Restrict Download Warnings

One of Leopard's less beloved security features is the warning that appears when users first open downloaded applications. Given that most software now comes from the internet, this dialog has become a common part of the average Mac user experience. In some cases, though, that one-time process never ends, displaying the same dialog at every launch. The problem is especially common when applications are installed (but not run) by an administrative user.

"Example" is an application which was downloaded from the Internet.
Are you sure you want to open it?

The warning is triggered by an "extended attribute", an addition to the HFS+ file system that allows additional information on a file-by-file basis. In this case, a tag named "com.apple.quarantine" is added to any file downloaded on Leopard by an internet application. If that signature is added by an administrative user, it can't be removed using a standard account.

The solution is to remove that attribute through the Terminal, replacing FILENAME with the actual application name and typing:

sudo xattr -d com.apple.quarantine "FILENAME"

The command can be run on individual machines or, if you've already deployed a tagged application in a system image, it can be run via Apple Remote Desktop. This will remove the quarantine attribute and put an end to the constant nagging.

Recommended Reading: The new xattr command doesn't even have a manpage yet, but what little documentation exists can be found by typing "xattr -h". An enthusiastic explanation of extended attributes in OS X ran back in John Siracusa's exhaustive review of Tiger at Ars Technica.