macOS 15 Sequoia makes you jump through more hoops to disable Gatekeeper app checks

CONTINUA APÓS A PUBLICIDADE

The Mac's Gatekeeper feature has been pushing developers to digitally sign their apps since it was introduced in 2012.
Enlarge / The Mac’s Gatekeeper feature has been pushing developers to digitally sign their apps since it was introduced in 2012.

Apple/Andrew Cunningham

CONTINUA APÓS A PUBLICIDADE

It has always been easier to run third-party software on a Mac than on an iPhone or iPad. Despite the introduction of the Mac App Store a couple of years after the iPhone’s App Store opened, it has always been possible to download and run third-party scripts and software on your Mac from anywhere. It’s one reason why the iPhone and iPad are subject to new EU regulations about software sideloading and third-party app stores, while the Mac isn’t.

That’s not changing in macOS 15 Sequoia, the new version of macOS that’s due to be released to the public this fall. But it is about to get more annoying for some apps, according to a note added to Apple’s developer site yesterday.

“In macOS Sequoia, users will no longer be able to Control-click to override Gatekeeper when opening software that isn’t signed correctly or notarized,” the brief note reads. “They’ll need to visit System Settings > Privacy & Security to review security information for software before allowing it to run.”

Users (including me) had noticed this behavior in early macOS Sequoia betas, but this note confirms that the change was made on purpose and that the software is working as intended.

What’s changing and what isn’t

To understand what’s changing, it’s helpful to understand how macOS handles third-party apps. Though software can be downloaded and run in macOS from everywhere, Apple does encourage developers to digitally sign their software and send it to Apple for notarization, which Apple describes as “an automated system that scans your software for malicious content, checks for code-signing issues, and returns the results to you quickly.” Notably, it is not the same as the app review process in Apple’s App Stores, where humans check submitted apps and can refuse to distribute them if they run afoul of Apple’s rules.

Notarization does come with benefits for users—users can be sure that the apps haven’t been tampered with and can run them with minimal hassle from Gatekeeper, macOS’ app-screening security feature. But it creates an extra step for developers and requires the use of a $100-a-year paid Apple Developer account, something that may not be worth the cost for hobby projects or open source projects that don’t generate much (or any) income for their contributors.

Unsigned, non-notarized software will refuse to run in current macOS versions, but it has always been possible to right-click or control-click the app or script you want to run, and then click Open, which exposes an “open anyway” option in a dialog box that lets you launch the software anyway. Once you’ve made an exception for an app, you can run it like you would any other app, unless the software is updated or changes in some way.

The section of the Settings app where you'll need to go in macOS Sequoia to allow unsigned apps to run.
Enlarge / The section of the Settings app where you’ll need to go in macOS Sequoia to allow unsigned apps to run.

Andrew Cunningham

Which gets us to what Sequoia changes. The right-click/control-click option for easily opening unsigned apps is no longer available. Users who want to open unsigned software will now need to go the long way around to do it: first, try to launch the app, and dismiss the dialog box telling you that it can’t be opened. Then, open Settings, go to the Privacy & Security screen, scroll all the way to the bottom to get to the Security section, and click the Open Anyway button that appears for the last unsigned app you tried to run.

This has always been an option for skirting around Gatekeeper, going all the way back to the days when Settings was still System Preferences (and when Apple would let you disable Gatekeeper’s checks entirely, something it removed in 2016). But it takes so much more time that I never actually did it that way once I discovered the right-click trick. Now doing it the long way is mandatory.

I don’t want to oversell how disruptive this is—generally once you allow an app to run the first time, you don’t have to think about it again unless the app is updated or otherwise modified or tampered with. Apple isn’t allowing or disallowing any new behavior in macOS. Popular apps from major developers do tend to be notarized, rendering this change irrelevant. And if this change pushes more developers to sign and notarize their apps, that is arguably a win for user security and convenience.

But for most people most of the time, it’s just going to make a minor annoyance into a medium-size annoyance. And among the conspiratorially minded, it’s going to reignite 12-year-old anxieties about Apple locking macOS down to the same degree that it already locks down iOS and iPadOS.

The macOS 15 Sequoia update is currently available to developers and the general public as a beta, if you’ve signed up for either of Apple’s beta programs. An early iteration of the 15.1 update with some Apple Intelligence generative AI features enabled is also available to developers with Apple Silicon Macs.