search

fleetdm / fleet

Open-source platform for IT, security, and infrastructure teams. (Linux, macOS, Chrome, Windows, cloud, data center)
https://fleetdm.com
Other
3.05k stars 423 forks source link

Add the ability to block or restrict apps from running. #17725

Open willmayhone88 opened 7 months ago

willmayhone88 commented 7 months ago

Problem

TODO

As someone who manages devices, it is important to be able to prevent certain apps from running, or being installed on devices. Looking for a cross platform way to determine and control application blocking. This can include either killing the app process, or deleting the application when detected on a device. Additionally some way to notify end users when attempting to run an unapproved application would be beneficial.

Potential solutions

  1. In the software section of Fleet, designate applications to be blocked either based on app name or process id.
  2. With these apps, add user enabled options to either kill the process completely, or even delete the application.
noahtalerman commented 7 months ago

Hey @willmayhone88, do you know if the prospect is looking to do this on macOS, Windows, or Linux? All of them?

We have a "Manage Santa" story here that tracks the ability to restrict apps on macOS.

willmayhone88 commented 7 months ago

Hey @noahtalerman while the primary focus is on macOS they also would like the ability to do this for Windows as well.

noahtalerman commented 6 months ago

Hey @willmayhone88, heads up, we discussed this request at feature fest.

We decided not to draft this one in the upcoming design sprint (4.49).

Removing from feature fest board.