search

drduh / macOS-Security-and-Privacy-Guide

Guide to securing and improving privacy on macOS
https://drduh.github.io/macOS-Security-and-Privacy-Guide/
MIT License
21.25k stars 1.46k forks source link

Refresh Santa section #455

Open drduh opened 7 months ago

drduh commented 7 months ago

It is more than a few years old at this point and likely needs a complete overhaul.

beerisgood commented 6 months ago

From your guide:

Santa can be used to only allow trusted code execution, or to blacklist known malware from executing on a Mac

This is already an macOS built-in feature called Gatekeeper. There is no need to increase the attack surface with a external program.

kimg45 commented 6 months ago

Gatekeeper only covers apps while Santa covers all binaries, so it does provide functionality that isn't there in the base operating system.