You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Steps to repro: 1. use path-based blocking in MONITOR mode for /Users/*, as specified in the BlacklistRegex example. 2. Install app(link below)
It immediately tries to launch and displays a block message, but the Chrome App opens behind the Santa window.
I've taken a video to display the triggering of a block message that doesn't result in stopping the Chrome App in question, Sign Builder, from launching. Only seems to occur once per Chrome session, so it will recur during a login session if Chrome is quit and reopened.
Repro'd on both Sierra b7 and 10.11.6, Chrome 52.0.2743.116
The logged message:
[2016-08-28T22:54:47.562Z] I santad: action=EXEC|decision=DENY|reason=SCOPE|explain=Blacklist Regex|sha256=99d94d9c
4106baf98918b6472a3b7e0532a1b9398c5fceead4436c859b45f5a5|path=/Users/abanks/Applications/Chrome Apps.localized/Defa
ult odjaaghiehpobimgdjjfofmablbaleem.app/Contents/MacOS/app_mode_loader|cert_sha256=15b8ce88e10f04c88a5542234fbdfc1
487e9c2f64058a05027c7c34fc4201153|cert_cn=Developer ID Application: Google Inc.|pid=3098|ppid=1|uid=841296058|user=
abanks|gid=xxxxxx|group=(null)|mode=M
The text was updated successfully, but these errors were encountered:
This isn't quite spurious, just odd. Part of the app is loaded as an external 'application', which creates an icon in the dock, this is the bit that Santa is blocking. The bit that still loads is the app itself which isn't executed as a separate binary. I don't think there's a particularly good solution for this, I figured that anyone using Chrome is whitelisting the cert (given how frequently it updates)
Ok, pardon that sometimes I log issues as a signpost for gauging whether or not the thing I've encountered warrants as little as a FAQ, I agree that intended usage should make this a non-issue in practice.
Steps to repro: 1. use path-based blocking in MONITOR mode for /Users/*, as specified in the BlacklistRegex example. 2. Install app(link below)
It immediately tries to launch and displays a block message, but the Chrome App opens behind the Santa window.
I've taken a video to display the triggering of a block message that doesn't result in stopping the Chrome App in question, Sign Builder, from launching. Only seems to occur once per Chrome session, so it will recur during a login session if Chrome is quit and reopened.
Repro'd on both Sierra b7 and 10.11.6, Chrome 52.0.2743.116
The logged message:
The text was updated successfully, but these errors were encountered: