[Macworld]

Post your comments for Mountain Lion: Hands on with Gatekeeper here

[hayesk]

So if I have a couple of old apps that are exceptions, I have to use the contextual menu to open them? What if I want to use a utility like Alfred, or open a document belonging to said application.

It'd be nice if GateKeeper could let a user maintain an exception list. I have lots of old apps that I need that may not get updated with certificates. GateKeeper could even warn me if the app has been modified. It doesn't need a certificate to do that.

[SuperMatt]

Hayesk, since the App will always open once you've opened it the first time, you will only need to do that special opening trick once. Then it seems like it will be automatically added to an exceptions list.

[meta]

"Combine this with the ease of overriding Gatekeeper by using the Open command and it's clear that Gatekeeper in Mountain Lion isn't intended to be some sort of high-security app lockdown"

Yeah, that'll be in the next OS X release.

[bastion]

 SuperMatt, on 16 February 2012 - 07:32 AM, said:

Hayesk, since the App will always open once you've opened it the first time, you will only need to do that special opening trick once. Then it seems like it will be automatically added to an exceptions list.

It's not that it's added to an exceptions list. It's that the quarantine flag is removed from the file. I'm not sure if the article was edited after Hayesk's question was posted, but it's noted there now that this mechanism only affects applications that have come into the system through some mechanism that applies that flag and only when that flag (which is cleared on first run as long as the program is on writable media) is set.

So if you've got something distributed on physical media it's exempt.
If you've got a program you built yourself it's exempt.
If you've got a pre-existing program acquired by any means which has been run already it's exempt.

On the other hand, if you download a read-only disk image and run the program from there instead of copying it to your drive you'll get prompted on every launch.

What this is actually doing is making the existing "first launch" warning for downloaded apps less onerous. You've now got the option of preemptively approving anything from someone who took 5 minutes to get a code signing certificate from Apple. Look for the vast majority of developers to get said certificate as soon as they can, which means you'll be prompted much less often which means you're less likely to develop the habit of reflexively clicking the Allow button every time the dialog shows up.

[jdb8167]

 meta, on 16 February 2012 - 07:47 AM, said:

"Combine this with the ease of overriding Gatekeeper by using the Open command and it's clear that Gatekeeper in Mountain Lion isn't intended to be some sort of high-security app lockdown"

Yeah, that'll be in the next OS X release.

Did you also say this before the release of Lion? Many did and they were all wrong just like you will be wrong about the next release. Apple needs to sell a general purpose computer or cede a large portion of the PC market to Windows and Linux. They won't do that. Locking down OS X so it can't run unapproved applications prevents a Mac from being a general purpose computer. The advantage that traditional PCs have is that they can handle situations that the designers haven't thought of. There are just too many of those to lock down the computer in a way that users would find acceptable. This is different than iOS devices which are much more targeted at specific functionality.

Apple needs developers. Developers do not take kindly to being told what they can and cannot run on their development PCs. Unless Apple wants to allow developers to develop for iOS with Windows or Linux, they won't completely lock down OS X. Options to prevent malware on the other hand are a great idea.

This post has been edited by jdb8167: 16 February 2012 - 08:58 AM

[RobLewis]

I'm wondering how this all relates to sandboxing apps, and especially if Apple is plotting to either eliminate AppleScript or scale back the things it's allowed to do. IMO, AppleScript (and Automator) are among the greatest and most underappreciated features of Mac OS, and any loss of capability for them would be a major negative.

[bastion]

 jdb8167, on 16 February 2012 - 08:56 AM, said:

 meta, on 16 February 2012 - 07:47 AM, said:

"Combine this with the ease of overriding Gatekeeper by using the Open command and it's clear that Gatekeeper in Mountain Lion isn't intended to be some sort of high-security app lockdown"

Yeah, that'll be in the next OS X release.

Did you also say this before the release of Lion? Many did and they were all wrong just like you will be wrong about the next release. Apple needs to sell a general purpose computer or cede a large portion of the PC market to Windows and Linux. They won't do that. Locking down OS X so it can't run unapproved applications prevents a Mac from being a general purpose computer. The advantage that traditional PCs have is that they can handle situations that the designers haven't thought of. There are just too many of those to lock down the computer in a way that users would find acceptable. This is different than iOS devices which are much more targeted at specific functionality.

Apple needs developers. Developers do not take kindly to being told what they can and cannot run on their development PCs. Unless Apple wants to allow developers to develop for iOS with Windows or Linux, they won't completely lock down OS X. Options to prevent malware on the other hand are a great idea.

It's worth noting in the context of this comment that Apple's been warning developers since before 10.5 was public that eventually codesigning might be mandatory. No developer who actually reads the OS release notes can claim to be caught unawares by stuff like this.

[bastion]

 RobLewis, on 16 February 2012 - 09:02 AM, said:

I'm wondering how this all relates to sandboxing apps, and especially if Apple is plotting to either eliminate AppleScript or scale back the things it's allowed to do. IMO, AppleScript (and Automator) are among the greatest and most underappreciated features of Mac OS, and any loss of capability for them would be a major negative.

This doesn't relate to sandboxing in the slightest. Completely independent mechanisms with completely different implications.

Sandboxing, for what it's worth, is still very much a work in progress. It's got a lot of omissions that effectively prevent it from being mandatory any time soon.

[meta]

 jdb8167, on 16 February 2012 - 08:56 AM, said:

Did you also say this before the release of Lion?

I said that Lion would be the last unlocked OS X release. It was. Mountain Lion is locked by default.

For now you can still remove the lock. And yes, I'm betting that option will be removed. They'll have a paid subscription to unlock your 2012 iOS X for development and allow you to run unsigned or self-signed binaries.

[tony_d]

"When you try to launch an app using this system, your Mac will check with Apple’s servers to see if the developer’s signature is current. But what it doesn’t seem to mean is that previously-installed malware will be wiped clean, because once an app passes File Quarantine and launches successfully for the first time, it’s basically escaped Apple’s screening system."

Just curious, what happens if you launch an app that you download but you're not connected to the web when you do it? Does it just open or does ML refuse to launch apps for the first time if there is no internet connection.

[bastion]

 meta, on 16 February 2012 - 10:12 AM, said:

 jdb8167, on 16 February 2012 - 08:56 AM, said:

Did you also say this before the release of Lion?

I said that Lion would be the last unlocked OS X release. It was. Mountain Lion is locked by default.

This is simply untrue; you haven't read carefully enough.

[dgp1]

 SuperMatt, on 16 February 2012 - 07:32 AM, said:

Hayesk, since the App will always open once you've opened it the first time, you will only need to do that special opening trick once. Then it seems like it will be automatically added to an exceptions list.

AND even then, you'll only even have to do it once if you just now freshly downloaded the app. Remember, this doesn't apply to any apps you already have on your system, or that you install from a source other than downloading them.

[dgp1]

 tony_d, on 16 February 2012 - 10:18 AM, said:

"When you try to launch an app using this system, your Mac will check with Apple’s servers to see if the developer’s signature is current. But what it doesn’t seem to mean is that previously-installed malware will be wiped clean, because once an app passes File Quarantine and launches successfully for the first time, it’s basically escaped Apple’s screening system."

Just curious, what happens if you launch an app that you download but you're not connected to the web when you do it? Does it just open or does ML refuse to launch apps for the first time if there is no internet connection.

I think that part is erroneous wording. The article already said that it updates a blacklist once a day. That means your Mac already has the ability to verify that (A.) the app hasn't been altered, and (B.) the developer key isn't on the blacklist it most recently downloaded. There is no "checking with Apple's servers" necessary. If they were querying a blacklist on Apple's server on each launch anyway, there would be zero need to keep and update that local blacklist.

There is no way that you'll be prevented from opening an app because you're not online.

This post has been edited by dgp1: 16 February 2012 - 01:37 PM