Gatekeeper Already Present in OS X 10.7.3, Available for Developer Testing
Mac OS X users will soon have the option of turning on Gatekeeper, a new Mac OS X security feature. When a user does this, the system provides an additional measure of safety: it blocks that user from opening newly-downloaded applications that are not Developer ID–signed. In this scenario, the same user is easily able to launch downloaded applications that are Developer ID–signed.Running the command "sudo spctl --enable" in Terminal will enable Gatekeeper on OS X 10.7.3, and the system can be turned off by replacing "enable" with "disable". With the system enabled, developers can then test how their applications will behave on systems using Gatekeeper.
By default, Gatekeeper is not enabled in Mac OS X v10.7.3. For testing purposes, you can turn it on by using the new Mac OS X system policy control command-line tool, spctl(8).
Warning for non-signed application download with Gatekeeper activated on OS X 10.7.3
Regular users obviously would have little use for activating Gatekeeper on their Lion systems at the present time, as developers have not yet had a chance to begin distributing updated versions of their applications integrating the new Developer-ID functionality. But its inclusion in OS X 10.7.3 is an interesting tidbit that will help developers test their applications with the new program and explains why the new Xcode 4.3 that supports Developer-ID requires OS X 10.7.3.
In another sign of Apple's desire to quickly implement Gatekeeper, Panic's Cabel Sasser notes that Apple contacted select developers last week to invite them to learn more about the feature.