Issues with Removing "dangerous" App

eustas1
New Contributor

This is probably a dumb question but I have not been able to find an answer.

I was requested to remove an App which was purchased by a 3rd party and converted to a "dangerous" app. I am able to get the Bundle ID for the App but not the Name (IE: App Name "Keynote" would be Bundle ID "com.apple.Keynote.") When I type the name of the app in nothing related shows up. As long as I have the Bundle ID, can I substitute my own "App Name" and still have the App Restriction work?

1 REPLY 1

sgiesbrecht
Contributor III

No, you can't

Do you still have the installer?  If yes, you can use the app Suspicious Package ( https://mothersruin.com/software/SuspiciousPackage/get.html ) to get details of the installer.  It will list the scripts, Files and Receipts.  There you can look for the .app, script name or Unix executable.

I haven't tried with scripts / Unix executables so I don't know if that will work with rectriction.
If Restriction does not work, you can use Files and Processes in Policies and run ongoing / daily