Worklet: Enable Gatekeeper on macOS

  • 23 August 2019
  • 1 reply
  • 42 views

Gatekeeper is a built-in security feature of macOS—originally introduced in Mac OS X Lion (10.7.3)—that enforces code signing and verifies downloaded applications before allowing them to run. This worklet ensures that Gatekeeper is always enabled on a macOS system.



Evaluation:



#!/bin/bash



# helper function to check if a command exists

function command_exists {

type "$1" &> /dev/null

}



# only evaluate if the spctl command is available

if command_exists spctl; then

# check if gatekeeper is enabled

spctl --status | grep -q "assessments enabled"



# yay? or nay?

exit $?

fi



# spctl command not available, move along

exit 0



Remediation:



#!/bin/bash



# enable gatekeeper for all users

spctl --master-enable



# did we succeed?

exit $?

This topic has been closed for comments

1 reply



Type is a shell built in. It maybe return something other than an executable program. Why not use which instead and get the executable path from that?