Santa 2024.1 – Whitelisting/blacklisting system for macOS.
Santa is a binary whitelisting/blacklisting system for macOS. It consists of a kernel extension that monitors for executions, a userland daemon that makes execution decisions based on the contents of a SQLite database, a GUI agent that notifies the user in case of a block decision and a command-line utility for managing the system and synchronizing the database with a server. It is named Santa because it keeps track of binaries that are naughty or nice.
Reorder e2e tests by @kallsyms in #1249
Revert “Project: Remove provisioning_profiles attributes from command-line to…” by @mlw in #1251
Initial support for some scoped types by @mlw in #1250
GUI: Change default button text to “Open…” by @russellhancox in #1254
Event drop metrics by @mlw in #1253
Fix issue with drop count calculations by @mlw in #1256
Fix santactl rule –check by @mlw in #1262
Change build target visibility by @mlw in #1264
Fix wrong srcs paths by @mlw in #1265
Added documentation to clarify clean sync with zero rule behavior by @pmarkowsky in #1259
Docs add missing config keys by @mlw in #1270
Add back support for EnableForkAndExitLogging config key by @mlw in #1271
Chore: Fix multiple typos by @hugo-syn in #1273
Chore: Fix typo s/occured/occurred/ by @hugo-syn in #1274
Make santactl status always print out transitive rule status if set by @pmarkowsky in #1277
Sync clean all by @mlw in #1275
Full changelog available here.
