Does gatekeeper not check apps stored in /Applications/?

gatekeeper

If I remember correctly executables are only checked by Gatekeeper if they have the quarantine filesystem attribute attached. And the quarantine filesystem attribute is (optionally) added by applications which download files from the internet.

So if Gatekeeper is not checking files it could be because the quarantine attribute has already been removed (after a successful check) or because they were downloading using an application that doesn't apply them in the first place (for example I think some torrent applications don't apply them, whereas most if not all web browsers do).

For example I just downloaded Firefox using the Safari web browser so if I run ls -l@ Firefox\ 54.0.1.dmg to show any attached file system attributes I get the following, which includes the quarantine tag...

-rw-r--r--@ 1 alistair  staff  59438170  7 Jul 00:23 Firefox 54.0.1.dmg
    com.apple.metadata:kMDItemDownloadedDate          53 
    com.apple.metadata:kMDItemWhereFroms         203 
    com.apple.quarantine          61

This is why you see people suggesting removing the quarantine tag as a way to get around the Gatekeeper security prompts.

Related

Corrupted USB flash drive, cannot initialise or mount
PDF reader on iOS with autosync
Textedit crashed and lost a previously saved file
MacOS Automator: Save new text file in current folder
If I encrypt my HD using FireVault, what happens to my (previously unencrypted) TimeMachine backups?
How do I make `Cmd` as `Meta` instead of `Option/Alt` key on `emacs` runs on terminal(with `-nw` option)
3 TB Fusion Drive missing space after unsuccessful Windows installation via Bootcamp
How to stop throttling
iPad Kiosk Mode
Install SSD and Windows to Mac Pro 2012
Location of Account/ Login picture on Mac OS X 10.12 Sierra
How do I run Apple2.saver from XScreensaver as an application?