Daniel Roethlisberger
Daniel Roethlisberger
Detect the installation of Login Items and produce eventcode 4 events from it.
Config changes are already monitorable by watching eventcode 0 for unexpected settings and agent restarts. However, self-defense could be further improved, perhaps by: - Including hashes of configuration file in...
10.14 will add identity tokens to audit records. They seem to carry code signing information of the binary which caused the audit event. ``` identity,0,com.apple.airport.airportd,complete,,complete,0x9003b5ecb83f531df993b3a68d34cde808b38381 ``` Needs some testing, but...
Provide a machine readable JSON schema for the JSON log format.
Current suppression system works, but is inflexible. Should gain flexibility, such as: - Suppress eventcode 2 for image ident=com.apple.bsdiff if subject ident=com.logmein.GoToMeeting.G2MUpdate teamid=GFNFVT632V - Suppression by path relative to user...
From #855: > I would be curious what your environment looks like for building DwarfCorp on Mac, and I would be happy to update our documentation with instructions for how...
Latest veles for macOS (it reports itself as 2018.05.0.TIF in it's about dialogue) fails to launch properly on my system. The installed app bundle starts, but fails to do anything...
Use OpenSSL facilities to parse the CN from the DN. This allows to correctly parse certificates which have additional DN components after the CN, such as "emailAddress". The manual parsing...
Add proper autoconfiguration for all the dependencies. This brings standard ways to point configure to the installation location of the dependencies. It also makes configure pick up dependencies installed outside...
Proposed fix for issue #18: fix the ASN.1 syntax of the OCSP tryLater response in the OCSP denier.