Today I Learned

hashrocket A Hashrocket project

Files Have Extended Attributes in OSX

I was looking into OSX's quarantine mechanism, and learned how downloaded executables are prevented from running. OSX uses extended attributes to prevent these from running, aka quarantine.

For example, if you install chromedriver with homebrew, then try to open it, you'll see that all too familiar alert that "the developer cannot be verified". How does OSX know to do this? Well, when the file is downloaded, it writes an extended attribute ( key-value to the file (see Gatekeeper). These extended attributes hold additional metadata about each file.

In the terminal, you can view these attributes on a file with the xattr command.

> xattr -l /usr/local/bin/chromedriver xxxxxxxxxxxxxxxxxxxxxxxx

You can manually remove an attribute with this utility using the -d flag -

> xattr -d

See More #computer-science TILs