During Apple’s WWDC 2016 session What’s New in Security, the company shared two interesting changes to the way Gatekeeper works in macOS Sierra – one visible, one not.


The visible one, seen above, is that there’s no longer an immediately obvious way to allow unsigned apps to open. The System Preferences pane now limits you to two options, App Store and App store plus identified developers.

This doesn’t mean that you’re left out in the cold if you really need to open an unsigned app, though. There is still an option to open it anyway – you just can’t allow it universally any more. To open an unsigned app, just right-click the app and select Open.

The second change is invisible to users, but limits the damage that can be done by a rogue app. Although unsigned apps will still appear to be stored in the Applications folder, macOS 10.12 actually stores them in a randomized location on your drive. This prevents repackaging attacks, where one app pretends to be another one, because the rogue app won’t be able to access the resources belonging to the real one.

This is likely in response to the Gatekeeper vulnerability discovered by a security researcher last year and only partially-fixed earlier this year.


And on a related note, apps that are distributed outside of the Mac App Store in Sierra will be able to access iCloud features. That means developers distributing apps outside of the Mac App Store can now include things like iCloud Drive support, keychain, push notifications, MapKit and VPN entitlements.

About the Author

Ben Lovejoy's favorite gear