New in OS X: Get MacRumors Push Notifications on your Mac

Resubscribe Now Close

Gatekeeper Already Present in OS X 10.7.3, Available for Developer Testing

With developers needing to prepare for Apple's new Gatekeeper feature in OS X 10.8 Mountain Lion, Apple has revealed that the functionality is already baked into OS X 10.7.3 but hidden by default. Apple has instructed developers that they can enable Gatekeeper on OS X 10.7.3 from the command line in order to test the functionality.
Mac OS X users will soon have the option of turning on Gatekeeper, a new Mac OS X security feature. When a user does this, the system provides an additional measure of safety: it blocks that user from opening newly-downloaded applications that are not Developer ID–signed. In this scenario, the same user is easily able to launch downloaded applications that are Developer ID–signed.

By default, Gatekeeper is not enabled in Mac OS X v10.7.3. For testing purposes, you can turn it on by using the new Mac OS X system policy control command-line tool, spctl(8).
Running the command "sudo spctl --enable" in Terminal will enable Gatekeeper on OS X 10.7.3, and the system can be turned off by replacing "enable" with "disable". With the system enabled, developers can then test how their applications will behave on systems using Gatekeeper.


Warning for non-signed application download with Gatekeeper activated on OS X 10.7.3

Regular users obviously would have little use for activating Gatekeeper on their Lion systems at the present time, as developers have not yet had a chance to begin distributing updated versions of their applications integrating the new Developer-ID functionality. But its inclusion in OS X 10.7.3 is an interesting tidbit that will help developers test their applications with the new program and explains why the new Xcode 4.3 that supports Developer-ID requires OS X 10.7.3.

In another sign of Apple's desire to quickly implement Gatekeeper, Panic's Cabel Sasser notes that Apple contacted select developers last week to invite them to learn more about the feature.

Top Rated Comments

(View all)

35 months ago
Wow! MacRumors sure bears its name today!

Me love it!
Rating: 17 Votes
35 months ago

This is ridiculous. An obvious money grabbing attempt by making users (by default) go through their App Store to get their software and system updates.


It looks really difficult to turn gatekeeper off too :rolleyes:
Rating: 15 Votes
35 months ago

Wait, how is this going to work with open-source stuff that you compile yourself?


You turn off Gate Keeper.

But, the software may not be safe. It may trash your hard disk and steal your girlfriend. :D
Rating: 11 Votes
35 months ago

Wow! MacRumors sure bears its name today!

Me love it!


Aye, poor Eric is working overtime today!
Rating: 8 Votes
35 months ago

I like the idea. Apple is preparing for the Windows style virus that are slowing starting to arise.


Virus =/= malware
Rating: 8 Votes
35 months ago
"You should move it to the Trash". Wow, that's a bit harsh. Should I also piss on it and kick it first?
Rating: 7 Votes
35 months ago
Wait, how is this going to work with open-source stuff that you compile yourself?

Then again, advanced users might not need Gatekeeper. I'd like an option to just have it quickly inform me that it is not signed but open it and not prompt me to allow or disallow it to open.
Rating: 6 Votes
35 months ago

If you're distributing open source software to consumers, the majority of which don't even know System Preferences exists, how the **** do you expect them to know how to disable Gate Keeper?


Consumers don't use open-source software (excluding open-source projects that have native Mac versions)...
Rating: 6 Votes
35 months ago

They already said they will be free


So I guess I don't understand the furor about this then. The default setting will allow signed apps without issue, and basically everyone here acknowledges that inexperienced users are not going to mess with the default. The certs will be free, so anyone can get them. Other than a dev taking the time to get a cert, how will this impede anything?
Rating: 6 Votes
35 months ago

This is ridiculous. An obvious money grabbing attempt by making users (by default) go through their App Store to get their software and system updates.


I don't get why you wouldn't buy your app from the app store if its there?
Rating: 6 Votes

[ Read All Comments ]