diff --git a/content/posts/macos/Security Features of macOS b/content/posts/macos/Security Features of macOS index 9a08369..2511508 100644 --- a/content/posts/macos/Security Features of macOS +++ b/content/posts/macos/Security Features of macOS @@ -42,4 +42,10 @@ Check if an app is using the Hardened Runtime before running it with the command codesign --display --verbose /path/to/bundle.app ``` -You will see `flags=0x10000(runtime)` if it's enabled. \ No newline at end of file +You will see `flags=0x10000(runtime)` if it's enabled. + +## Gatekeeper + +[Gatekeeper](https://support.apple.com/guide/security/gatekeeper-and-runtime-protection-sec5599b66df/web) stops you from running apps that aren't notarized. Notarization is a process by which app developers submit their app to Apple to scan for malware and ensure it meets certain requirements. Among these are that it is signed with a key provided by Apple to the developer and that the Hardened Runtime is enabled. It's also scanned for malware. Gatekeeper also prevents the loading of unwanted plugins with benign apps by opening apps from randomized, read-only locations. + +While the Gatekeeper warning can be easily bypassed by control + clicking on the app and clicking open, it's useful since it presents an unavoidable warning when you try to run an app for the first time that's not downloaded from the App Store. \ No newline at end of file