At work I need to sign executables with a very expensive code signing certificate. I can sign anything with it though. I still have no idea how that makes the executables more legit :).
You seem to be a power user, and I get what you want, but pleeeease no signed binaries! :D For me a setting "I know what I'm doing" would be good enough :) (like on Android smartphones). That way I can install anything I want, and you can install only signed binaries.
> I still have no idea how that makes the executables more legit :)
I think the idea is that if Apple finds you signing software with malware, they can invalidate your certificate, and then your software won't run anymore on anyone's mac. And you know that you will lose your certificate and have a hard time creating a new one if you sign malware, so you probably won't do it. You also know that by default, your users won't be able to run malicious versions of your software, so your reputation won't be damaged by stories of "I installed the Schipplock Frobnicator App and my machine got infected".
In effect, it's a decent system to allow other distribution methods than the App Store without opening the flood-gates for malware and trojans. I 100% agree though that there should be some obscure option to run unsigned software, it should be a system acting on behalf of the user to protect the user, not a system acting on behalf of Apple to control the user.
You seem to be a power user, and I get what you want, but pleeeease no signed binaries! :D For me a setting "I know what I'm doing" would be good enough :) (like on Android smartphones). That way I can install anything I want, and you can install only signed binaries.