Gatekeeper Already Present in OS X 10.7.3, Available for Developer Testing

With developers needing to prepare for Apple's new Gatekeeper feature in OS X 10.8 Mountain Lion, Apple has revealed that the functionality is already baked into OS X 10.7.3 but hidden by default. Apple has instructed developers that they can enable Gatekeeper on OS X 10.7.3 from the command line in order to test the functionality.

Mac OS X users will soon have the option of turning on Gatekeeper, a new Mac OS X security feature. When a user does this, the system provides an additional measure of safety: it blocks that user from opening newly-downloaded applications that are not Developer ID–signed. In this scenario, the same user is easily able to launch downloaded applications that are Developer ID–signed.

By default, Gatekeeper is not enabled in Mac OS X v10.7.3. For testing purposes, you can turn it on by using the new Mac OS X system policy control command-line tool, spctl(8).

Running the command "sudo spctl --enable" in Terminal will enable Gatekeeper on OS X 10.7.3, and the system can be turned off by replacing "enable" with "disable". With the system enabled, developers can then test how their applications will behave on systems using Gatekeeper.


Warning for non-signed application download with Gatekeeper activated on OS X 10.7.3
Regular users obviously would have little use for activating Gatekeeper on their Lion systems at the present time, as developers have not yet had a chance to begin distributing updated versions of their applications integrating the new Developer-ID functionality. But its inclusion in OS X 10.7.3 is an interesting tidbit that will help developers test their applications with the new program and explains why the new Xcode 4.3 that supports Developer-ID requires OS X 10.7.3.

In another sign of Apple's desire to quickly implement Gatekeeper, Panic's Cabel Sasser notes that Apple contacted select developers last week to invite them to learn more about the feature.