AppTranslocation with everything signed

My app is signed, the self-written installer is signed, the dmg is signed. In spite of this I have a customer showing me that the main application is started in AppTranslocation mode. I can’t reproduce this. Does anyone have an idea what I can change, check or do with this?

Have them drag the app to desktop and then to Applications.

Apps can get translocated regardless of being signed. For your mail archiver app you might need to check if it has been translocated, and if it has have the user select the Library folder with an OpenDialog to gain access to the locations you need to archive mail.

@Jeff Tullin: yes, that would be my next advice. However, the app is installed with an installer and is already in the Applications folder.

@Tim Parnell: why does the app get translocated? Most users don’t need an OpenDialog. The user that alerted me to the problem can’t add my app to the Dock. The AppTranslocation also interferes with BitDefender (why anyone on the Mac would use this type of software is another issue).

Apps downloaded from the internet get quarantined, and we as a community still haven’t figured out the pattern for how or why they get Translocated. All that I can tell you is that code signing does not stop the Translocation. Some users here have even had get Translocated and had issues loading their plugins.

I’m not sure what BitDefender might do with Translocated apps, or why that has anything to do with adding an app to the dock. To me that reeks of Windows sysadmin, I’ve known shitty admins that lock the dock on the user. If it’s not a managed system, the user may have inadvertently locked the dock them self. (it could also be a complication of BitDefender, but this I’m unsure of)

A user can manually disable translocation on an app with Terminal:

xattr -d [drop .app here]

I would wager that this dock issue has nothing to do with your app, but rather their system.

Further, with your app being installed by an installer, I don’t think you’ll need my “Select the Library folder” workaround.

@Tim Parnell: oh sugar. If you try to pin an app to the dock from a temporary path what do you think happens if you quit the app? It will “vanish”. BitDefender has a feature called “SafeFiles” or similar which is supposed to protect you from those Ransomware thingies that are all the rage on the Windows side. You have to allow app xxx access to folder yyy. If the app is translocated then you have to allow this every time the app wants to access yyy.

Another example of the cure being far worse than the disease.

I now have a set of VMs running 10.10.5 on a dedicated ESX server that I use to download anything that is not coming into our environment from a known and trusted source. The VMs are firewalled and the firewall is set for 100% lock down. We open the FW, download the file, close the FW and then check it out. We use a filesystem diff operation using our BRU engine to compare a known safe state backup of the system against the new state after the installation to see the real files that are added or updated on the system.

It’s more work, but provides far more exact results when the downloaded file is then allowed into the company network. And having the FW locked down in both in and out setup, we can also determine any network traffic that is generated.

We do a similar run with Windows and Linux.

Uh, I thought the reasons for being run translocated are pretty clear. It happens to any file that gets downloaded. Only if it’s on a dmg, it won’t get translocated, but zip files will, for instance.

Which means: To reproduce, you need to upload the file to a server and then download it from there.

And the remedy is to let the user move the app to another folder, using the Finder.

So, what apps delivered not in a dmg should do is to check whether it runs translocated, and if that’s the case, tell the user that he needs to move it, e.g. to the Applications folder (of course, some app can run translocated just fine - then ignore this). There is even code around that performs this move for the user, e.g. with AppleScript, after which the app can be unquarantined by that script. I believe I discussed the whole topic here in the Forum before. Beatrix, you know how to contact me :wink:

A simple check for whether your app runs translocated is to test if the path the app runs from is in the private folder, e.g. like this:

App.ExecutablePath.NativePath.InStrB("/private/") = 1

[quote]A simple check for whether your app runs translocated is to test if the path the app runs from is in the private folder, e.g. like this:

App.ExecutablePath.NativePath.InStrB("/private/") = 1[/quote]

Does that also work on non-English installs of OSX?

Yes, Jeff, because this is a system folder, not visible by the user.

@Thomas Tempelmann: I’ve got a dmg and not a zip file. And no, I can’t reproduce the problem even if I download my dmg from the website.

Ha, indeed. I thought I remembered that you’d use a dmg, not a zip. Actually, you mention it above. I must have tomatos on my eyes :slight_smile:

Is the user starting the app from the mounted img or has he first copied it to somewhere else before he started it?

Also, how do you know it’s running translocated? Maybe your check is faulty and you’re now making the wrong assumptions. Maybe this is not about translocation at all.

For a quick user to check if it’s running translocated, he could use Sloth ( - must be launched via right-click and “Open” because it’s not codesigned) and then see if your app appears in there, and under which path - if it’s the path it was double clicked from, then it’s NOT translocated, but if the path is a long one starting with “/private”, then it’s translocated.

Supposedly the way to ensure your application doesn’t get translocated is to use the Apple installer, which is not very popular.

@Thomas Tempelmann : " I must have tomatos on my eyes :)" That would never happen to me. Hahahaha … thanks the gods the users never see the code.

@Sam Rowlands : I was too stupid for this POS software. The permissions never worked fine.

Sorry Beatrix, I don’t understand what you mean.

I just found a NEW cause of the quarantine being set on an otherwise properly configured DMG/PKG/APP - if you cancel the Verifying pass when you first open the container (DMG in this case for me), the resulting package is quarantined.

Apparently that Verifying pass that Finder does when opening a DMG and being canceled is one more step towards insanity … :S