What does Mac Gatekeeper do?

Apple has carved itself a niche amongst tech companies in recent years as the vendor most concerned about its users’ security and privacy. It has implemented a number of features in recent versions of macOS, such as code signing and sandboxing, that are designed to provide greater protection for users’ data. And Gatekeeper is another example of that. Here’s how to use Gatekeeper on your Mac.

What is Gatekeeper?

Gatekeeper is the name Apple gives to technology that works behind the scenes in macOS to limit what can be installed on your Mac. By default, it allows only apps downloaded from Apple’s own App Store to be installed, though you can change that to allow apps from recognized developers as well. Recognized developers are those who have signed their code and whose signature Apple recognizes.

If you want to install an app from a developer who is not ‘recognized,’ you can, but you’ll have to override Gatekeeper. The point is to make you think twice before installing anything that may damage your Mac.

Apple doesn’t explain exactly how Gatekeeper works, and for a good reason — if it did, it would be easier to circumvent.

Why is Gatekeeper important?

Much of the malware that finds its way onto Macs comes in the form of fake downloads or bundled applications. In both cases, the apps that are installed are not those that users think they are installing. By preventing them from being installed by default and forcing you to manually enable installation, macOS is alerting you to their attempt to install and giving you a chance to block them. 

Even with Gatekeeper enabled, potentially unwanted programs (PUPs) still find their way onto Macs by disguising themselves as part of another application and using that application’s override.

Are there any problems with Gatekeeper?

The only issue is that Gatekeeper prevents all apps that haven’t been code signed by recognized developers from being installed by default. In some cases, that means that perfectly legitimate apps are blocked. In those cases, you can override Gatekeeper and manually allow them to be installed. It’s an inconvenience but not a big problem.

How to find your undocumented apps? Not all the apps and programs installed on your Mac are living in your Applications folder. In fact, not all of them are clearly visible.

However, there is a way to check which apps are installed with CleanMyMac X. You can use its Uninstaller and Launch Agents utilities to see exactly what is installed on your Mac and, if you want, uninstall anything at the press of a button.

  1. Install and open CleanMyMac X — a link to a free version of the app.
  2. Choose Uninstaller from the sidebar.
  3. Scan the list of apps in the main window. If there are any you don’t recognize or didn’t intend to install, decide whether you want to keep them.
  4. If you want to uninstall an app, select the box next to it and click Uninstall.

Now, go to the Optimization tab and choose Launch Agents.

  • To disable a launch agent, select the green dot to the right of it.
  • To disable a launch agent, select the box next to the launch agents you want to remove.

    How to use Gatekeeper on Mac

    1. Go to the Apple menu and choose System Settings.
    2. Click Privacy & Security.
    3. Scroll down until you see two options at the bottom of the window under ‘Allow apps downloaded from.’ Choose the one you want.
    4. If you try to download an app that’s not from the App Store (or an identified developer if you chose that option), you’ll see a warning dialog. You can then choose to override Gatekeeper and install the app.

    There’s no way to turn Gatekeeper off completely, so you’ll need to manually override it each time you install an app that’s not from an identified developer. You should take a few seconds to think about the app you’re installing before you give it permission to install. As we said earlier, many potentially unwanted programs are installed on Macs because users gave permission to install an app that wasn’t the one they thought they were installing.

    According to presentations at the Mac malware conference, Objective by the Sea, up to 20% of Macs have been affected by potentially unwanted programs, which is a form of malware.

    If you’re worried about malware on your Mac, there’s a very quick and easy to check for it using CleanMyMac X’s Malware Removal tool. It scans your Mac and compares what it finds with its database of known malware. If it finds a match, it will alert you and offer to remove it. Here’s how to use it:

    1. Download, install, and open CleanMyMac X
    2. Choose Malware Removal from the sidebar on the left.
    3. Click Scan.
    4. Hopefully, you’ll get a message telling you your Mac is clean.
    5. If not, you can remove the malware by clicking Remove.

    It’s worth scanning your Mac for malware once a month or so — that way, you can be sure it’s always clean. Never overriding Gatekeeper isn’t a guarantee of staying safe and secure. So, don’t rely on it to keep you safe from malware. Be vigilant, think about what you’re downloading, and make sure you know what is being installed on your Mac.

    To conclude, Gatekeeper is a tool Apple built into macOS to limit the apps that can be installed on your Mac. By default, it will only allow you to install apps from the App Store, but you can set it in System Settings so that it also allows you to install apps from identified developers. To install apps from other developers, you’ll have to override Gatekeeper by giving those apps permission to install when you’re prompted.