ISSCloud - Information Systems Solutions

EN
Linkedin Instagram Facebook Twitter
isscloud
Client Area

macOS security and com.apple.quarantine extended attribute

macOS security and com.apple.quarantine extended attribute

Apple offers one of the most advanced operating systems out there: macOS. With security and privacy in its core, it comes with a number of system protection services such as Gatekeeper runtime protection, the built-in System Integrity Protection (SIP), and others. While Apple Software, Apple installers and apps from the App Store are already cleared and work with these systems, other apps may not be so compliant.

It may happen on rare occasion when downloading bundled macOS apps from the internet, that when running the app for the first time it gets blocked and nothing happens. It may be so that it got the com.apple.quarantine extended attribute added to it for protection.

Applications blocked by having the com.apple.quarantine extended attribute may not show the “Allow” option on System Preferences > Privacy. Instead, they are silently blocked.

Checking for the com.apple.quarantine extended attribute:

To check if the application you’re trying to run is being blocked by this attribute, you should use the xattr command:

xattr /path/to/application.app

If the com.apple.quarantine extended attribute has been added, it will display when running the command:

user@host ~ % xattr /path/to/application.app
com.apple.quarantine
user@host ~ % Code language: Shell Session (shell)

Clearing the com.apple.quarantine extended attribute

To remove the com.apple.quarantine extended attribute from the application, you should use the following command:

sudo xattr -r -d com.apple.quarantine /path/to/application.app

By using this command you’re removing the com.apple.quarantine extended attribute from the application. The -r flag removes the attribute recursively from all files inside the application, and the -d flag indicates the given attribute is to be removed.

Please be aware:

Use the provided commands wisely. macOS is one of the most robust operative systems out there, and apps signed by Apple or identified Developers are not blocked by the operative system and are not added to quarantine. Allowing unsigned or unknown apps on your Mac is a security risk and should not be taken lightly, as it may damage your system. Use at your own risk.

Facebook
Twitter
LinkedIn
Tags
AMD Analytics Android Anti-Virus Apps brand branding Bugs CentOS diamonds Docker docker-compose Email Encryption FBI Fedora Google Guidelines Guides How To HTTPS Linux macOS Malware Marketing Metrics naming Network NSA NVIDIA Open Source Passwords Patches PPC RAID1 RAID5 science Security SEO Software Testing Updates Web Windows Work from Home
Picture of Ricardo Mendes

Ricardo Mendes

Ricardo is a Senior Systems Administrator and Consultant at ISSCloud, after +10 years working in Private Telecom. He enjoys writing about Technology, Security & Privacy.

Leave a Reply

Your email address will not be published. Required fields are marked *

Performance, Reliability & Professionalism

The cornerstones on which we founded our company, ever present

About Us

ISSCloud.io is an Internet Services Provider offering a diverse range of IT services. We work diligently to  provide a robust and reliable service, ensuring the availability of our customers’ websites and apps.

isscloud

Useful Links

Trustpilot
Trustpilot

Company

Newsletter

Subscribe here

Subscribe to our email newsletter to receive for useful tips and valuable resources.

Our newsletter is only sent out once per month.

Copyright © 2021 ISSCloud.io. All rights reserved

Payments We Accept