One of my scripts contains encrypted zip files that contain some MS-DOS executables that can’t be distributed freely, but which I want to make available to people who have the legal right to use them.

When I use SD notary with these apps, I get this warning message:

message: b'ditto: no password provided for encrypted PKZip archive\n'
severity: warning

It’s just a warning, but is there some way I can give Apple the password without making it available to all users?

No, and I’d be surprised if any practical arrangement for it were at all feasible, given how the system works.

As I feared. Thank you!