A binary authorization and monitoring system for macOS
Full Changelog: https://github.com/google/santa/compare/2022.4...2022.5
Full Changelog: https://github.com/google/santa/compare/2022.3...2022.4
Full Changelog: https://github.com/google/santa/compare/2022.2...2022.3
santactl status
and configurable GUI notifications have been added.santactl version
now reports the build version alongside the product version. This is part of the CFBundleVersion for each component.santactl status
by @tnek in https://github.com/google/santa/pull/727
Full Changelog: https://github.com/google/santa/compare/2022.1...2022.2
Full Changelog: https://github.com/google/santa/compare/2021.8...2022.1
metrics
subcommand to santactl for viewing the current state. More metrics will be added in future releases.EnableSysxCache
is now enabled by default - we've found this significantly improves performance when other EndpointSecurity extensions are in use.santactl rule
.Shortly after release we noticed that the code signature on the released binaries was missing some required entitlements. We have updated the release package and tarball attached to this release and added .ORIG
to the original files.
If you have attempted to deploy the original broken release you should try again with the updated files. As there are no code changes we have not bumped the version number.
santactl fileinfo
where bundles were misappropriated (issue #536)EnableSysxCache
is in use.