Checking signatures, notarization, and 64-bit code on different items like apps, command tools, and Installer packages just got much simpler.
Its very convenient and quick to transfer files between Macs, but also sets the quarantine flag on everything it transfers. This can cause problems.
Yesterday, I explained how you can ensure that macOS 10.15 Catalina will open an app which doesn’t meet […]
Keep control over documents with quarantine flags to avoid bizarre security errors, using new versions of Pratique and Sandstrip.
How deeply does macOS check a signature? What are all the static code validation flags? Should my app leave macOS to perform signature checks?
How checks differ when an app is launched from a new path, and the effects of gross changes to the Resources folder, and small changes to code.
Why signature checks are so complex, and a walk through log entries of a notarized app launching normally in macOS 10.14.5.
Signature checks are complex. On first run with a quarantine flag, they include the contents of the Resources folder, but seldom do after that.
With recent privacy protection, notarization requirements, and extended checking of executable code, it’s getting more common for an app not to launch. What can you do when that happens?
Important changes for anyone distributing command tools in particular, and a good time to ensure you only ship signed and notarized apps if possible.