Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enhancement: Allow rules to be filtered by user #1280

Open
S-Groening opened this issue Feb 2, 2024 · 1 comment
Open

Enhancement: Allow rules to be filtered by user #1280

S-Groening opened this issue Feb 2, 2024 · 1 comment
Labels
enhancement

Comments

@S-Groening
Copy link

It would be immensely powerful, being able to only let a given rule either apply or not apply to a given user.

Effectively, this could help admins secure [configuration] files that are not governed by System Integrity Protection (SIP) from any user(-s) or any other user(-s) than certain user(-s) - e.g. securing /etc/sudoers and /etc/sudoers.d/* from any user(-s) except your local admin or the user that your management solution (e.g. Jamf Pro) uses for management purposes.

This way, through the use of rules with Santa, you'd be able to secure otherwise vulnerable files from users exploring their sudo rights' capabilities in a potentially harmful manner.
@pmarkowsky
Copy link
Contributor

This potentially could be done with something like CEL as proposed in #1200.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@pmarkowsky @S-Groening