mirrors/Mole
1
0
Fork 0
mirror of https://github.com/tw93/Mole.git synced 2026-02-04 15:39:42 +00:00
Code Activity

update Security Audit Report

Browse Source
This commit is contained in:
Tw93
2025-12-26 18:39:53 +08:00
parent 22db4291ce
commit cebbc8396a
1 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
SECURITY_AUDIT.md
View File

@@ -1,8 +1,8 @@
# Mole Security Audit Report # Mole Security Audit Report
**Date:** December 22, 2025 **Date:** December 26, 2025
**Audited Version:** Current `main` branch (V1.14.0) **Audited Version:** Current `main` branch
**Status:** Passed **Status:** Passed
@@ -34,6 +34,9 @@ Mole's automated shell-based operations (Clean, Optimize, Uninstall) do not exec
- **Risk**: A malicious or accidental symlink could point from a cache folder to a system file. - **Risk**: A malicious or accidental symlink could point from a cache folder to a system file.
- **Defense**: Mole explicitly refuses to recursively delete symbolic links in privileged mode. - **Defense**: Mole explicitly refuses to recursively delete symbolic links in privileged mode.
- **Layer 4: User File Permission Management**
When Mole runs with `sudo`, it automatically corrects file ownership to prevent user files from becoming root-owned. All operations are restricted to the user's home directory with multiple validation checkpoints.
## 2. Interactive Analyzer Safety (Go Architecture) ## 2. Interactive Analyzer Safety (Go Architecture)
The interactive analyzer (`mo analyze`) operates on a different security model focused on manual user control: The interactive analyzer (`mo analyze`) operates on a different security model focused on manual user control:
@@ -82,6 +85,9 @@ We anticipate that scripts can be interrupted (e.g., power loss, `Ctrl+C`).
- **Network Interface Reset**: Wi-Fi and AirDrop resets use **atomic execution blocks**. - **Network Interface Reset**: Wi-Fi and AirDrop resets use **atomic execution blocks**.
- **Swap Clearing**: Swap files are reset by securely restarting the `dynamic_pager` daemon. We intentionally avoid manual `rm` operations on swap files to prevent instability during high memory pressure. - **Swap Clearing**: Swap files are reset by securely restarting the `dynamic_pager` daemon. We intentionally avoid manual `rm` operations on swap files to prevent instability during high memory pressure.
- **Unresponsive Volume Protection**: During volume scanning, Mole uses `run_with_timeout` and filesystem type validation (`nfs`, `smbfs`, etc.) to prevent the script from hanging on unresponsive or slow network mounts. - **Unresponsive Volume Protection**: During volume scanning, Mole uses `run_with_timeout` and filesystem type validation (`nfs`, `smbfs`, etc.) to prevent the script from hanging on unresponsive or slow network mounts.
- **Homebrew Cache Intelligence**: Pre-check using `run_with_timeout 3 du -sk` to skip cleanup when cache is <50MB, preventing unnecessary 30-120s delays.
- **Smart Project Detection**: Two-tier detection (common dev directories + project markers) with timeout protection to avoid slow scans.
- **Network Volume Recognition**: Uses `diskutil info` with timeout to detect network protocols (SMB/NFS/AFP/CIFS/WebDAV), preventing hangs on slow mounts.
## 5. User Control & Transparency ## 5. User Control & Transparency