From cebbc8396aea9d3d96d78402f551beda118810c1 Mon Sep 17 00:00:00 2001
From: Tw93 <tw93@qq.com>
Date: Fri, 26 Dec 2025 18:39:53 +0800
Subject: [PATCH] update Security Audit Report

---
 SECURITY_AUDIT.md | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/SECURITY_AUDIT.md b/SECURITY_AUDIT.md
index 0105231..eee7aa8 100644
--- a/SECURITY_AUDIT.md
+++ b/SECURITY_AUDIT.md
@@ -1,8 +1,8 @@
 # Mole Security Audit Report
 
-**Date:** December 22, 2025
+**Date:** December 26, 2025
 
-**Audited Version:** Current `main` branch (V1.14.0)
+**Audited Version:** Current `main` branch
 
 **Status:** Passed
 
@@ -34,6 +34,9 @@ Mole's automated shell-based operations (Clean, Optimize, Uninstall) do not exec
   - **Risk**: A malicious or accidental symlink could point from a cache folder to a system file.
   - **Defense**: Mole explicitly refuses to recursively delete symbolic links in privileged mode.
 
+- **Layer 4: User File Permission Management**
+    When Mole runs with `sudo`, it automatically corrects file ownership to prevent user files from becoming root-owned. All operations are restricted to the user's home directory with multiple validation checkpoints.
+
 ## 2. Interactive Analyzer Safety (Go Architecture)
 
 The interactive analyzer (`mo analyze`) operates on a different security model focused on manual user control:
@@ -82,6 +85,9 @@ We anticipate that scripts can be interrupted (e.g., power loss, `Ctrl+C`).
 - **Network Interface Reset**: Wi-Fi and AirDrop resets use **atomic execution blocks**.
 - **Swap Clearing**: Swap files are reset by securely restarting the `dynamic_pager` daemon. We intentionally avoid manual `rm` operations on swap files to prevent instability during high memory pressure.
 - **Unresponsive Volume Protection**: During volume scanning, Mole uses `run_with_timeout` and filesystem type validation (`nfs`, `smbfs`, etc.) to prevent the script from hanging on unresponsive or slow network mounts.
+- **Homebrew Cache Intelligence**: Pre-check using `run_with_timeout 3 du -sk` to skip cleanup when cache is <50MB, preventing unnecessary 30-120s delays.
+- **Smart Project Detection**: Two-tier detection (common dev directories + project markers) with timeout protection to avoid slow scans.
+- **Network Volume Recognition**: Uses `diskutil info` with timeout to detect network protocols (SMB/NFS/AFP/CIFS/WebDAV), preventing hangs on slow mounts.
 
 ## 5. User Control & Transparency