When does Mojave check an app’s signature? The answer isn’t entirely consistent – The Eclectic Light Company

App signatures are only checked on app first run – it may once have been true, but is no longer accurate. But can you bypass those additional checks? Is this a vulnerability?

Source: When does Mojave check an app’s signature? The answer isn’t entirely consistent – The Eclectic Light Company