macOS X GateKeeper Bypass

On MacOS X version <= 10.14.5 (at time of writing) it is possible to easily bypass Gatekeeper in order to execute untrusted code without any warning or user's explicit permission. Gatekeeper is a mechanism developed by Apple and included in MacOS X since 2012 that enforces code signing and verifies downloaded applications before allowing them to run. The second legit feature is that zip archives can contain symbolic links pointing to an arbitrary location (including automount enpoints) and that the software on MacOS that is responsable to decompress zip files do not perform any check on the symlinks before creatig them.

Source: www.fcvl.net