How to Disable Gatekeeper on macOS: A Complete Guide

Introduction / Why This Is Needed

Gatekeeper is a built-in macOS security system that verifies whether apps are signed by developers with a valid Apple Developer ID and haven't been altered since signing. It prevents the launch of potentially malicious software from unknown sources.

However, this system can sometimes be overly strict:

• You want to run a useful app from a small independent developer that hasn't undergone Apple's official review.
• You need to test your own app that you've just started developing.
• You are using an older version of legitimate software whose developer certificate has expired.

This guide explains how to temporarily or completely disable Gatekeeper to run any application. Warning: Disabling this reduces your system's security level. Always re-enable Gatekeeper after installing the necessary software.

Requirements / Preparation

Before you begin, ensure that:

1. You have access to an admin macOS account (a password for sudo will be required).
2. You understand the risks of running unsigned software.
3. The application you want to run is downloaded from a trusted source (the developer's official website, GitHub, etc.).
4. You are prepared to re-enable Gatekeeper after you are done working with the application.

Step-by-Step Instructions

Method 1: Temporary Workaround for a Single File (Safest)

This method does not disable Gatekeeper globally; it simply allows you to launch a specific file that macOS has marked as "from an unidentified developer."

1. In Finder, locate the application file (usually a file with the .app extension).
2. Hold down the Control key and click (or right-click) on the application icon.
3. Select "Open" from the context menu.
4. A warning will appear. Click "Open".
5. macOS will remember this decision for this specific file. On subsequent attempts, the app will launch with a regular double-click.

💡 Tip: This method is ideal for one-off cases. It does not change the system's global security settings.

Method 2: Completely Disable Gatekeeper via Terminal

This method changes a system setting and disables authenticity checks for all applications. After this, an "Anywhere" option will appear in your security settings.

1. Open the Terminal app (you can find it via Spotlight — Cmd+Space, then type "Terminal").
2. Enter the following command and press Enter:

   sudo spctl --master-disable
   

3. The system will ask for your admin password. Type it (characters won't be displayed, which is normal) and press Enter.
4. If the command executes without errors, Gatekeeper is disabled.

Step 3: Verify the Status

To confirm the setting has been applied, run the following in the same Terminal window:

spctl --status

Expected result:

• assessments disabled — Gatekeeper is disabled.
• enabled — Gatekeeper is enabled (operating in normal mode).

You can also check in System Settings → Privacy & Security → Security. The "Allow apps downloaded from:" section should now show the option "Anywhere".

Step 4: Return to Normal Operation (Re-enable Gatekeeper)

Don't forget to re-enable Gatekeeper! Once you have installed and verified the necessary application, run this in Terminal:

sudo spctl --master-enable

Or, in your Security settings, select "App Store and identified developers" again.

Verification

1. For Method 1: Try launching the problematic app with a regular double-click. It should open without a warning.
2. For Method 2: Go to any folder and try launching any application (even a standard one like TextEdit). No warnings about the source should appear.
3. Status check: The spctl --status command should show assessments disabled (if you disabled it) or enabled (if you re-enabled it).

Potential Issues

Issue: "App is damaged and can't be opened. You should move it to the Trash."

Cause: Besides Gatekeeper, macOS can apply a quarantine attribute (com.apple.quarantine) to files downloaded from the internet. Even with Gatekeeper disabled, such files may still be blocked. Solution:

1. Find the path to the application (drag the app icon into the Terminal window, and the path will be pasted automatically).
2. Run the command to remove the attribute:

   xattr -d com.apple.quarantine /path/to/your/app.app
   

   For example: xattr -d com.apple.quarantine /Applications/MyApp.app

Issue: spctl command not found (command not found).

Cause: Highly unlikely for a standard macOS installation. You might be using a very stripped-down environment or have an incorrect path to the utility. Solution: Ensure you are using the standard shell (bash or zsh). Try specifying the full path:

sudo /usr/sbin/spctl --master-disable

Issue: The app still won't launch even though Gatekeeper is disabled.

Cause: The application may be corrupted, incompatible with your version of macOS (e.g., a 32-bit app on macOS Catalina or newer), or require other system libraries. Solution:

1. Try re-downloading the app from the official website.
2. Check the app's system requirements.
3. If it is a 32-bit app, on macOS 10.15 (Catalina) and later, it is simply not runnable. You need to find a 64-bit version or use a virtual machine with an older macOS.

Issue: "Operation not permitted" when running sudo spctl.

Cause: Your user account may not have admin rights, or System Integrity Protection (SIP) might be enabled, which can restrict certain system settings (though this is usually not relevant for spctl). Solution: Ensure you are logged into an account with administrator privileges. Changing some deep system settings might require disabling SIP, but this is not recommended and is not necessary to disable Gatekeeper.