Overcome Gatekeeper automatically re-enabling in OS X Yosemite

SecurityIconXThe Gatekeeper feature in OS X is a security measure that adds a layer of protection by only allowing Apple-approved apps to run, be they either from members of Apple’s developer community, or apps that are distributed in the App Store. This feature should be enabled by default, but if desired you can change Gatekeeper’s behavior, or disable it altogether. However, some OS X 10.10 users have found that after a while, Gatekeeper may re-enable automatically.

This may be a bug in the latest versions of OS X, or may be a hidden feature similar to the Do Not Disturb option for Notification Center where the service will re-enable after a day, but either way, it can be a frustrating issue to deal with.

The solution to this problem, found over on the Der Flounder blog, is from a policy buried in the code for the system policy daemon, which governs access for what may be installed, loaded, and run on the system. In the code, there is a reference to a global variable that determines whether or not GateKeeper will automatically re-arm.

If your system is automatically enabling GateKeeper, then it is very likely that this variable is set to a true value, but luckily it can be changed using the same “defaults” command that is commonly used for adjusting hidden preferences and settings in OS X. Just open the OS X Terminal, and run the following command (provide your password when prompted–it will not show when typed):

sudo defaults write /Library/Preferences/com.apple.security GKAutoRearm -bool false

When done, restart your Mac to load the system’s security and policy routines, and then go to the system preferences to disable GateKeeper. At this point, it should remain disabled.

If you want to revert these changes, then open the Terminal and run the following command, again followed by restarting your Mac:

sudo defaults delete /Library/Preferences/com.apple.security GKAutoRearm

5 thoughts on “Overcome Gatekeeper automatically re-enabling in OS X Yosemite

    1. Strod

      Yes it is. It is just not mentioned by name (“Gatekeeper”). Go to the Security & Privacy panel, “General” tab. Click on the option “Allow apps downloaded from: Anywhere”.

      I personally think that the best setting is “Mac App Store and identified developers”, and if you need to open for the first time an app outside that scope just right click, select open from the contextual menu, and click open as described in this article:

      1. misotonic

        I agree with Strod – disabling Gatekeeper altogether seems foolish and what’s more it is unnecessary. Use the approach that Strod mentions and you will be both safer and easily able to bypass Gatekeeper if you need to. To recommend anything else is irresponsible.

      2. Jeff Le Blanc

        You left out a step. In order to change the security (Gatekeeper) settings you will most likely need to unlock the preference pane. Click the lock in the lower left hand corner and enter your admin password in the modal dialog window that appears.

Comments are closed.