Extracted .app stays in translocation #285
Comments
|
Thanks for your feedback @boettges! This is a duplicate of #215.
This did not happened when extracted with the bundled archiver? The only difference here is the quarantine metadata, don't worry about developer signatures. The bundled archiver maintains the downloaded file quarantine and Keka does not, so macOS creates a quarantine stating the file was created with Keka. As @gingerbeardman pointed somewhere, just moving the application to another folder (usually the Applications folder) removes the translocation. I'm gonna double check if the translocation affects different if the quarantine is maintained. Already have a possible fix for this, but I'm improving performance before releasing it. |
|
By the way I'm a long time user of Little Snitch, do you recommend Micro Snitch? |
|
Thanks for your reply. The same issue was causing iTerm2.app to ask me upon each start whether it should move itself to ~/Applications/. Once I used the macOS bundled archiver to unzip those apps both warnings did not appear again and both apps are running now as expected. Sorry, I didn't see #215, I did browse and search the issues, but mainly for "translocation". Micro Snitch is handy and the obdev.at team very trustworthy. It is more a added safety precaution. I do like the additional Micro Snitch info box that appears when the camera or microphone is used. I haven't used it on a 2018 MBP with "Hey Siri" functionality, though. I'm wondering whether that would interfere. 🙂 |
|
@boettges made a quick test and can't reproduce this, either with Keka or the bundled macOS archiver:
Translocation is affecting both equally. Until you move the application to another folder (Applications or Desktop) it will launch in a temporary path. Nothing to do here, as it is a macOS security feature. |
Can you reproduce those again? |
|
Yes, if I analyze the processes of the Micro Snitch app using activitiy monitor it clearly shows that the keka-unzipped one is running in translocation, despite being executed from within /Applications/. Keka unzipped "Micro Snitch.app":
macOS bundled archiver unzipped "Micro Snitch.app":
It might require a restart of the app after a reboot of the system to see the warning. |
|
@boettges Just reproduced it, but not consistently. It affected a couple of applications. The workaround was moving them to the Desktop and back to the Applications folder. In my test, to reproduce this I've compressed some apps with Keka, then extracted with the bundled macOS archiver. All tests done in 10.13.6. |
aonez
changed the title
aonez
changed the title
|
This is kind of random. Different applications, same quarantine, some open without translocation, some keep the quarantine thus open with translocation. |
|
@aonez Maybe it is worth waiting another week for macOS 10.14 to be released and observe the behavior again. Thanks a lot 👌 |
|
@boettges I've tried with multiple third party apps (+15). But they where all compressed by me, and applied a quarantine myself for the test. I'll check later today with the official Mojave release, but not sure it will make any difference. Also the test will be done with a notarized build of Keka, again don't think it will change anything. |
|
This is the problem with #208 for me Workaround: I just had this with FSNotes: https://github.com/glushchenko/fsnotes/releases/download/4.0.0/FSNotes_4.0.0.zip |
|
Tried with FSNotes and after moving/copying it from the Downloads folder to the Desktop/Applications folder it no more was in translocation. If only this key was permitted: |
|
In that case the problem is now: why does moving the app on my setup not give the same results as on your system (ie. remove App Translocation)? |
Dear @aonez and other keka devs,
I am using Keka 1.1.3 and I use it as my default file archiver.
Running the application "Micro Snitch", downloaded as a zip-file from https://www.obdev.at/products/microsnitch kept giving me the usually just initial warning that I was about to run a application for the first time, asking me whether I was really sure that I want to open it. But no matter how often I accepted the warning, it kept asking upon every new application start.
It turns out that the "Micro Snitch.app", which was unzipped by Keka, was running in AppTranslocation mode for security reasons, because it seems to me that Keka did remove the developer's signature.
I noticed this, because I completely removed the application from my system, re-downloaded the aforementioned zip-file and unzipped it with Keka. I was greeted with the following message:
(Please excuse the German locale. It translates to: "Application created by Keka".)
So I cross checked this by unzipping the file using the macOS built-in archiver:
Turns out that the built-in tool keeps the developer signatures unimpaired.
I'm a long time Keka-user and never had problems with this in earlier versions of Keka. I guess something must have been changed.
Thanks a lot in advance for looking into it.
Peter
The text was updated successfully, but these errors were encountered: