Open drduh opened 7 months ago
From your guide:
Santa can be used to only allow trusted code execution, or to blacklist known malware from executing on a Mac
This is already an macOS built-in feature called Gatekeeper. There is no need to increase the attack surface with a external program.
Gatekeeper only covers apps while Santa covers all binaries, so it does provide functionality that isn't there in the base operating system.
It is more than a few years old at this point and likely needs a complete overhaul.