github/santa
1
1
Fork 0
mirror of https://github.com/google/santa.git synced 2026-01-14 08:47:57 -05:00
Code Issues Packages Projects Releases Wiki Activity
931 Commits 2 Branches 101 Tags
1.15
Commit Graph

740 Commits

Author SHA1 Message Date
Russell Hancox
2221c93bbc santa-driver: Fix some new Xcode 12 warnings (#502) 
The ossharedptr-misuse warning is generated from within system headers and I couldn't
find a simple way to prevent that other than disabling the warning entirely. We don't
use OSSharedPtr directly anyway.
 2020-10-22 13:41:31 -04:00
Tom Burgin
d1c33baf35 project: add EnableDebugLogging option (#501) 
* project: add EnableDebugLogging option

* review updates
 2020-10-22 10:11:18 -04:00
Tom Burgin
d2bbdff373 Add the option to ignore actions from other ES clients (#498) 
* [com.google.santa.daemon]: add the option to ignore actions from other ES clients

* review updates

* review updates
 2020-10-21 13:20:13 -04:00
Hugh Neale
d17aeac2f4 Make it possible to remotely set the FullSyncInterval (#494) 
Make it possible for the sync server to set the FullSyncInterval with "full_sync_interval" during `preflight`
 2020-10-01 13:47:55 -04:00
Hugh Neale
7840270dd0 Support for %hostname%, %uuid% and %serial% to eventDetailURLForEvent (#493) 
Added support for %hostname%, %uuid% and %serial% to eventDetailURLForEvent to provide additional system information for blocked events & updated documentation references for supported URL params.
 2020-08-31 10:38:35 -04:00
Russell Hancox
64bc34c302 santactl/rule: make flags consistent with help text (#486) 2020-07-29 13:39:41 -04:00
Russell Hancox
e2fc4c735d santad: Prevent kext from being loaded when ES is running (#484) 2020-07-21 10:18:22 -04:00
Russell Hancox
ff9cb34490 Project: avoid public visibility (#483) 2020-07-20 12:19:14 -04:00
Russell Hancox
60405f1e10 Fix some recent warnings (#482) 2020-07-20 11:36:25 -04:00
Edward Eigerman
ac9d3b2adf Update AboutWindow.xib (#481) 
Remove the word "whitelist" from the user-facing window.
 2020-07-17 22:11:23 -04:00
Tom Burgin
2f6ed455e5 add fork and exit logging (#478) 
* added fork and exit logging

* what did you use?

* review updates
 2020-07-09 16:36:23 -04:00
Tom Burgin
8cb86b6d1d syncservice: create stub for syncservice (#477) 
* stub for santasyncservice

* update protocol
 2020-07-08 15:42:42 -04:00
Russell Hancox
fc074f6014 santactl: Make logging around rule download clearer (#476) 2020-07-08 10:09:56 -04:00
Russell Hancox
8d2c39b71d Project: update whitelist/blacklist -> allowlist/blocklist (part 1: code) (#468) 2020-06-08 11:11:30 -04:00
Russell Hancox
8f872fb4fc Project: disable known deprecated warnings (#467) 2020-06-04 11:52:24 -04:00
Russell Hancox
5512f8cf19 santad/sysx: Prevent unlinking databases (#465) 
* santad/sysx: Prevent unlinking databases
 2020-06-01 13:21:30 -04:00
Russell Hancox
6742b38e31 santad: If database is locked don't attempt to unlink it (#466) 
* santad: If database is locked don't attempt to unlink it
 2020-05-29 17:22:23 -04:00
Russell Hancox
d1635f7e11 santad: Fix decision fetching for certs by hash (#464) 
* santad: Fix decision fetching for certs by hash

Fixes #463
 2020-05-11 11:43:07 -04:00
Russell Hancox
428582f471 santa-driver: fix use-after-free race in Get*MemoryDescriptor() 2020-04-07 17:14:02 -04:00
Russell Hancox
6e0effc0f4 santa-driver: fix off-by-one bug in externalMethod 2020-04-07 17:14:02 -04:00
Russell Hancox
683114fbec santa-driver: fix integer overflow/underflow in bucket_counts() 2020-04-07 17:14:02 -04:00
Tom Burgin
e6aaf2f198 Santa.app: don't request SystemExtension loading (#454) 2020-03-17 16:23:48 -04:00
Tom Burgin
1c3757d4ab santactl: don't watch for config changes (#453) 
* santactl: don't watch for config changes

* bump version
 2020-03-16 18:40:36 -04:00
Tom Burgin
4346bb29c2 santactl: sanitize rule payload (#450) 
* santactl: sanitize rule payload

* version bump
 2020-02-27 15:16:40 -05:00
Tom Burgin
09655df8fc com.google.santa.daemon: reorder cleanup() (#448) 
* com.google.santa.daemon: reorder cleanup()

* version bump
 2020-02-26 15:13:51 -05:00
Tom Burgin
7504cd36e1 Simplify install scripts (#447) 
* installer to respect EnableSystemExtension

* conform
 2020-02-26 12:58:12 -05:00
Tom Burgin
ac07f5d54b santad: add prefixes on a background thread (#444) 
* add prefixes on a background thread

* version bump
 2020-02-21 16:54:42 -05:00
Tom Burgin
d116f7b01e santad: wait for driver connection before adding prefix filters (#443) 
* wait for driver connection before adding prefix filters

* version bump

* fix travis build
 2020-02-21 14:58:12 -05:00
Tom Burgin
63ca34bc54 santad: fix launch path and args for loading the system extension (#442) 
* missing /

* version bump

* that was close
 2020-02-20 20:01:42 -05:00
Tom Burgin
de2bdd6653 update EnableSystemExtension when the config changes 🤦 (#440) 2020-02-19 17:03:58 -05:00
Tom Burgin
24854d4ad7 Config: EnableSystemExtension option (#438) 
* Config: add EnableSystemExtension option

* format

* i don't trust kvo

* review updates
 2020-02-18 17:48:06 -05:00
Russell Hancox
bf6f78df09 common: Eliminate VLA usage in SNTFileInfo (#435) 
VLAs complicate static analysis and bloat stack size. Replace VLA allocation with calls to malloc and free
 2020-02-11 10:55:57 -05:00
Russell Hancox
c05806916b santad: Add config flag to block all binaries with bad signatures. (#434) 
* santad: Add option to block all binaries with bad signatures.
 2020-02-10 13:45:22 -05:00
Russell Hancox
e48ce0cfe3 santad: Move signature fetching into SNTPolicyProcessor (#433) 
This also removes an unnecessary hash, checks code signatures on non-MachO files (which is rare but possible) and fixes a rare crash in EndpointSecurityManager
 2020-02-07 14:32:00 -05:00
Russell Hancox
f6dc36e812 santactl/sync: Skip event upload for clean sync 
This lets a clean sync clear out the existing events without attempting to upload them.
 2020-01-13 14:56:01 -05:00
Tom Burgin
d1d008af0a don't log TRUNCATE and don't log fileops from com.google.santa.daemon (#428) 
* don't log TRUNCATE and don't log fileops from com.google.santa.daemon

* review updates
 2019-12-20 14:00:16 -05:00
Tom Burgin
5db56e01f5 cleanup 10.14 -> 10.15 upgrade artifacts (#427) 
* cleanup 10.14 -> 10.15 upgrade artifacts

* exit exit

* exit exit
 2019-12-19 15:56:59 -05:00
Tom Burgin
726c49bec5 com.google.santa.daemon: handle es deadline (#426) 
* com.google.santa.daemon: deny execs that are about to exceed the es deadline

* update comment

* actually handle the deadline
 2019-12-16 13:03:20 -05:00
Tom Burgin
ae5db5dde7 com.google.santa.daemon: lookup the tty for deny decisions before posting the decision (#425) 2019-12-13 15:24:21 -05:00
Tom Burgin
2671807f0e com.google.santa.daemon: don't reload if versions have not changed (#424) 2019-12-12 14:02:23 -05:00
Tom Burgin
70c8626016 fix com.google.santa.daemon path for critical system binary checking (#423) 2019-12-12 11:41:16 -05:00
Tom Burgin
436c472a49 es event provider: support transitive whitelisting (#422) 
* es event provider: support transitive whitelisting

* remove vector

* truncate check

* consistent log style

* review updates
 2019-12-12 11:30:05 -05:00
Tom Burgin
ed5be6b062 com.google.santa.daemon: async es message handling (#421) 
* fix Santa.xcodeproj

* com.google.santa.daemon: some es tweaks

* review updates
 2019-12-09 11:21:12 -05:00
Russell Hancox
a38f24728a santactl/status: Remove kext section of status on 10.15+ 2019-11-25 19:32:54 -05:00
Russell Hancox
4af026356f santactl/version: print useful status for santa-driver on 10.15 2019-11-25 19:32:30 -05:00
Russell Hancox
c6e1bb5618 santad: Fix Apple-cert trust 2019-11-25 19:31:51 -05:00
Russell Hancox
3d393e9aa4 santa-driver: Workaround 10.15 SDK Dispatch() issue 2019-11-09 08:18:51 -05:00
Russell Hancox
b8f3122ee9 santad: Don't need macos_command_line_application anymore 2019-11-08 22:22:09 -05:00
Russell Hancox
8acfa6591e santa-driver: Fix compilation of SNTPrefixTree 2019-11-08 22:22:09 -05:00
Russell Hancox
25b75b0e1b santad: Re-work targets to avoid unnecessary postprocessing 2019-11-08 22:22:09 -05:00