macOS may even quarantine files you created yourself

Anything not about Mac emulation.

Moderators: Cat_7, Ronald P. Regensburg

Post Reply
User avatar
Ronald P. Regensburg
Expert User
Posts: 7821
Joined: Thu Feb 09, 2006 10:24 pm
Location: Amsterdam, Netherlands

macOS may even quarantine files you created yourself

Post by Ronald P. Regensburg »

Cat_7 wrote: Sat Dec 11, 2021 8:19 amYes, that is a nuisance. [...] It is strange that even for a file you own you need to change the attributes.
Very annoying indeed.
See also here: https://eclecticlight.co/2021/12/11/exp ... uarantine/
User avatar
Cat_7
Expert User
Posts: 6145
Joined: Fri Feb 13, 2004 8:59 am
Location: Sittard, The Netherlands

Re: macOS may even quarantine files you created yourself

Post by Cat_7 »

As far as Qemu is concerned when running in Monterey, I can place the download in a folder in my Applications folder.
After removing the quarantine attribute from the allow_qemu_to_run command file using the terminal, I can run it and edit it. As the script removes the quarantine attribute from qemu.command as well, I can then edit and run the qemu.command startup script.

If the command files are in another folder, I have to remove the quarantine attribute from _allow_qemu_to_run.command and run it. It removes the quarantine attribute from qemu.command. The qemu.command file needs to be edited before it is usable, but this can only be done once before the quarantine attribute is set again. So it cannot be executed without removing the attribute again. Same is true after any editing of the file.

Best,
Cat_7
User avatar
adespoton
Forum All-Star
Posts: 4226
Joined: Fri Nov 27, 2009 5:11 am
Location: Emaculation.com
Contact:

Re: macOS may even quarantine files you created yourself

Post by adespoton »

Ah; this location-based attribute reset explains a lot. I keep my active scripts (which I modify semi-regularly) for all my emulators in a sub-folder of the Applications folder, and symlink that back to my users folder. I haven't had any reset issues from there. But in my user Documents or Downloads folder, every edit of a script causes re-quarantining, and even a context-open doesn't work -- the xattr quarantine flag has to be stripped to get it running again.

So it seems like Apple has finally locked down mandating executable files run only from inside /Applications/.

Anyone know if there are other "allowed" places too, like ~/Library/ or ~/Library/Caches/ and ~/Library/Containers/? Seems to me those would also need execution privileges.
User avatar
Ronald P. Regensburg
Expert User
Posts: 7821
Joined: Thu Feb 09, 2006 10:24 pm
Location: Amsterdam, Netherlands

Re: macOS may even quarantine files you created yourself

Post by Ronald P. Regensburg »

The only other location I know (and which I use for this-user-only applications) is ~/Applications/
Post Reply