Move Downloaded Mac Apps Before Initial Launch

ace · September 6, 2022, 7:33pm

Originally published at: Move Downloaded Mac Apps Before Initial Launch - TidBITS

Howard Oakley explains App Translocation, a macOS security mechanism that protects against malicious plug-ins within benign apps but can occasionally cause first-launch crashes.

Quantumpanda · September 6, 2022, 8:58pm

Interesting. I’ve long been in the habit of copying apps to /Applications before launching them, because if I don’t, they’ll sit around in ~/Downloads or wherever, and I either won’t be able to find them again or will forget I have them. Putting everything in /Applications by habit keeps everything reasonably organized.

unhinged · September 7, 2022, 12:43am

Same. Plus in days long past you never knew where the app was going to write some random config information relative to its install location and your downloads folder or desktop could get very cluttered very quickly.

peternlewis · September 7, 2022, 7:07am

You should clarify “is to move the app to a different location” to “is to move the app to a different location using the Finder”. It is the Finder that removes the quarantine flag and turns off translocation, so if you use a different tool (eg the Terminal), then it will not necessarily resolve the problem.

alvarnell · September 7, 2022, 8:51am

Who is “You”? Not clear who you are replying to. If it’s Howard, then you need to post your reply to his blog. I don’t see anybody in this discussion mentioning moving the app, but I will observe that they shouldn’t be “copying” apps to /Applications.

It’s my understanding that Gatekeeper is the process that removes the quarantine flags (technically modifies the quarantine attribute).

peternlewis · September 7, 2022, 9:06am

@ace, in his article at Move Downloaded Mac Apps Before Initial Launch - TidBITS, as referenced in the topic post…

My point remains, if you move the application with some other means (eg Hazel (maybe it does these days), Terminal, whatever), then the translocation will not necessarily be turned off.

Hence, the advice should be “move the app to a different location using the Finder”.

alvarnell · September 7, 2022, 9:24am

OK, I’ll let him respond to that since his article doesn’t accurately quote Howard’s blog where he makes it clear that Finder should be used to move such apps.

ace · September 7, 2022, 12:18pm

Yes, @peternlewis is right. I had those “using the Finder” words in a draft at one point, but the sentence read badly and I figured that calling out the the 99% solution was overkill in an ExtraBIT that sends people to read the full details in another article. Apparently not—I’ll tweak.

Will_M · September 7, 2022, 4:31pm

I have a folder “/Applications/added stuff” where I put most of the apps that I download. (A few refuse to run from there, so they get put in /Applications, or deleted.)

I assume moving (using the Finder) apps to this folder is why I have not experienced (that I recall) an app crashing on first startup. Well, that, and I have so few downloaded apps.

This structure makes more sense to me, leaving /Applications to contain mostly stuff that Apple provided. Am I shooting myself in the foot in any way?

Quantumpanda · September 7, 2022, 7:34pm

The distinction between “copying” and “moving” is trivial, and mostly pedantic. It’s shorthand for “dragging the icon to the new location”. If the download unzips into a .dmg, you genuinely are copying the file, as that is rightfully considered a separate volume by the Finder and so requires actually writing the file again.

And, if an app unzips itself into ~/Downloads, there is nothing fundamentally wrong with copying it (i.e., actually duplicating it) into /Applications rather than moving it. If it can’t be drag-copied, it should be using an actual installer instead of simply unzipping in the same location. (Yes, it’s a marginal waste of disk space, and a minor amount of excess writing to your SSD, shortening its life by maybe a few seconds. Unless you’re talking about a massive app package like Adobe Creative Cloud or MS Office, it’s not worth worrying about for most people.)

charles1 · September 16, 2022, 7:30pm

Thanks for this, Adam. I knew about the translocation issue because I ran into it when using Path Finder instead of Finder, but you’ve made me think about an Automator service I wrote to move items from the desktop to the Applications directory. I think it suffers the same problem – even though the app ends up in the right place, it seems to think it isn’t. Presumably a shell script to do the same job wouldn’t work properly either.

paalb · September 17, 2022, 7:15am

In a script you can remove the quarantine flag by using xattr.

Example: xattr -d -r com.apple.quarantine /Applications/some.app

To list flags: ls -Rl@ /Applications/some.app

Edit: But please see what @alvarnell writes below.

charles1 · September 17, 2022, 9:49am

Aha! Thank you. I think I’ve managed to make that work.

Of course most disk images now helpfully open to show a shortcut to the Applications folder. But for those that don’t, or for apps downloaded as zip files, this saves me the effort of opening a Finder window ;-)

alvarnell · September 17, 2022, 11:19am

I hope you realize that doing so disables all security checks of the app by XProtect, MRT (apparently now XProtect Remediator), and gatekeeper for valid signatures & Notarization. There have been at least a couple of instances where well known mainstream app download sites were hacked and malware substituted for the most recent update, one was ransomware.

charles1 · September 17, 2022, 2:02pm

Thank you – no, I wouldn’t want to avoid security checks of that kind.

paalb · September 17, 2022, 3:00pm

Thanks for the warning @alvarnell.