Open mnrkbys opened 1 year ago
By the way, I have realized another point. The result of "/bin/launchctl print-disabled system" depends on the macOS version. In macOS 12.6.5, a feature is enabled as "true". On the other hand, in macOS 13.2.1, a feature is enabled as "enabled". Therefore, check modules have to recognize the macOS version.
I have also picked up a few iets that say its enabled but its disabled eg. Remote Apple Events is enabled , but its turned off
Congrats and thank you for starting this endeavour.
Regarding the many false positives that I encountered, did you know that it's possible to configure System Preferences (I'm still on macOS Monterey) such that system-wide preferences can only be accessed and changed after entering an admin password?
You can set that from the Security & Privacy pane by clicking on the "Advanced" button (bottom right corner).
This is, in fact, a great security feature because it will prevent "standard" users configured on the same machine from tampering with important settings.
I suspect that this setting might interfere with the ability of your app to properly scan some settings without asking the user to enter an admin password.
PS: If you need help better understanding Mac-security overall, just let me know since that's what I do as part of my day job.
It is excellent information for this tool. Thank you. @DamienSchreurs, I'll try to implement this and of course, I'm open to discussion, I'll send an email about the issues that I'm facing right now.
First of all, thanks for releasing a nice tool. However, this tool detects many false positives.
For example, "Check If SSH Is Enabled" tries to find '"com.openssh.sshd" => disabled' from the result of "/bin/launchctl print-disabled system". But this check module also decides "SSH is Enabled" if SSH is disabled. In my environment (macOS 12.6.5), "/bin/launchctl print-disabled system" returns like below:
Actually, I have never enable SSH on this macOS. So, I guess that "com.openssh.sshd" item does not exist. Therefore, this check module should determine "SSH is Enabled" only if '"com.openssh.sshd" => enabled' exists.