Monday, February 1, 2021


You don't have permission to open the application or App will damage your computer. You should move it to the Trash.

Trying to open an application fails with "don't have permissions".

Monday, February 1, 2021 - Sam Rowlands

Several people have contacted me since the release of macOS Big Sur, in that their customers are getting this error or errors very similar to this.

You don't have permission to open the application "<appName/>".

Contact your computer or network administrator for assistance.

In some cases, Apple even displays a dialog about how the application is malware.

"<appName/>" will damage your computer. You should move it to the Trash.

Before I looked into this problem, I went with my gut feeling and told customers how to activate App Wrapper 4's "Permissions Correction" option1. This appeared to resolve the issue for these customers.

Then last week it started to happen to me, with my own application that was from the Mac App Store. I dug into it, to try to figure out exactly what was going on. The main bundle, the executable were fine, some of the supporting libraries had incorrect permissions. A re-wrap of the application, fixed it.


While I don't know what triggered the denial on permissions after it's been fine, so far re-wrapping the application with version 4.1 of App Wrapper (which has the permissions correction auto-enabled) seemed to solve the issue for myself and App Wrapper customers.

Download the latest release of App Wrapper from

Why this worked for weeks without an issue and then suddenly out of the blue, not only complained about permissions, but also wanted to report the app to Apple as malware is beyond me. I can only guess that it doesn't do an evaluation when you download from the App Store, but when it decided to reevaluate, is when it when it decided it doesn't like the permissions.

I think the malware alert is a bit heavy handed, the code signature is intact and the last ContentModificationDate was the date of download.

1. It wasn't available in the main interface, because it used a new approach and I wanted to be sure that this was working correctly before enabling it.