Blocklist and allowlist control of process executions, by signing certificate

trailofbits / sinter

A user-mode application authorization system for MacOS written in Swift

https://blog.trailofbits.com/2020/08/12/sinter-new-user-mode-security-enforcement-for-macos/

GNU Affero General Public License v3.0

301 stars 15 forks source link

Blocklist and allowlist control of process executions, by signing certificate #4

Open mike-myers-tob opened 4 years ago

mike-myers-tob commented 4 years ago

Why

As a security engineer, I want to be able to approve or deny processes by signing certificate so that our team can gate the approval of multiple processes authored by a single source.

Acceptance Criteria

Support signing certificates as a way to approve or deny processes created under that signing cert