Chimera:DMG axon$ ls -la audacity-macosx-intel-1.2.5.dmg
-rw-r--r--@ 1 axon staff 3483297 Aug 24 16:09 audacity-macosx-intel-1.2.5.dmg
Notice the @ after the permissions. In OS X, that means that there are extended attributes. Have you ever run into a warning like this?
That's the com.apple.quarantine flag talking. We use the xattr command to view and manipulate these attributes.
Chimera:DMG axon$ xattr audacity-macosx-intel-1.2.5.dmgTo view the contents of an attribute, use the -p flag. I had already removed the com.apple.quarantine attribute from Audacity's DMG file, so I'll use the TrueCrypt DMG for this example:
Chimera:DMG axon$ xattr -p com.apple.quarantine TrueCrypt\ 6.0a\ Leopard.dmg
The contents of this attribute don't matter much, it's simply meta-data. Likely a time stamp and obviously some information about which application created the file. The mere existence of this attribute is causing the warning.
Attributes can be created or existing values modified using the -w flag. On an interesting aside, data can be hidden within a file's extended attributes. You can use an arbitrary attribute name, although I don't know what maximum length exists for the attribute name or its contents.
Chimera:DMG axon$ sudo xattr -w secret.message "all your base are belong to us" \
Chimera:DMG axon$ xattr -p secret.message audacity-macosx-intel-1.2.5.dmg
all your base are belong to us
To remove the attribute, use the -d [attribute] flag.
Chimera:DMG axon$ sudo xattr -d com.apple.quarantine audacity-macosx-intel-1.2.5.dmg
Chimera:DMG axon$ xattr audacity-macosx-intel-1.2.5.dmg
Only secret.message and com.apple.diskimages.recentcksum remain. The last is an attribute containing (among other things) the checksum of the DMG file, for integrity purposes. I'd imagine it would be easy to modify manually, but I don't even know if the operating system uses this checksum upon mounting the disk image.
Mac OS X Internals covers many more of the attributes that are officially recognized by the operating system, as well as a wealth of other tricks with the kernel, sysctl etc, and is worth a read if this kind of stuff fascinates you.