Releases: google/santa
v0.8.4
Notes
Fixed a few minor bugs and added daemon status to status command.
Update configuration auto-reloading to be less stupid, added daemon status to 'santactl status' and a few minor bug fixes.
Highlights
- Re-write of configuration auto-reloading
- Allow notification window to be moved
- Added daemon status to 'santactl status' output
- Fixed bug in machine ID/owner config option parsing
- Added daemon-auto-killer in driver when PostToQueue has failed several times.
v0.8.3
Notes
Some updates to make the GUI more useful and configurable and make the configuration system auto-reload in each component that uses it.
Highlights
- Make GUI cleaner for users
- Make GUI configurable using configuration file
- Make configuration auto-reload when file on disk changes
- Fixes for "santactl sync" command, updates to sync API
- Update locking mechanism in driver
- Many bug fixes
v0.8.2
Notes
A few driver updates to improve reliability and some minor sync client changes
Highlights
- Increase kext<->daemon event queue size
- Remove process listener, it wasn't that useful and it broke certain apps (like Hopper)
- Change when driver considers daemon connected to avoid a rare race condition
- Make sync client refuse redirects
- Make sync client upload pid/ppid data with events
- Fix potential crash in sync client related to client cert handling
v0.8.1
Notes
Small release that moves the execution interception startup much earlier in the driver load. This allows the logging of binaries that are executed while the daemon is not running.
This involved a lot of kext changes and has had only minimal testing so there may be some kernel panics.
Highlights
- Move execution interception to driver load, logging and allowing any binaries when santad is not running
v0.8
Notes
Lots of changes in this release and some are not backwards-compatible so existing databases will need to be removed before installing. This release also changes the syncing format for event uploads.
Highlights
- Move file hashing into userland, switch over to SHA-256 hashing for both binaries and certificates
- Change sync format, particularly for event uploads.
- Simplify event database schema
- Change logging format.
- Log out-of-scope executions
- Added rule command to santactl (thanks @nl5887)
- More options for client cert auth in sync (thanks @nl5887)
- Slight improvements to notification UI
v0.7.1
Notes
Fix a few bugs in the initial release.
Highlights
- Deadlock bug on Yosemite caused by xpcproxy
- Clean-up logic fail introduced in 6b40dc2
- Always re-create GUI connection on main thread
- Make the asl.conf file actually claim the kernel messages and add rotation config
v0.7
Notes
First public release