, outside of Objective-C, is the
/usr/bin/security utility, with the parameter
authorizationdb and specifying the required operation on the class of rights, e.g.
security authorizationdb read system.login.console
Unfortunately, there is no way (that I could find) to simply list all classes. I was trying to uninstall something that might have had references in that db, but I wasn't sure about the class it might be registered under, so I wanted to dump them all.
Luckily I found what looks looks like a comprehensive list of rights. After a quick scraping job with Python, I had a list that I could use like this:
cat osxrights.txt | xargs -I % sh -c 'sudo security authorizationdb read %' | grep -B 10 myAnnoyingItemToRemove
... and the bundle wasn't anywhere, so I could just chuck it.
(Note: had the item been found, I would have had to dump the whole security class to a .plist file with
security authorizationdb read the.class > my.plist , edited the file to remove it, then write it back to the db with
security authorizationdb write the.class < my.plist )