ReactOS 0.4.14

[marcodiego]

The problems are nowhere near the same level. AFAIK MacOS users have to, at least, move a package to a certain folder for installing it. It is not something that happens by accident or just clicking yes.

EDIT: For people enlightening me about the other ways to install or run binaries on MacOS: thanks for the info! I have really little experience with MacOS, but my GF uses a MacBook and I know it is not as easy to be used in deceptive ways as Windows is. So, considering the other ways to install or run apps on MacOS, to they run the app inside a sandbox? Do they need the user to type a password? Do they run with limited permissions? Do they need explicitly working around notarization to run?

[mschuster91]

> AFAIK MacOS users have to, at least, move a package to a certain folder for installing it.

That's wrong. There are multiple ways to distribute/install/run arbitrary programs on a macOS machine:

- Opening a .dmg disk image file and moving the application inside to /Applications will "install" the application

- Opening a .dmg disk image file and directly running the application inside will immediately run it with the current user's permission

- Extracting a .zip archive will yield the application's directory in wherever the zip file is, ready to execute by clicking on it

- Clicking on a .pkg installer will install the program to the path the user chooses (usually /Applications)

- Clicking on a .pkg installer will allow the installer (after a confirmation prompt) to run a "pre-installation" script - Zoom infamously uses that to ease the installation process (https://www.reddit.com/r/programming/comments/ft3ai3/zoom_us...)

The last option is particularly dangerous since users in the admin group usually have passwordless sudo configured, which means that running the pre-installation script in a .pkg gives that script root permissions!

[easton]

> users in the admin group usually have passwordless sudo configured

I don’t think that’s true. It’s not on by default in macOS, and to turn it on you have to edit /etc/sudoers which isn’t commonly done on macOS (since sudo permissions can be managed via the checkbox in System Preferences).

[qwytw]

You don't actually need to install .app containers by moving them to the Applications folder you can run them from anywhere. In fact they are just basically folders with a binary file inside so it's basically the same as downloading an .exe on Windows and just launching them (of course on modern macOS they run in a sandbox and require explicit permission to access any files outside of it).

Apps shipped in a .pkg do need to be installed, though. But from an user standpoint the process is almost identical to a Windows installer wizard.