Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
T1037.005, T1543.001, T1543.004 Persist Tests Enhancements #2755
T1037.005, T1543.001, T1543.004 Persist Tests Enhancements #2755
Changes from 9 commits
afed987
00cda3b
71a42e0
0af9659
6dd6121
2e675e9
eb787ee
c818718
e54292a
bb1db71
318fbc9
1aa965a
ad84a7f
7803603
38e6f4e
065e891
3b06607
File filter
Filter by extension
Conversations
Jump to
There are no files selected for viewing
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My suggestion here would be instead of creating a new test, we can create a new input argument in the previous test
launch_daemons_path
and have a default value of/Library/LaunchDaemons
. If needed, others can change this path to execute in a different directory(say Users directory). What are your thoughts ?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Apologies for the late response, I was on time off myself. I think that could be a valid solution as well, and perhaps more useful for some strange edge cases, but launch daemons are only seen and ran if placed in one of these two directories. Putting it anywhere else wouldn't quite be fair to say is emulating any sort of attack because it would never be run (not automatically by the OS, that is). Could be done, but for the sake of cutting out user input I think this would be fine for now.