New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Confusing process information on brew install
#215
Comments
brew install
Could it be the infamous notarization checks when binaries are run? https://lapcatsoftware.com/articles/catalina-executables.html IIRC there is a basic command to be able to turn that off in macOS, floating around on the Internet. Can't find it now but IIRC I've implemented it in my system... |
If that was the case, wouldn't it reach out to Apple servers, not GitHub? I'm assuming this is actually LuLu catching Homebrew talking to GitHub to get the latest list of packages e.g. |
Oh my bad I didn't check the IP. Sorry for potentially useless comment. |
-switched to using audit token vs pid (#215) -show (error alerts) on main thread -added 'kMDItemFSCreationDate' fallback when 'kMDItemDateAdded' is nil
Thanks for the feedback! Before I was using the reported process id (pid), which could be problematic if the process forked/exec'd, or exited and the pid was re-used (LuLu would then report the wrong path 😅). Good news, I refactored the code to now use the process's audit token (which should never be re-used). This should fix this issue! Could you test the latest beta to confirm the fix? Mahalo again! |
Much appreciated!!! This bug was making me a bit unweary about my system being compromised in some way, especially when I saw the network connections being reported for my own software 😄 Thanks for looking into it!! Will test the beta and report back ASAP! |
Looking good now! 😊 I guess there's nothing to do about So unless I specify a remote endpoint rule scope, Thanks! |
(Not saying LuLu isn't excellent, just trying to understand the considerations and possible threat models) 😊 |
Correct, hence the addition of endpoint rules :) |
Thanks! Love your tools, will bump my patreon tier! ❤️ |
When doing e.g.
brew install llvm
, LuLu catches brew reaching out to its package repo. But the resulting dialogs are a bit confusing in what caused this:Why is
/usr/bin/cp
and/usr/local/blame/rm
blamed for the network connection?The text was updated successfully, but these errors were encountered: