Apple will make bypassing Gatekeeper’s runtime protection harder in macOS Sequoia by doing away with a handy shortcut that allows Mac users to avoid security restrictions for software that doesn’t come from the App Store.
The company announced this change Tuesday following the release of macOS Sequoia public beta 3.
macOS Sequoia will no longer let you Ctrl-Click to override Gatekeeper
Apple allows you to run apps that the company has not notarized on your Mac. The same applies for unsigned apps from third-party developers. These methods are used by developers who don’t distribute their Mac apps through the App Store. However, trying to open such apps will throw some security warnings from Gatekeeper, the Mac’s built-in system for protecting users from malicious apps developed by third parties. In macOS Sonoma, users intent on bypassing Gatekeeper’s protections can bypass them by Ctrl-clicking an app’s DMG file.
That will change in macOS Sequoia, which should arrive this fall, because Apple eliminated the handy shortcut. You still will be able to run non-notarized apps. But to do so, you must head into System Settings > Privacy & Security and review the additional security information before granting the app the necessary permission to run.
Developers should notarize their apps to prevent Gatekeeper problems
macOS Sequoia, which Apple showcased at WWDC24 in June, handled non-notarized and unsigned apps this way from the start. (Apple released the first public beta of macOS Sequoia in July. Here’s how to get it.)
However, Apple just made this new macOS Sequoia security feature official. In an announcement on the Apple Developer portal, the company recommends that developers sign their apps with their Developer ID so users will know the software comes from a trusted developer. For an extra measure of assurance, Apple recommends developers notarize their apps for distribution outside the App Store.
“The Apple notary service automatically scans your Developer ID-signed software and performs security checks,” says Apple. “When your software is ready for distribution, it’s assigned a ticket to let Gatekeeper know it’s been notarized so customers can run it with confidence.” This ensures that Gatekeeper won’t block notarized app from running.
Admittedly, this change should only affect pro Mac users. Typical Mac users are not widely aware of the Ctrl-Click shortcut to bypass Gatekeeper, so they are unlikely to notice its removal in macOS Sequoia. With the shortcut removed, installing third-party, non-notarized apps will take a few extra clicks.
