From 6eea838a89b475ebc5210ab9b845f24f073c92c7 Mon Sep 17 00:00:00 2001 From: kimg45 <138676274+kimg45@users.noreply.github.com> Date: Wed, 14 Aug 2024 14:39:41 -0500 Subject: [PATCH] add apps vs non apps --- content/posts/macos/macOS Security Overview.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/content/posts/macos/macOS Security Overview.md b/content/posts/macos/macOS Security Overview.md index ff1110b..5643227 100644 --- a/content/posts/macos/macOS Security Overview.md +++ b/content/posts/macos/macOS Security Overview.md @@ -59,6 +59,10 @@ You will see `flags=0x10000(runtime)` if it's enabled. While the Gatekeeper warning can be easily bypassed by control + clicking on the app and clicking open, it's useful since it presents an unavoidable warning when you try to run an app for the first time that's not downloaded from the App Store. +## Apps vs Other Executables + +Gatekeeper, the App Sandbox, and the Hardened Runtime only apply to apps and not other types of executable files, so when installing non-apps, you should be extremely careful. If possible, avoid installing non-app software altogether or install it in a virtual machine. + ## XProtect XProtect is the built-in antivirus software in macOS. Like all AV, it's a last line of defense after all others have been bypassed.