INSTALLING AND USING properly signed apps has barely changed in Mountain Lion if you
leave Gatekeeper’s security setting at the default that is, to trust apps from
the App Store and others that are correctly signed. Those that you obtain from
the App Store install without any further ado and run straight off. Installers
and packages downloaded from other sites do undergo proper checking by
Gatekeeper. To get past those checks, the developer needs to have signed both
the download and the app within it. When you try to install the app, Gatekeeper
checks the installation signature, and if that’s acceptable, lets you install
it as normal. The first time you run the app, when it’s still in quarantine,
Gatekeeper checks its code signature when you’ve confirmed in the usual alert
that you do want to run the app. If everything’s in order, the app is brought
out of quarantine so it won’t undergo such checks again.
Gatekeeper for Mac OS X Mountain Lion.
These checks only apply to installation
packages and the apps within them that have been downloaded from the internet,
as that origin marks them out and puts them in quarantine. Although almost
every app and tool you can down-load from the internet works with Gatekeeper, a
few less widely used tools such as curl can bypass it. Installers, packages and
apps that arrive on your Mac from other sources such as optical media, USB
memory sticks and copied across your network, don’t pass into quarantine,
either. However, if the files they contain were marked as being in quarantine
and the transfer preserves that information, they’ll still be subject to
Gatekeeper’s checks when you first open them. Some media such as memory sticks
may not normally preserve quarantine flags.
Unsigned is untrusted
THE MOST COMMON problem that you may encounter with Gatekeeper is that of the
unsigned download and unsigned app within. If you have changed your Gatekeeper
security setting in the Security pane to allow all apps to be run, then you
should still see the normal warnings that have resulted from opening
quarantined items since OS X 10.5. However, you can click straight through
those and the app will install and run with no more than a further warning.
Gatekeeper
setting
With your Gatekeeper settings left at their
default, missing code signatures from an item in quarantine will be intercepted
by Gatekeeper. Double-click the app, for instance, and you’ll be politely
informed that it can’t be opened. You should now think carefully whether you do
really want to trust this app: if you’re confident that its missing code
signature is acceptable and doesn’t indicate that it could be malware, you can
select the app icon in the Finder, open the contextual menu by right- or
Ctrl-clicking and holding, and choose the Open command in that. Gatekeeper will
offer you one last warning alert, but within that you’ll now be offered the
option to open the app. Once you’ve done so, it will come out of quarantine and
can then be started normally as if it were signed.
If there’s a problem with a code signature
perhaps that developer is no longer trusted by Apple, the signature has been
stolen from another app or the integrity of the contents of the app are in
doubt Gatekeeper offers no option to open the app regardless. You should remove
the app immediately and treat it as malware. It’s possible that your download
became corrupted, but that’s an issue that you should report to the developer
as quickly as possible.
