search

Swiss-Mac-User / macOS-scripted-setup

A scripted macOS setup for automatic User configurations and App installations.
https://swissmacuser.ch/macos-scripted-setup-automate-user-settings-app-installations/?utm_source=github&utm_medium=macOS-scripted-setup
MIT License
49 stars 6 forks source link

[Known issue] «App is damaged and can’t be opened» error when opening downloaded Apps #4

Open Swiss-Mac-User opened 1 year ago

Swiss-Mac-User commented 1 year ago

Some Applications downloaded by the script and using curl will, when trying to be (automatically) be opened, show the warning:

«App is damaged and can’t be opened. You should move it to the bin.»

image

Root cause

macOS security (Gatekeeper) quarantines some Apps, in order to attempt to limit software to the Mac App Store - plus System Integrity Protection is preventing third-party apps from potentially tampering with sensitive parts of the system or injecting code into Apple apps like Finder and Safari.

Unfortunately, at least since macOS 13 Ventura (which tightens security and previous workarounds), my tests were all unsuccessful to programmatically remove the affected Apps out of the Gatekeeper quarantine: I tried removing xattr-attributes, temporarily disabling spctl, and assigning missing xattr-attributes about the downloaded datetime and source.

Hence I see this currently as a won't fix - unless someone finds a clever way how this protection could be circumvented.

Workaround

As the apps are downloaded via their official website, it's unlikely – but not guaranteed – they are expected to be non-malicious and a so called "false positive".

The Apps can be opened using the following manual steps:

  1. Right-click the Application and choose "Open"
  2. Confirm the additional warning shown

Affected applications

Affected applications are:

Not affected Apps seem to be: