For macos apps downloaded from the Internet, I am kinda paranoid and don't trust most of apps for security reasons, especially I am living in a country which does censorship too much.
I think there are three ways to run an app.
- Open the .dmg file (basically mount it), double click the app to launch it directly.
- Drag it to somewhere else (user space folder) other than the default Applications folder which requires root permission.
- Drag it to the default Applications to install it.
I am wondering if I choose Option 1, can I say it's much safer way than the Option 3?
The above words are my question. The following words are just some optional questions. You can ignore all the following words.
If I choose Option 1, will it cause any issues when running such app? So far, I don't see any issues by using this way.
I am wondering if there are any better options here to run the app in a sandbox? (virtual machine is not an option here because I care about performance too. I don't want to pay extra cpu/ram resources to affect the performance)
Btw, I knew the best way to avoid such problem is to NOT run any apps I don't trust. But this is life, and I have to run the apps which I don't trust, otherwise I can not work and live in my society.