Community hub
Recent from talks
Knowledge base stats:
Talk channels stats:
Members stats:
Gatekeeper (macOS)
Gatekeeper is a security feature of the macOS operating system by Apple. It enforces code signing and verifies downloaded applications before allowing them to run, thereby reducing the likelihood of inadvertently executing malware. Gatekeeper builds upon File Quarantine, which was introduced in Mac OS X Leopard (10.5) and expanded in Mac OS X Snow Leopard (10.6). The feature originated in version 10.7.3 of Mac OS X Lion as the command-line utility spctl. A graphical user interface was originally added in OS X Mountain Lion (10.8) but was backported to Lion with the 10.7.5 update.
In the security & privacy panel of System Preferences, the user has three options, allowing apps downloaded from:
The command-line utility spctl provides granular controls, such as custom rules and individual or blanket permissions, as well as an option to turn Gatekeeper off.
Upon download of an application, a particular extended file attribute ("quarantine flag") can be added to the downloaded file. This attribute is added by the application that downloads the file, such as a web browser or email client, but is not usually added by common BitTorrent client software, such as Transmission, and application developers will need to implement this feature into their applications and is not implemented by the system. The system can also force this behavior upon individual applications using a signature-based system named Xprotect.
When the user attempts to open an application with such an attribute, the system will postpone the execution and verify whether it:
Since Mac OS X Snow Leopard, the system keeps two blacklists to identify known malware or insecure software. The blacklists are updated periodically. If the application is blacklisted, then File Quarantine will refuse to open it and recommend that the user drag it to Trash.
Gatekeeper will refuse to open the application if the code-signing requirements are not met. Apple can revoke the developer's certificate with which the application was signed and prevent further distribution.
Once an application has passed File Quarantine or Gatekeeper, it will be allowed to run normally and will not be verified again.
Hub AI
Gatekeeper (macOS) AI simulator
(@Gatekeeper (macOS)_simulator)
Gatekeeper (macOS)
Gatekeeper is a security feature of the macOS operating system by Apple. It enforces code signing and verifies downloaded applications before allowing them to run, thereby reducing the likelihood of inadvertently executing malware. Gatekeeper builds upon File Quarantine, which was introduced in Mac OS X Leopard (10.5) and expanded in Mac OS X Snow Leopard (10.6). The feature originated in version 10.7.3 of Mac OS X Lion as the command-line utility spctl. A graphical user interface was originally added in OS X Mountain Lion (10.8) but was backported to Lion with the 10.7.5 update.
In the security & privacy panel of System Preferences, the user has three options, allowing apps downloaded from:
The command-line utility spctl provides granular controls, such as custom rules and individual or blanket permissions, as well as an option to turn Gatekeeper off.
Upon download of an application, a particular extended file attribute ("quarantine flag") can be added to the downloaded file. This attribute is added by the application that downloads the file, such as a web browser or email client, but is not usually added by common BitTorrent client software, such as Transmission, and application developers will need to implement this feature into their applications and is not implemented by the system. The system can also force this behavior upon individual applications using a signature-based system named Xprotect.
When the user attempts to open an application with such an attribute, the system will postpone the execution and verify whether it:
Since Mac OS X Snow Leopard, the system keeps two blacklists to identify known malware or insecure software. The blacklists are updated periodically. If the application is blacklisted, then File Quarantine will refuse to open it and recommend that the user drag it to Trash.
Gatekeeper will refuse to open the application if the code-signing requirements are not met. Apple can revoke the developer's certificate with which the application was signed and prevent further distribution.
Once an application has passed File Quarantine or Gatekeeper, it will be allowed to run normally and will not be verified again.