github/santa
1
1
Fork 0
mirror of https://github.com/google/santa.git synced 2026-01-14 16:58:02 -05:00
Code Issues Packages Projects Releases Wiki Activity
874 Commits 2 Branches 101 Tags
1.0.3
Commit Graph

705 Commits

Author SHA1 Message Date
Tom Burgin
d1d008af0a don't log TRUNCATE and don't log fileops from com.google.santa.daemon (#428) 
* don't log TRUNCATE and don't log fileops from com.google.santa.daemon

* review updates
 2019-12-20 14:00:16 -05:00
Tom Burgin
5db56e01f5 cleanup 10.14 -> 10.15 upgrade artifacts (#427) 
* cleanup 10.14 -> 10.15 upgrade artifacts

* exit exit

* exit exit
 2019-12-19 15:56:59 -05:00
Tom Burgin
726c49bec5 com.google.santa.daemon: handle es deadline (#426) 
* com.google.santa.daemon: deny execs that are about to exceed the es deadline

* update comment

* actually handle the deadline
 2019-12-16 13:03:20 -05:00
Tom Burgin
ae5db5dde7 com.google.santa.daemon: lookup the tty for deny decisions before posting the decision (#425) 2019-12-13 15:24:21 -05:00
Tom Burgin
2671807f0e com.google.santa.daemon: don't reload if versions have not changed (#424) 2019-12-12 14:02:23 -05:00
Tom Burgin
70c8626016 fix com.google.santa.daemon path for critical system binary checking (#423) 2019-12-12 11:41:16 -05:00
Tom Burgin
436c472a49 es event provider: support transitive whitelisting (#422) 
* es event provider: support transitive whitelisting

* remove vector

* truncate check

* consistent log style

* review updates
 2019-12-12 11:30:05 -05:00
Tom Burgin
ed5be6b062 com.google.santa.daemon: async es message handling (#421) 
* fix Santa.xcodeproj

* com.google.santa.daemon: some es tweaks

* review updates
 2019-12-09 11:21:12 -05:00
Russell Hancox
a38f24728a santactl/status: Remove kext section of status on 10.15+ 2019-11-25 19:32:54 -05:00
Russell Hancox
4af026356f santactl/version: print useful status for santa-driver on 10.15 2019-11-25 19:32:30 -05:00
Russell Hancox
c6e1bb5618 santad: Fix Apple-cert trust 2019-11-25 19:31:51 -05:00
Russell Hancox
3d393e9aa4 santa-driver: Workaround 10.15 SDK Dispatch() issue 2019-11-09 08:18:51 -05:00
Russell Hancox
b8f3122ee9 santad: Don't need macos_command_line_application anymore 2019-11-08 22:22:09 -05:00
Russell Hancox
8acfa6591e santa-driver: Fix compilation of SNTPrefixTree 2019-11-08 22:22:09 -05:00
Russell Hancox
25b75b0e1b santad: Re-work targets to avoid unnecessary postprocessing 2019-11-08 22:22:09 -05:00
Russell Hancox
cb01b77f84 Project: no longer need to move the embedded provisionprofile 2019-11-08 22:22:09 -05:00
Russell Hancox
61582a0324 Project: standardize Info.plist and entitlement paths 2019-11-08 22:22:09 -05:00
Russell Hancox
a17b5d51a4 Project: more BUILD file cleanups, remove commented provisioning_profile attrs 2019-11-08 22:22:09 -05:00
Russell Hancox
447ea8674b Project: run buildifier on all bazel files, fix typo (#405) 2019-11-08 22:22:09 -05:00
Russell Hancox
c5eec850e1 Project: update santad path (#404) 2019-11-08 22:22:09 -05:00
Russell Hancox
1870631150 Project: Update bazel rules for endpointsec (#403) 2019-11-08 22:22:09 -05:00
Russell Hancox
20ed1659c1 santad: Don't store rules for santad/launchd, keep in-mem (#402) 2019-11-08 22:22:09 -05:00
Tom Burgin
258de3efba handle all ACTION_RESPOND_* (#401) 2019-11-08 22:22:09 -05:00
Tom Burgin
394fd5fab9 add required santad entitlements (#400) 2019-11-08 22:22:09 -05:00
Russell Hancox
53b7ef86ed santad: Log file changes, use prefix trees (#398) 2019-11-08 22:22:09 -05:00
Russell Hancox
423479771e santad: Use args from endpointsecurity rather than using the sysctl (#396) 
This should be much more reliable and, in theory, faster.
 2019-11-08 22:22:09 -05:00
Tom Burgin
933271826b simplify santabundleservice xpc connection protocol (#397) 
* simplify santabundleservice xpc connection protocol

* fix BUILD deps

* fix BUILD deps

* know
 2019-11-08 22:22:09 -05:00
Tom Burgin
880170ea7d make santabundleservice a command line app (#395) 
* make santabundleservice a command line app

* bazel - don't build santabs.xpc
 2019-11-08 22:22:09 -05:00
Russell Hancox
e58ec37881 santad: Fix BUILD after moving EventProviders (#394) 2019-11-08 22:22:09 -05:00
Russell Hancox
dece50dd10 Logging: under 10.15, force santad into syslog mode (#393) 2019-11-08 22:22:09 -05:00
Russell Hancox
9db9fc6009 santad: Move event providers into a new group, make ES connection logic smarter (#392) 2019-11-08 22:22:09 -05:00
Russell Hancox
f38c030805 Add file IDs to messages (#391) 2019-11-08 22:22:09 -05:00
Tom Burgin
d8060d3af9 update component paths (#390) 2019-11-08 22:22:09 -05:00
Russell Hancox
34b4090b42 Project: fix some new Xcode11 warnings (#389) 2019-11-08 22:22:09 -05:00
Tom Burgin
c6ca3d64b3 add SNTEventProvider interface (#388) 
* Add SNTEventProvider interface

* execution controller test should use the event provider interface

* * Xcode project: Use manual signing
* SNTEndpointSecurityManager: Don't cache deny decisions
* Review updates

* review updates
 2019-11-08 22:22:09 -05:00
Tom Burgin
4913426631 * Added Xcode project + pods (#387) 
* * Added Xcode project + pods
* Cleaned up unused SNTXPCUnprivilegedControlInterface MachServices id.
* Change santad's MachServices id to be compatible with the default SystemExtension namespace template.

* pods

* bazel

* switch MachService name for 10.15+

* build with SystemExensions framework

* build with Xcode 11

* launchd.plist fix

* use @available

* * Request SystemExtension activation on a background thread.
* Create a constant for the "com.google.santa.daemon" SystemExtension id.
 2019-11-08 22:22:09 -05:00
ancdesign
7ef88d06a5 fix typo (inital -> intial) (#378) 2019-07-29 08:29:04 -04:00
Russell Hancox
bc82d7988b santad: Add /usr/lib/dyld to critical system binaries (#376) 
dyld is also authorized by santad and a bad cache eviction plus trustd/ocspd not running can result in deadlock.

Fixes #375, probably.
 2019-07-22 17:05:34 -04:00
Russell Hancox
545fa858e4 SantaGUI: ensure bundle listeners are invalidated (#373) 
When setting a new bundle service listener, it was possible for an existing listener to be replaced without invalidating it first. This can cause crashes if a process somehow tries to connect to that listener later on.
 2019-07-17 11:27:50 -04:00
Tom Burgin
3583113381 santactl: nil prefix value check - fixes #361 (#362) 
* santactl: nil prefix value check - fixes #361

* santactl: check all filters
 2019-07-12 13:13:43 -04:00
Tom Burgin
8198e59736 tests: Create a SantaPrefixTree userland lib (#359) 2019-03-04 14:22:19 -05:00
Russell Hancox
c5f0f5d177 Project: Use MOLCodesignChecker v2.1 (#356) 2019-02-27 16:15:13 -05:00
Tom Burgin
ebc93954be SantaGUI: Fix message text. Add support for Dark Mode. (#354) 2019-02-21 16:53:20 -05:00
Russell Hancox
cb4d2984b3 SantaCache: Fix possible divide by zero in bucket count calculation (#353) 2019-02-20 17:56:42 -05:00
Russell Hancox
4c2018ef67 SantaCache: Fix flaky test (#352) 2019-02-20 13:18:40 -05:00
Russell Hancox
06d8295d0a Project: Use apple_resource_group for test resources. Fix bazelrc (#351) 2019-02-19 12:20:30 -05:00
Tom Burgin
ef8e9975e9 c++11 features (#350) 2019-02-15 17:14:10 -05:00
Russell Hancox
31509f4b9c Project: Minor tidy-ups (#349) 2019-02-15 16:59:32 -05:00
Tom Burgin
497c1f393f project format (#347) 
* starlark format

* Source/santa-driver -> Source/santa_driver

* buildifier

* kernel_tests unloads the driver

* review updates

* review updates
 2019-02-15 15:38:06 -05:00
Tom Burgin
8334a245c7 cleanup unused includes (#346) 2019-02-15 11:12:38 -05:00