Worklet: Enable Gatekeeper on macOS

Gatekeeper is a built-in security feature of macOS—originally introduced in Mac OS X Lion (10.7.3)—that enforces code signing and verifies downloaded applications before allowing them to run. This worklet ensures that Gatekeeper is always enabled on a macOS system.

Evaluation:

#!/bin/bash





# helper function to check if a command exists


function command_exists {


    type "$1" &> /dev/null


}





# only evaluate if the spctl command is available


if command_exists spctl; then


    # check if gatekeeper is enabled


    spctl --status | grep -q "assessments enabled"





    # yay? or nay?


    exit $?


fi





# spctl command not available, move along


exit 0

Remediation:

#!/bin/bash





# enable gatekeeper for all users


spctl --master-enable





# did we succeed?


exit $?

Page 1 / 1

Type is a shell built in. It maybe return something other than an executable program. Why not use which instead and get the executable path from that?

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded