Releases: google/santa
v2023.5
Notes
➕ Santa now supports Signing ID rule types. See full documentation on santa.dev.
➕ File Access Authorization configuration now supports inverting the exception list in order to specify the processes that should be denied (or audited) instead of allowed.
What's Changed
- Clarify that execution_time is a float64 by @jasonmc in #1080
- Fix documentation for clean sync field in the preflight request. by @faizanrashid in #1082
- Switch SNTEventState to uint64_t, reposition flag values and masks by @mlw in #1086
- Add support to file monitoring config to invert process exceptions by @mlw in #1083
- Inject additional dependencies into the serializers by @mlw in #1078
- Docs: Added instructions for how to use config-overrides.plist by @pmarkowsky in #1077
- santactl/rule: Fix --path argument by @russellhancox in #1089
- Don't establish the FAA client pre-macOS 13 by @mlw in #1091
- Return unique_ptr from Enrich instead of shared_ptr by @mlw in #1093
- Stop unmuting the default mute set unnecessarily. by @mlw in #1095 (fixes: #1094)
- Add new rule type for Signing IDs by @mlw in #1090
- docs: Update vulnerability reporting instructions by @russellhancox in #1098
- Handle database downgrade scenarios gracefully by @mlw in #1099
- Fix precedence for static rule evaluation, santactl fileinfo output by @mlw in #1100
New Contributors
- @jasonmc made their first contribution in #1080
- @faizanrashid made their first contribution in #1082
Full Changelog: 2023.4...2023.5
v2023.4
Notes
❗ The EnableBackwardsCompatibleContentEncoding
config key has been removed. We were not aware of any sync servers requiring this key; please contact us if you were using it and need an equivalent to be added.
➕ A new config key, SyncClientContentEncoding
has been added to allow switching from the default deflate
to gzip
. This new option doesn't improve compression but is required for some servers to support compression.
➕ A new config key, EnableSilentTTYMode
has been added, that allows disabling notifications from Santa to be posted in a user's terminal session.
What's Changed
- GUI: Device event window, handle empty remount args by @russellhancox in #1066
- sync: Add more complete XSSI prefix to be stripped. by @russellhancox in #1068
- Fix string length issues by @mlw in #1070
- config: Add EnableSilentTTYMode key to disable TTY notifications. by @russellhancox in #1072
- Ensure unmount always flushes appropriate caches by @mlw in #1073
- Cache flush metrics by @mlw in #1074
- README: Add more badges by @russellhancox in #1075
- Make the sync client content encoding a tunable by @pmarkowsky in #1076
- One more TSAN fix by @kallsyms in #1079
- sync: Permit XSRF header between sync stages/sessions by @russellhancox in #1081
Full Changelog: 2023.3...2023.4
v2023.3
What's Changed
- santactl/rule: Validate identifier is a valid SHA-256 for binary/cert rules by @russellhancox in #1045
- Config: Ignore static rules with an invalid identifier by @russellhancox in #1049
- metrics: Properly report "file access client enabled" metrics by @mlw in #1051
- chore(ci): Upgrade workflows to non-deprecated runtimes by @dev-slatto in #1052
- Basic rate limiting for File Access Authorizer by @mlw in #1053
- config: Support filesystem monitoring config embedded in main Santa config by @mlw in #1054
- [BUGFIX] Fix SD Card Block not operating on Internal SD Card Readers by @liamn in #1055
- test: Fix a couple last TSAN failures by @kallsyms in #1056
- docs: Document SigningID and PlatformBinary exception keys by @mlw in #1059
- sync: Allow server to override the header for transmitting XSRF tokens by @russellhancox in #1060
- sync: Fix case of empty header name by @russellhancox in #1062
- protolog: Change types of repeated args and envs fields by @mlw in #1063
New Contributors
- @dev-slatto made their first contribution in #1052
Full Changelog: 2023.2...2023.3
v2023.2
Notes
- Many improvements to the File Access Authorization feature, which remains in BETA.
