macOS Gatekeeper Security
Cluster focuses on macOS security features like Gatekeeper, code signing requirements, and sandboxing that restrict running unsigned or third-party apps, debating user freedom versus protection from malware.
Activity Over Time
Top Contributors
Keywords
Sample Comments
It depends if you care about this: https://en.m.wikipedia.org/wiki/Gatekeeper_(macOS)
Not by default, not anymore. The developer has to check a box to allow it. If it’s not allowed, macOS won’t run it.
macOS presents a nice model where by default the computer is locked down but you can disable code signing checks to run 3rd party apps at your own risk.
This doesn't appear as true for the latest Apple Silicon macs. They are quite locked down by default
Bypassing Gatekeeper (the binary signing process in macOS) does not seem like a good idea when downloading apps off random websites.
Isn't Apple locking unsigned binaries from being run on macOS?
There is some sandboxing on Mac. For example, there is a bunch of permissions around Full Disk Access that prevents a rogue app from getting full access to all your files without your approval
macOS is trying to keep its systems safe. Can’t leave the back door open for few who were used to it.
This is slippery-slope fearmongeringApple has publicly said that macOS is unacceptably insecure because users have the option of running unapproved software (https://www.theverge.com/2021/5/19/22444353/mac-malware-not-...). It's not unreasonable to think that they'd be interested in
It's because macOS has security measures.