X

Send us a Topic or Tip

Have a suggestion for the blog? Perhaps a topic you'd like us to write about? If so, we'd love to hear from you! Fancy yourself a writer and have a tech tip, handy computer trick, or "how to" to share? Let us know what you'd like to contribute!

Thanks for reaching out!

How to Handle App Downloads and App Permission Requests on Your Mac

Starting with macOS Catalina, your Mac really, really, really wants to make sure you’re only working with safe software. That’s why you’re probably getting lots of dialogs from apps asking for permission to access different parts of your Mac’s operating system or hardware, update you with notifications, and perhaps to access your contacts, photos, and more.

Apple’s own Gatekeeper tech has been doing this for some time. Naturally, the tech giant wants you to get all your software from the Mac App Store, but it realizes that it may not always be the case.

When you install Mac apps, plug-ins, and installer packages from outside the Mac App Store, macOS checks the Developer ID signature to verify that the software is from an identified developer and hasn’t been altered. By default, macOS Catalina (and I’d suspect macOS Big Sur) also requires software to be notarized. Before opening downloaded software for the first time, macOS asks for your approval if the app isn’t from the Mac App Store.

Example of message when downloading an app not from the App Store
Example of message when downloading an app not from the App Store

By default, your Mac’s security and privacy preferences are set to allow apps from the Mac App Store and identified developers. For extra security, you can choose to allow only apps from the App Store.

How to allow only apps from the App Store

  • In System Preferences, click Security & Privacy, then click General.
  • Click the lock and enter your password to make changes.
  • Select App Store under the header “Allow apps downloaded from” and make sure “App Store and identified developers” isn’t enabled.
General Settings for Security & Privacy
General Settings for Security & Privacy

I personally leave the latter enabled and haven’t had any issues. If your Mac — like mine — is set to allow apps from the Mac App Store and identified developers, the first time you launch a new app, it asks if you’re sure you want to open it. An app that has been notarized by Apple indicates that Apple checked it for malicious software, and none was detected.

If you have set your Mac to allow apps only from the App Store and you try to install an app from elsewhere, it will say that the app can’t be opened because it wasn’t downloaded from the App Store.

If your Mac is set to allow apps from the App Store and identified developers, and you try to install an app that isn’t signed by an identified developer or notarized by Apple, you also see a warning that the app can’t be opened.

If macOS detects that an app has malicious content, it will notify you when you try to open it and ask you to move it to the Trash.

However, if you really want to run software that hasn’t been signed and notarized (though I’d advise against this), you can.

How to allow apps not downloaded from the App store

  • Go to System Preferences > Security & Privacy, under the General tab.
  • You’ll see a note about the denied app. You can click Open Anyway and take your chances.
Use "Open Anyway" to allow an app to launch
Use “Open Anyway” to allow an app to launch

Starting with macOS Catalina, Apple has kicked things up a notch. Now every app that wants to send you notifications has to get your permission. You’ll probably want to say “yes” for software such as your calendar and reminder apps. For others, it’s your call.

How to give apps specific permissions

macOS Catalina also requires you to give special permission to apps that want to access things such as:

  • Location services
  • Your camera and microphone
  • Your contacts, calendars, and reminders
  • Full disk access
  • Access to your Documents and Downloads folders
  • Accessibility access

Go to System Preferences > Privacy and you’ll see a list on the left-hand side of the pop-up menu with these items:

  • Location Services
  • Calendars
  • Reminders
  • Photos
  • Camera
  • Microphone
  • Speech Recognition
  • Accessibility.

On the right-hand side of the screen, you’ll see a list of items that want to access these functions.

Items to access functions

To make any changes, you’ll need to click the lock icon at the bottom left of the screen to make changes. Just proceed cautiously; take time to make sure you trust an app before giving it special permission to access your Mac’s functions.


Related

Dennis Sellers
the authorDennis Sellers
Contributing Author
Dennis has over 40 years of journalism experience and has written hundreds of articles. For the past 20-plus years, he's been an online journalist, covering mainly Apple Inc. He's written for MacCentral, MacWorld, MacMinute, Macsimum News, Apple Daily Report, and is now contributing editor at Apple World Today.
Be Sociable, Share This Post!

Leave a Reply

4 Comments

  • Apple needs a user setting on all of their products, a simple checkbox, that says, “I’m a competent adult, capable of making my own choices in life”. As someone who built his first computer in 1975 using wire-wrap and solder, I really don’t need some California Chucklehead trying to control my computers and devices. While we’re at it, enough with the stupid California naming scheme. “Bangladesh” would be more apropos to the increasingly dysfunctional (hyper mis-functional?) iOS experience.

  • WOW! How we have come full circle, and then some.

    This is reminiscent of the Windows Vista days that Apple spent so much advertising time denigrating… “Cancel or Allow…”

    My how times have changed.

  • Doesn’t Apple already have enough of a monopoly on applications? I deal with many commercial applications that are flagged by Gatekeeper on a daily basis and all Apple does is remind me that I didn’t buy it from them. If I want or need security I will buy an application for it, I don’t need Apple “helping” me here. When OS X completely becomes iOS I will not be purchasing any more Macs.