Mole/lib at 7dc854cf30d2a2f2d8a38ac979ade42cba75f9c2 - Mole

mirror of https://github.com/tw93/Mole.git synced 2026-02-04 14:26:46 +00:00

Files

Tw93 7dc854cf30 fix(uninstall): enhance receipt file processing safety and prevent system file deletion

CRITICAL SECURITY FIX

Enhanced the receipt file parsing in uninstall operations to prevent
accidental deletion of critical system files while maintaining deep
cleanup capabilities.

Changes:
- Tightened whitelist in find_app_receipt_files() to exclude /Users/*,
  /usr/*, and /opt/* broad patterns
- Added explicit blacklist for /private/* with safe exceptions for
  logs, temp files, and diagnostic data
- Integrated should_protect_path() check for additional protection
- Added file deduplication with sort -u to prevent duplicate deletions
- Removed dry-run feature from batch uninstall (unused entry point)

Path Protection:
✅ Blocked: /etc/passwd, /var/db/*, /private/etc/*, all system binaries
✅ Allowed: /Applications/*, specific /Library/* subdirs, safe /private/* paths
✅ Additional: Keychain files, system preferences via should_protect_path()

This fixes a critical security issue where parsing .bom receipt files
could result in deletion of system files like /etc/passwd and /var/db/*,
leading to system corruption and data loss.

Affects: V1.12.14 and later versions
Testing: Validated against critical system paths, all blocked correctly

2026-01-15 21:01:11 +08:00

check

refactor: standardize epoch time retrieval with get_epoch_seconds and ensure locale-independent string transformations.

2026-01-03 18:07:47 +08:00

clean

fix: prevent Microsoft Teams from being misdetected as Edge

2026-01-15 09:51:56 +08:00

core

fix(uninstall): enhance receipt file processing safety and prevent system file deletion

2026-01-15 21:01:11 +08:00

manage

refactor: improve code quality and test coverage