Skip to content

App can’t be opened because the identity of the developer cannot be confirmed

Policy Settings can prevent the execution of unsigned binaries.

MacOS can be set to prevent the execution of unsigned binaries. This is done by pushing a security policy to the system, which is then enforced by the SecAssessment subsystem.

Of course, you can still install XCode and compile binaries locally, and even execute them. You can also code in interpreted languages such as the local Python, and call system functions from there, so the policy is only of very limited use in locking down the system.

Adium download is unsigned

So while the security value of that policy guideline is extremely questionable, the annoyance factor is quite high.

With Sudo

Turns out, with sudo you can simply disable the security policy engine.

In a terminal, “man spctl” to read up on the spctl control program for the security policy engine.

Then run “sudo spctl –master-disable” to turn it off.

Without Sudo

Turns out, without sudo it is even simpler. Checking a files signature is expensive, and checking the signature of a large application that contains very many files is even more expensive. Which is why MacOS is marking files as to-be-checked on download,  and then checking the file once when executing them for the first time.

Unmarking the file will prevent the Security Policy engine from engaging in the first place.

So, downloading a binary to your Mac with a browser will set the “com.apple.quarantine” xattr to the file. You can “xattr Adium.app” to see the keys, and “xattr -p com.apple.quarantine Adium.app” to see the value of the quarantine key.

Simply running “xattr -d com.apple.quarantine Adium.app” without any privilege will remove the Quarantine xattr and the check will never been done.

Or you are downloading the file using wget, curl or the requests library in the local system python. None of these will ever set that xattr in the first place.

Published inAppleHackerterrorcybercyber

9 Comments

  1. Rainer Peter Feller

    Security by obscurity.
    On the long term, never turns out as secure.

  2. Ingo Schildmann

    I think the idea is just to prevent that your computer-half-illiterate relative installs malware by accident and not by intention.

  3. Peter

    You forget it’s Apple not Linux, just right click file, select open, a “are you sure” question appears, confirm, finished and file opens…

  4. Peter

    I had the same warning with Adium.app
    Right click workaround solved it. Maybe you hardenend your Mac. I use it mostly like it was out of the box.

    • Peter

      btw I have the second option in security preferences selected: app store and certified developers

  5. dwayne

    worked like a charm

Leave a Reply

Your email address will not be published. Required fields are marked *