- Platform binaries can now be excluded from authorization checks in FAA
- Several performance improvements
What's Changed
- GUI: Re-write AboutWindow view in SwiftUI by @russellhancox in #1007
- shadow rules_python for fuzzing by @kallsyms in #1009
- GUI: Migrate DeviceMessageWindow to SwiftUI by @russellhancox in #1010
- Ensure watch item names conform to naming requirements by @mlw in #1011
- Reduce proto warning severity by @mlw in #1012
- Reduce calls into configurator by @mlw in #1013
- Project: Fix module maps for swift libraries and their dependencies by @russellhancox in #1014
- Remove extra expectation in test by @mlw in #1015
- Add new continuous test run with various sanitizers by @kallsyms in #1016
- Log type metrics by @mlw in #1018
- Initial docs for file access auth feature by @mlw in #1017
- Fsmon docs table width by @mlw in #1020
- Try with more vertical space by @mlw in #1021
- docs: Support wider pages, fix syntax highlighting of plist by @russellhancox in #1022
- Remove Default column by @mlw in #1024
- add updated description by @headmin in #1023
- docs: fix width of sidebar on larger windows by @russellhancox in #1025
- Fix team ID and signing ID checks by @mlw in #1026
- Fix: Rewrite the SNTMetricHTTPWriter to avoid potential stack corruption by @pmarkowsky in #1019
- Perf: Translocate cache, reserve proto repeated fields by @mlw in #1027
- Use cached sizes when serializing by @mlw in #1028
- Rework timeout handling in metrics HTTP writer by @mlw in #1029
- Restart daemon on log type change by @mlw in #1031
- santactl & syncservice: Use synchronousRemoteObjectProxy where it makes sense by @russellhancox in #1033
- Configurator: Return an unsafe_unretained pointer to avoid needless retain/release by @russellhancox in #1035
- Replace SNTDecisionCache dictionary with SantaCache by @mlw in #1034
- Report log type in santactl status by @mlw in #1036
- Small test fixes to make sanitizers happy by @kallsyms in #1030
- Fix: correct sync protocol diagram by @pmarkowsky in #1037
- Clear ES cache when watch items change by @mlw in #1042
- Add support for platform binary to process exceptions by @mlw in #1041
- Add basic metrics to report when the FAM client is enabled by @mlw in #1043
Full Changelog: 2023.1...2023.2
v2023.1
Notes
- Dropped support for macOS 10.15, minimum version is now macOS 11.
- (BETA) Added file access authorization feature, docs at https://santa.dev/deployment/file-access-auth
- USB blocking will now also block SD cards (thanks @liamn)
- sync: Improved debug output when auth fails
- Improved reliability in reconnecting sync and metrics daemons
- Several performance improvements
What's Changed
- docs: Fix typo in sync-protocol, h/t to @maxwbuckley by @russellhancox in #940
- docs: Update keyserver address in SECURITY by @russellhancox in #941
- Rename santa_vnode_id_t to SantaVnode by @mlw in #943
- Switch from task_info to libproc for system resource info by @mlw in #939
- Drop macOS 10.15 by @mlw in #944
- Remove SNTCommon by @mlw in #945
- Include SD Card Mounting in the USB Block Functionality by @liamn in #938
- Watch items by @mlw in #937
- Tests: Fix some assertions comparing strings by @russellhancox in #947
- santad: Change workaround for glob header with blocks by @russellhancox in #948
- Initial work for File Access Authorizer Client by @mlw in #949
- Draft proto for new FileAccess log by @mlw in #952
- FS Access Config Version, Policy decision enums by @mlw in #951
- Import fix by @mlw in #953
- pemdas by @mlw in #955
- Config: In debug builds, allow config to be overridden from a plist file. by @russellhancox in #957
- Tests: Fix SNTEndpointSecurityFileAccessAuthorizerTest by @russellhancox in #958
- Dynamically enable/disable FS Access client based on config by @mlw in #959
- Use the appropriate variable when asynchronously processing auth messages by @mlw in #961
- Enrich file access events, prepare for logging by @mlw in #962
- santad: Flush cache when StaticRules are changed by @russellhancox in #963
- Serialize File Access events by @mlw in #964
- Introduce end-to-end testing by @kallsyms in #919
- Lint the E2E start-vm Python script by @kallsyms in #965
- Fix message lifetime by @mlw in #966
- Use absl_guarded_by instead of guarded_by by @kallsyms in #967
- Track path types for current/new watch items by @mlw in #968
- Fix import issues by @mlw in #969
- Update LICENSE for VM code by @kallsyms in #970
- Address policy consistency issues by @mlw in #971
- sync: Fix deduplication in reachability handler by @russellhancox in #973
- Fix golden test data for macOS 13 by @mlw in #972
- Project: Upgrade MOLAuthenticatingURLSession to v3.1 by @russellhancox in #974
- Adopt new ES APIs to monitor target paths by @mlw in #975
- Revitalize Fuzzing by @kallsyms in #976
- Fix import: Add build targets, lint by @mlw in #978
- Allstar: Add fuzzing artifact by @russellhancox in #980
- Fix SNTFileInfoTest for macOS 13 by @pmarkowsky in #977
- Fix loop when no override config is specified by @kallsyms in #981
- Run fuzzing in a VM by @kallsyms in #982
- Use new public api for booting VM into recoveryOS by @kallsyms in #983
- Adopt new ES APIs to watch target paths in tamper client by @mlw in #984
- Fix SNTFileInfo Fuzzing by @kallsyms in #985
- Fix nightly run cron specification by @kallsyms in #986
- Opportunistically use ES cache when possible by @mlw in #989
- Fuzz embedded plist reading by @kallsyms in #990
- Add more event coverage in the file access client by @mlw in #991
- More event type support by @mlw in #992
- lower fuzz case timeout to 5s by @kallsyms in #993
- Change name of santa config keys for file access monitoring by @mlw in #995
- docs: Fix deployment/configuration doc by @russellhancox in #996
- Add policy version and name to basic string serializer by @mlw in #997
- Adopt new FS Access Auth config format and policy application logic by @mlw in #994
- Support configuring signing IDs for process exceptions by @mlw in #998
- Rename type aliases by @mlw in #999
- Add watch item state to santactl status by @mlw in #1000
- Reconnect to santametrics service on failure by @kallsyms in #1001
- Configurator: Apply config updates in non-daemon processes by @russellhancox in #1003
- Low hanging fruit perf changes by @mlw in #1004
- Prevent recursive reconnect attempts by @mlw in #1005
- Revert "Configurator: Apply config updates in non-daemon processes" by @russellhancox in #1008
New Contributors
Full Changelog: 2022.11...2023.1
v2022.11
What's Changed
- Docs: Fix type of {allowed,blocked}_path_regex keys in preflight by @russellhancox in #934
- Prefix tree updates by @mlw in #931
- GUI: Fix distributed notifications in silent mode by @russellhancox in #936
Full Changelog: 2022.10...2022.11
v2022.10
Notes
- Re-added the
protobuf
value for theEventLogType
configuration key. This key remains a BETA and should not be used in production as changes are still being made. - The
block_usb_mount
andremount_usb_mode
keys can now correctly be synchronized from a server. - The
EnableSilentMode
key for the GUI has been fixed. Note: enabling silent mode currently breaks distributed notifications; this is fixed in the 2022.11 release, which should be published within 2 weeks.**
What's Changed
- Make SNTCommonEnums a textual header by @itf in #896
- Proto serializer by @mlw in #897
- Fsspool adopt by @mlw in #900
- Fix USB config sync by @np5 in #890
- Machine id proto by @mlw in #907
- Spool writer by @mlw in #908
- Proto minimization by @mlw in #909
- USB: usbBlockMessage is not being used. by @videlanicolas in #915
- Fix issue with transposed remount/banned block messages by @mlw in #917
- Fix: duplicates bug in SNTMetricSet when using multiple fields by @pmarkowsky in #920
- Event metrics by @mlw in #918
- Fix issue in test that would crash on some platforms by @mlw in #922
- Change order that ES clients are enabled by @mlw in #923
- Update Known Limitations for USB Mass Storage Blocking by @pmarkowsky in #924
- GUI: Fix EnableSilentMode key by @russellhancox in #927
- metrics and logging cleanup by @mlw in #928
- Update spool to flush on size thresholds instead of batch counts by @mlw in #930
- Don't add messages when accumulated bytes exceeds threshold by @mlw in #932
Build fixes
- Import fixes by @mlw in #902
- More import fixes by @mlw in #904
- Update include paths and add include guard by @mlw in #905
- Update build docs. by @mlw in #911
- Change include to import by @mlw in #912
- Various changes to fix import by @mlw in #913
- Fix some more includes by @mlw in #914
- More import fixes by @mlw in #921
New Contributors
- @itf made their first contribution in #896
- @videlanicolas made their first contribution in #915
Full Changelog: 2022.9...2022.10
v2022.9
Notes
- This release includes a major overhaul of Santa internals, primarily its logging subsystem and how it interacts with the EndpointSecurity framework to receive events.
- The beta
protobuf
value for theEventLogType
configuration key is not supported in this release. - The
EnableSysxCache
configuration key has been removed. There is no longer an option to disable response caching within Santa.
What's Changed
- README: Fix logo link, remove coverage badge by @russellhancox in #882
- README: Try again, this time replacing the correct bit by @russellhancox in #883
- Allstar: Pre-emptively check-in binary_artifacts.yaml to exclude test binaries by @russellhancox in #884
- Refactor the SNTApplicationTest unit tests to function correctly by @pmarkowsky in #885
- Project: Update bazel and apple-rules by @russellhancox in #887
- ES and Logging Interfaces Redesign by @mlw in #888
- Ingestion fixups by @mlw in #891
- Linter and BUILD deps fixups by @mlw in #892
- Build deps by @mlw in #893
- Return a value from the test block by @mlw in #894
- Fix crash flushing cache on unmount events by @mlw in #895
Full Changelog: 2022.8...2022.9
v2022.8
Notes
- Sync state plist is no longer world-readable
- GUI now shows team ID for App Store apps
- Added
EnableSilentMode
configuration option to disable GUI notifications - Santa now posts NSDistributedNotificationCenter notifications for block events
What's Changed
- Sync state plist | only allow santad read+write permissions by @bfreezy in #858
- Docs: Add recommended rollout doc by @kathancox in #861
- syncservice: Add tests for NSData+Zlib and Postflight by @russellhancox in #864
- Sync Protocol Docs by @pmarkowsky in #860
- Docs: Add StaticRules to example mobileconfig by @russellhancox in #866
- add link to GitHub in docs by @headmin in #868
- GUI: For App Store published apps, include team ID. by @russellhancox in #872
- GUI: Add silent mode configuration option. by @russellhancox in #871
- Santa: Post distributed notification when showing block UI by @russellhancox in #870
- GUI: Improve signing chain key reporting in distributed notifications. by @russellhancox in #874
- Project: Add a GH action to prevent trailing whitespace by @russellhancox in #873
- GUI: Expose SNTNotificationManager.h for the test. by @russellhancox in #875
- GUI: Missed a required dependency by @russellhancox in #876
- Project: Rename Source/santa -> Source/gui by @russellhancox in #877
- Fix up endTimestamp to be Monarch compliant by @pmarkowsky in #879
Full Changelog: 2022.7...2022.8
v2022.7
Notes
- This release adds Static Rules, which can be used to either manage rules using an MDM or for managing a fallback set of rules in case an issue occurs with a configured sync server.
- Event uploads and logs now include the team ID
- An option to disable event uploads for unknown binaries was added
What's Changed
- Readme: http -> https link by @case in #829
- Add team ID to synced events by @np5 in #827
- Project: Upgrade bazel rules_apple to 1.0.1 release by @russellhancox in #830
- Docs: Add gemfile for running jekyll locally. by @russellhancox in #834
- Use the message copy in the dispatch blocks by @mlw in #839
- adhoc build and run santa by @tburgin in #840
- Docs: Updated home page with README files & nav changes by @kathancox in #841
- CI: Make CI workflow only run on source changes by @russellhancox in #843
- Project: Delete tulsiproj, add basic doc about hedron by @russellhancox in #845
- santad: Allow configuring a static set of rules via configuration profile by @russellhancox in #846
- santad: Improve caching of static rules by @russellhancox in #847
- santasyncservice: Keep XSRF token in memory, don't send to daemon by @russellhancox in #851
- santad: Fix re-establishment of syncservice connection by @russellhancox in #849
- santactl/status: Fix printing of static rules by @russellhancox in #848
- santad: Add DisableUnknownEventUpload option. by @russellhancox in #852
- santad: Log team ID in execution logs, where available by @russellhancox in #850
- Ensure KVO works for USB config options by @pmarkowsky in #853
- Added quick getting started page for deployments by @kathancox in #855
- Add sync server list by @kathancox in #856
- Tests: Fix un-needed expectation in SNTExecutionControllerTest.allEve… by @russellhancox in #857
New Contributors
- @case made their first contribution in #829
- @kathancox made their first contribution in #841
Full Changelog: 2022.6...2022.7