mirrors/Mole
1
0
Fork 0
mirror of https://github.com/tw93/Mole.git synced 2026-02-04 12:41:46 +00:00
Code Activity

security: restrict BOM whitelist to prevent shared component deletion

Browse Source 
- Removes shared directories (Frameworks, Plugins, etc) from receipt scanning whitelist
- Ensures that uninstalling an app won't accidentally delete shared system libraries
- Updates SECURITY_AUDIT.md to reflect stricter receipt scanning policy
This commit is contained in:
Tw93
2026-01-16 09:54:36 +08:00
parent 93953abad6
commit 06342de24f
2 changed files with 1 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
lib/core/app_protection.sh
View File

@@ -950,13 +950,6 @@ find_app_receipt_files() {
/Library/LaunchAgents/*) is_safe=true ;;
/Library/LaunchDaemons/*) is_safe=true ;;
/Library/PrivilegedHelperTools/*) is_safe=true ;;
/Library/Internet\ Plug-Ins/*) is_safe=true ;;
/Library/Audio/Plug-Ins/*) is_safe=true ;;
/Library/Frameworks/*) is_safe=true ;;
/Library/Input\ Methods/*) is_safe=true ;;
/Library/QuickLook/*) is_safe=true ;;
/Library/PreferencePanes/*) is_safe=true ;;
/Library/Screen\ Savers/*) is_safe=true ;;
/Library/Extensions/*) is_safe=false ;;
*) is_safe=false ;;
esac