I fully support Apple in making the Mac App Store a safer place. To achieve this, Apple should fix their bad implementation of setting quarantine attributes, as NoiseTECH pointed out.Why is setting a timestamp on a file overwriting the quarantine attribute? Why is cloning a file with Apple’s standard library overwriting the quarantine attribute? I don’t see how these actions could introduce malicious code? But by overwriting the quarantine attribute, marked malicious code (e.g. downloaded by Safari) will lose important information.I do understand that the use of this entitlement is only a workaround to circumvent this peculiar behaviour of quarantining. But I don’t understand why I should be forced to release diskDedupe outside of the Mac Apple Store in order to make it more secure.Apple’s policy to approve apps that use this entitlement seems to be not consistent (there are recent updates of apps in the App Store that use this entitlement). This arbitrariness does not improve the level of security in the Mac App Store.
I fully agree with you regarding the ruleset for quarantining.In the meantime I have released the app in the macOS App Store with the entitlement "com.apple.security.files.user-selected.executable=false", because Apple has not granted the right to use it yet. At the same time I have opened a support case, because for the specific app, not to use the entitlement introduces a security issue from my point of view.The app implements file level deduplication for APFS and replaces all duplicate files with clones, in order to free up disk space. After replacing a file with a clone of a duplicate, the app replaces all metadata of the clone with the metadata of the previously removed file. This works fine, other than that the quarantine extended attribute is set if I don't use the entitlement. As a result the deduplication app overwrites all existing quarantine extended attributes of deduplicated files, which may be a security issue for the user. The user gets warnings that files were downloaded by "diskDedupe", even though the file was actually downloaded by another possibly dangerous app. My app does not change a single bit of any file, it performs only cloning of existing files and changes metadata like timestamps etc. still unfortunately the quarantine extended attribute is set by the OS. I have published a workaround on the apps website to remove the quarantine bit for now, but it would be much better, if macOS would not create quarantine bits for clones at all.The Apple support engineer agrees with my point of view and is currently trying to convince the app review team to grant the entitlement for security reasons. But the app review team is not responding since weeks now (the app is "in review" since more than 4 weeks now without any notice).Update: Apple has finally rejected the app with "com.apple.security.files.user-selected.executable" set to true. I released diskDedupe without the entitlement and published a script to remove the quarantine flag on the support website.
Post not yet marked as solved
As a developer of a (not so sloppy ;-) ) deduplication app diskDedeupe I fully agree that APFS could support deduplication better. Apple has probably decided not to implement online deduplication due to high ressource requirements (i.e. memory usage in ZFS if online deduplication is enabled).To implement improved offline deduplication block level operations would be very helpful. Also time consuming hashing could become obsolete, if APFS would provide hashes for blocks on a filesystem level. These hashes could be also used for data consitency checks.
