github/santa
1
1
Fork 0
mirror of https://github.com/google/santa.git synced 2026-01-15 01:08:12 -05:00
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • 2a7c0bd58c SNTFileInfo: Go back to using mmap, uncached read balloons memory use Russell Hancox 2015-10-27 18:08:16 -04:00
  • 86e4d0db0f santactl: Use yyyy instead of YYYY in NSDateFormatter Russell Hancox 2015-10-27 17:58:23 -04:00
  • 1310fea64d santa-driver: Only try to use/release proc_t if proc_find found it. 0.9.5 Russell Hancox 2015-10-22 11:29:49 -04:00
  • 382f5a5bb9 Merge pull request #30 from stephanemoore/patch-1 Russell Hancox 2015-10-22 08:39:54 -04:00
  • ff3303e312 Fix application deadlock. Stephane Moore 2015-10-21 17:45:59 -07:00
  • 6ce0ef62e9 SantaGUI: Ensure connection is only made on main thread 0.9.4 Russell Hancox 2015-10-15 18:31:07 -04:00
  • 2a03341fb6 santad: Add configuration option for turning off PAGEZERO protection. Russell Hancox 2015-10-15 18:10:00 -04:00
  • 77a55dde56 santad: Catch errors archiving/unarchiving SNTStoredEvent, delete events that fail Russell Hancox 2015-10-15 18:09:46 -04:00
  • 1a71cdff4a santad/santactl: Report back if rule adding/removing failed rather than assuming success. Russell Hancox 2015-10-15 12:15:38 -04:00
  • 63f65c51c3 SNTFileInfo: Use NSURL method for getting quarantine data, don't try to use <10.10 Russell Hancox 2015-10-15 12:14:53 -04:00
  • 75de2526c1 santactl/binaryinfo: Only print quarantine fields if they're not empty Russell Hancox 2015-10-14 23:37:16 -04:00
  • 6fc4b7b120 santactl/binaryinfo: Increase key padding +1 Russell Hancox 2015-10-14 23:31:30 -04:00
  • 7b8068139b santad, santactl/sync: Collect and upload quarantine data with events. Russell Hancox 2015-10-14 23:02:20 -04:00
  • ced7de884f santactl/binaryinfo: Add quarantine data to output, add print method to simplify changes. Russell Hancox 2015-10-14 20:12:04 -04:00
  • bc51c9f25b SNTFileInfo: Add com.apple.quarantine data accessors for downloaded files. Russell Hancox 2015-10-14 20:11:32 -04:00
  • c412e8b9a7 SNTFileInfo: Fix embedded plist parsing, extract into separate method Russell Hancox 2015-10-14 20:07:50 -04:00
  • 4e0ff224b6 Project: Remove SNTCertificate/SNTCodesignChecker, use new CocoaPod versions Russell Hancox 2015-10-09 17:21:10 -04:00
  • 61c817c9cb Tests: Fix SNTRuleTable tests 0.9.3 Russell Hancox 2015-10-09 15:14:15 -04:00
  • 2ed384f677 santactl/sync: Only update client mode at end of sync Russell Hancox 2015-10-09 13:12:25 -04:00
  • 7a851cb080 santad: Typo in comment Russell Hancox 2015-10-08 19:54:23 -04:00
  • 13aa889633 SNTFileInfo: Add fileSize method, use it in SNTEventLog Russell Hancox 2015-10-08 17:57:02 -04:00
  • 5c3fba5f41 santad: Prevent user/server from accidentally deleting rules that would kill the system. Russell Hancox 2015-10-08 17:45:39 -04:00
  • 145d9216bf Project: Don't bother with "xcodebuild clean" for Rakefile clean rule Russell Hancox 2015-10-08 17:43:59 -04:00
  • 84f46de940 Driver/Daemon: Collect process name in-kernel for file events, parent name for exec requests. For file events log process name and path, if possible. Russell Hancox 2015-10-05 17:01:51 -04:00
  • cb9a5b6fbe santactl: Add --json option to both status and version commands. Russell Hancox 2015-10-05 14:15:10 -04:00
  • d9718faba4 SNTFileInfo: Return non-embedded dict if locating embedded fails Russell Hancox 2015-10-05 14:13:40 -04:00
  • 5472ff41f0 santactl/status: Show timezone as UTF offset rather than name Russell Hancox 2015-10-05 13:00:55 -04:00
  • 4f94c3b310 santactl/status: Use fixed format for sync date output but still include TZ. Russell Hancox 2015-10-03 19:57:19 -04:00
  • 420f1efa50 santad: For file write events, print process name as well as pid. Russell Hancox 2015-10-03 18:16:06 -04:00
  • 5d2ce17817 santactl/status: When printing last sync date, use local timezone and locale settings Russell Hancox 2015-10-03 18:15:41 -04:00
  • 053cb823a1 santa-driver: Change C++ std to C++11 Russell Hancox 2015-10-03 18:15:11 -04:00
  • 18a7992372 Config: Add more protected keys, only protect if a server is set 0.9.2 Russell Hancox 2015-10-02 16:35:30 -04:00
  • 9e935f5bfb GUI: Include CFBundleName as first item in UI, if available. Russell Hancox 2015-10-01 18:53:58 -04:00
  • 9f49e24dc5 santad: Update file changes logging to use a configurable regex Russell Hancox 2015-10-01 17:57:07 -04:00
  • dbf60f16bc santactl/sync: Fix typo causing clean sync on every run Russell Hancox 2015-09-30 16:00:39 -04:00
  • 0f3a228788 santactl/rule: Make help text a little clearer Russell Hancox 2015-09-28 17:46:30 -04:00
  • d905f5b095 santactl/rule: Add ability to add certificate rules. Re-write argument parsing. Russell Hancox 2015-09-28 17:20:34 -04:00
  • 1c310486c7 santactl/status, santad: Show watchdog events in status output Russell Hancox 2015-09-28 16:41:33 -04:00
  • 4b01c6da91 santactl/status: Report some sync statuses. Russell Hancox 2015-09-28 16:14:45 -04:00
  • 5782378616 santactl/sync, santad: Add clean sync and last success options, use to initiate clean sync when database is re-created Russell Hancox 2015-09-28 16:11:17 -04:00
  • 64c97ebfba santad: If database open fails, delete and re-create. Russell Hancox 2015-09-28 16:09:05 -04:00
  • 5fd4d56b00 santactl/sync: Add ability to sync blacklist regex Russell Hancox 2015-09-28 16:08:11 -04:00
  • e658b5167e Project: Update README a little Russell Hancox 2015-09-24 18:15:03 -04:00
  • cea698d720 SNTCertificate: Add serialNumber and isCa properties. Russell Hancox 2015-09-21 17:48:47 -04:00
  • c07f41c312 santad: Stop closing stdout/stderr Russell Hancox 2015-09-21 15:59:32 -04:00
  • a837aa0334 santactl/status: Use dispatch group instead of sleeping Russell Hancox 2015-09-21 15:59:20 -04:00
  • 0050724e22 SNTXPCConnection: Use semaphore instead of variable & sleep. Russell Hancox 2015-09-21 15:58:54 -04:00
  • adac4ac75c SantaGUI: windowWillClose and orderOut are being marked nonnull Russell Hancox 2015-09-21 15:51:36 -04:00
  • 718f37024a SNTConfigurator: Use NSPropertyListImmutable instead of kCFPropertyListImmutable Russell Hancox 2015-09-21 15:51:03 -04:00
  • fcb3008539 Rakefile: Handle xcpretty missing better Russell Hancox 2015-09-21 15:50:22 -04:00
  • 8faf3eec53 santactl/sync: Validate incoming rules better 0.9.1 Russell Hancox 2015-09-16 15:59:50 -04:00
  • 2bc3df3255 santad: Stop using mmap while reading files, it can be forced to crash by truncating the file. Russell Hancox 2015-09-16 15:52:49 -04:00
  • 5b0e550c85 santad: Add BlacklistRegex option, log a useful explanation when decision is made by scope Russell Hancox 2015-09-16 14:19:33 -04:00
  • e52211abf2 santa-driver: Release proc_t acquired with proc_find. Russell Hancox 2015-09-15 17:23:07 -04:00
  • 9b6f231b34 santa-driver: Check for daemon earlier in FetchDecision Russell Hancox 2015-09-14 18:20:33 -04:00
  • b71223705f santa-driver: If daemon fails to provide a response, print the path of the files it failed on Russell Hancox 2015-09-14 18:19:56 -04:00
  • 863fbe69bb santa-driver: Simplify AddToCache's locking Russell Hancox 2015-09-14 18:19:28 -04:00
  • 2d46279961 santa-driver: Use 0 as the client_pid when not connected Russell Hancox 2015-09-14 18:18:51 -04:00
  • 0d0207d77f santa-driver: lck_attr and lck_grp_attr need freeing Russell Hancox 2015-09-14 18:18:20 -04:00
  • 00bbade34f santa-driver: ClientConnected() should check if process is exiting/dying. Russell Hancox 2015-09-14 18:08:57 -04:00
  • 682f741ddc santad: Separate uid/gid fields in log. Russell Hancox 2015-09-11 11:35:14 -04:00
  • 3d2744c9e3 santactl/sync: Use lib compression for both preflight and event upload phases Russell Hancox 2015-09-09 17:13:38 -04:00
  • cc286dcf16 santad: Fix event storage Russell Hancox 2015-09-09 17:13:21 -04:00
  • 27c6e2a7bd santa-driver: Don't send file mod messages unless daemon is connected Russell Hancox 2015-09-09 14:22:31 -04:00
  • 72c7a67ad5 Logging: Limit kernel messages to those actually sent by the kernel Russell Hancox 2015-09-09 13:34:30 -04:00
