Apple has a built-in way to protect you from opening up potentially malicious apps on your computer in Mac OS X Lion, Mountain Lion, Mavericks, Yosemite, El Capitan, and macOS Sierra. This setting, named Gatekeeper, will never stop you from installing apps from the Mac App Store, but it could from anywhere else. If it's an app you're sure you want to install on your system, here's how to do it.
Open up your "System Preferences" and head to "Security & Privacy."
In the "General" tab, you'll see a section called "Allow apps downloaded from." In order to change these settings, you'll have to click on the lock icon below and input your admin password. Once that's out of the way, you can choose between three options:
- Mac App Store
- Mac App Store and identified developers
The safest option to choose here would be the "Mac App Store," since Apple reviews all apps that are accepted in their store and can remove them quickly if necessary. Basically, you'll know that your Mac will be as free as possible from malware if you use this option only.
The next option also trusts apps from "identified developers," which are basically developers with a unique Developer ID from Apple who have their apps signed digitally. This is the option I use, since Apple can verify that there hasn't been any tampering with the apps since they were signed.
The last option, "Anywhere," obviously removes Gatekeeper's blocking capabilities on your Mac, letting you install and open any app off the internet, including Automator apps made by individuals. Sometimes these things have malware baked in, so I would recommend using the "identified developers" option and okay installation of apps missing a Developer ID on a case-by-case basis.
If you have the "Mac App Store and identified developers" option selected, then whenever you download an app without a Developer ID and try to open it, you'll get the following warning.
- "App Name" can't be opened because it is from an unidentified developer
To bypass this restriction, select "OK" on the popup to close it, then go into the "Security & Privacy" section in your "System Preferences." Below the Gatekeeper options in the "General" tab, you'll see the app that was blocked from opening. To trust it, select "Open Anyway" and that's it.
If you don't want to go into Systems Preferences to open an app for the first time as shown above, then simply Control+Click on the app in the Finder, then select "Open." You'll see a new popup asking if you're sure you want to run the app on your Mac. Just hit "Open" again and you're set.
Big thanks to Michael Cunningham for bringing this trick to my attention in the comments below.
This is the best way to keep your Mac running malware-free, while still being able to download and use cool apps that haven't been signed yet. This includes a lot of Automator actions built by regular users to streamline a certain process, like resizing images for the web automatically just by dragging and dropping photos into the app.
If you were to build an Automator app yourself, Gatekeeper wouldn't block you from opening it since you never downloaded it from the internet, but any you get from us would.
For more information on how Gatekeeper works, check out Apple's overview.