About file quarantine in Mac OS X v10.5 and v10.6

Summary

Mac OS X v10.5 Leopard and Mac OS X v10.6 Snow Leopard improve download validation by providing file quarantine in some applications, such as Safari, iChat, and Mail. This means that files you download via Safari, iChat, or Mail are checked for safety when you open them.

File quarantine-aware applications that download files from the Internet, or receive files from external sources (such as email attachments), will attach file quarantine attributes. When you open a potentially unsafe file in Finder, Spotlight, or from the Dock, the file quarantine feature will warn you about unsafe file types.

When you open a quarantined file, you will receive a dialog box asking, "Are you sure you want to open it?" You should cancel opening the file if you have any doubts about its safety.

Snow Leopard checks for malware

Mac OS X v10.6 Snow Leopard builds upon the existing unsafe file type check by also checking for known instances of "malware", or malicious software. When you open a quarantined file, the file quarantine feature will check to see if it may include known malware. If so, a dialog such as this will appear:

If you see "(file name) will damage your computer. You should move it to the Trash.", you should delete the file.  If it is a disk image, you should eject the image and delete the source file.

Click the Help icon in the lower left corner of the dialog box for more information about malware.