  • 8fe5e4e238 Logging: Update logMessage to use asl directly, adding a facility Russell Hancox 2015-09-09 11:56:53 -04:00
  • 02f23d0c62 santad: Add LogFileChanges option, remove LogAllEvents, fix key protection Russell Hancox 2015-09-09 11:56:31 -04:00
  • ff6f4d4152 Common: Update SNTRule and SNTStoredEvent isEqual/hash/description methods. Russell Hancox 2015-09-08 16:35:50 -04:00
  • 2242f46792 Conf: Don't roll logs too regularly Russell Hancox 2015-09-08 16:34:38 -04:00
  • 642b5609b2 Tests: Fix tests after adding file write logging Russell Hancox 2015-09-08 16:34:21 -04:00
  • 98878f3e7c Kernel/santad: Add file write logging and exec argv's. Russell Hancox 2015-09-08 16:33:59 -04:00
  • 3eb28deccf santa-driver: Verify input args are not nullptr's. Russell Hancox 2015-09-08 14:41:34 -04:00
  • 761a852156 santad: Always request sizeof(santa_message_t) regardless of previous message size Russell Hancox 2015-09-08 14:40:50 -04:00
  • f4ddb11c1f santad: Force database permissions on startup Russell Hancox 2015-09-08 14:33:25 -04:00
  • 75158c11ea santa-driver: Don't create santa_message_t structs on the stack. Russell Hancox 2015-08-19 16:20:38 -04:00
  • fe96706b0c KernelTests: Always unload kext and cleanup tmp after running Russell Hancox 2015-08-27 17:20:01 -04:00
  • b87482e824 santad: Move page zero check to after binary/cert rule checks so 'bad' binaries can be whitelisted and notifications will be generated when they're blocked Russell Hancox 2015-08-27 15:24:44 -04:00
  • a9ba99dc79 SNTFileInfo: Re-write mach header parsing Russell Hancox 2015-08-27 15:24:10 -04:00
  • 8884e92a1a Tests: Add test for missing/bad pagezero Russell Hancox 2015-08-27 15:23:50 -04:00
  • 6385514257 santad: Block 32-bit binaries with missing/invalid page zero Russell Hancox 2015-08-19 12:49:59 -04:00
  • d3ad47022b Conf: Change log time format to ISO8601Z.3 Russell Hancox 2015-08-27 15:25:01 -04:00
  • 138d4b507d SantaGUI: Fix fast-user-switching support. Russell Hancox 2015-08-18 17:00:38 -04:00
  • 3c0b195bcf Update travis.yml to add Cocoapod caching Russell Hancox 2015-08-07 17:03:42 -04:00
  • d941a71bb5 Package: Forcibly make santactl symlink Russell Hancox 2015-08-05 16:19:37 -04:00
  • 08697d9daf KernelTests: Fix lots-of-executions test 0.9 Russell Hancox 2015-08-05 15:58:15 -04:00
  • 8959871988 Rakefile: Clean before dist Russell Hancox 2015-08-05 12:09:08 -04:00
  • bb43a04992 SNTFileInfo: Always try to get embedded info.plist before bundle plist Russell Hancox 2015-08-05 12:01:05 -04:00
  • 5f93dc7991 Project: Stop trying to be smart with logging destinations Russell Hancox 2015-08-04 18:13:04 -04:00
  • 9be8eb223c KernelTests: Stop blocking ps while tests are running, block ed instead. Russell Hancox 2015-08-04 17:13:35 -04:00
  • e8b6c47e0f KernelTests: Remove timeout, chdir to tmp dir before executing, add lots-of-binaries test Russell Hancox 2015-08-04 17:13:20 -04:00
  • 697d442afb Project: Update Mac OS X -> OS X. Russell Hancox 2015-08-04 13:54:55 -04:00
  • 5dbd261b5a GUI: Allow selection of all fields and add ppid to end of parent name. Russell Hancox 2015-08-04 13:53:47 -04:00
  • 9bc94ca658 GUI: Add defaultBlockMessage configuration Russell Hancox 2015-08-04 13:52:44 -04:00
  • 4404b5f849 santactl/sync: Default to ephemeralSessionConfiguration to avoid caching Russell Hancox 2015-08-03 18:03:51 -04:00
  • 6a4b73b8a9 santa-driver: Before posting request to santa, ensure it exists in the cache already Russell Hancox 2015-08-03 18:02:57 -04:00
  • b6146224b3 santa-driver: Make "cache too large" log info instead of debug Russell Hancox 2015-08-03 18:02:34 -04:00
  • e3593c1b0c santad: fclose stderr for santactl sync too Russell Hancox 2015-07-22 16:35:25 -04:00
  • 90a2f10da6 santactl/rule: Print usage when args are bad, catch missing long arguments. Russell Hancox 2015-07-22 13:48:07 -04:00
  • 60bab1c004 Rakefile: Don't miss santad/santactl dSYMs Russell Hancox 2015-07-21 15:22:14 -04:00
  • 0898940d0b santad: Pass santa_message_t straight to SNTExecutionController 0.8.9 Russell Hancox 2015-07-21 14:46:32 -04:00