From e96288b41b4e8d081ae8f005a6d10a893e0d8035 Mon Sep 17 00:00:00 2001 From: Russell Hancox Date: Fri, 8 Apr 2016 12:11:08 -0400 Subject: [PATCH] santad: Exclusive-lock rules.db when opening --- Source/santad/SNTRuleTable.m | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Source/santad/SNTRuleTable.m b/Source/santad/SNTRuleTable.m index 79b9dacb..ba3b8d45 100644 --- a/Source/santad/SNTRuleTable.m +++ b/Source/santad/SNTRuleTable.m @@ -28,6 +28,9 @@ @implementation SNTRuleTable - (uint32_t)initializeDatabase:(FMDatabase *)db fromVersion:(uint32_t)version { + // Lock this database from other processes + [db executeQuery:@"PRAGMA locking_mode = EXCLUSIVE;"]; + // Save hashes of the signing certs for launchd and santad self.santadCertSHA = [[[[MOLCodesignChecker alloc] initWithSelf] leafCertificate] SHA256]; self.launchdCertSHA = [[[[MOLCodesignChecker alloc] initWithPID:1] leafCertificate] SHA256];