Matt W
Matt W
> Are transitive rules evaluated before scopes? Yes. > I can confirm that compiler configuration is correctly set however the output is still blocked. We know there are some gaps...
Related: #1327 This shouldn't affect `go build`, but if you use `go run` you may encounter similar issues.
We likely wouldn't want to enable events from binaries in the default mute set without first reworking how we handle processing auth events and automatic fallback responses.
Santa currently has some basic tamper resistance features, but we should expand upon these, including better signal handling. It is something we'd like to get to eventually. While handling signals...
I believe this enhancement request is now resolved. Santa now prevents signals from being delivered to it (except from launchd e.g. when the system is shutting down). This means things...
Moving back to draft for now. This PR has become a bit stale and will require some effort to get back to being merge-ready.
I have mixed feelings about this... On the surface I think this is a reasonable request, but the implementation has some downsides. Wildcard rules would definitely help from a standpoint...
Appreciate the responses! I believe that: 1. Presenting this as a BundleID-style use case makes a lot of sense (tho with the important caveats about future changes stated previously). 2....
I don't think I've been very sold on the idea yet. Given an admin would still need to enumerate binaries within a bundle and determine some common prefix manually, I...