This repository has been archived by the owner on Sep 27, 2023. It is now read-only.
Releases: 0xmachos/mOSL
Releases · 0xmachos/mOSL
1.5.0
Improvements
- Self verify Lockdown's signature with
minisign
before doing anything (192b6e5)
Bug Fixes
1.4.0
1.3.1
1.3.0
1.2.0
Verification
- Added the ability to verify the executable
Lockdown
file via Minisign - Added
Lockdown.minisig
signature file (baf5047) - See the README Verification section for more
Minor improvements
- Query
fdesetup status
for FileVault status instead ofgrep
ingdiskutil apfs list
(79ede97)
1.1.1
1.1.0
1.0.1
Minor improvements and bug fixes
- Changed language from
item(s)
tosetting(s)
(4350a5e) - When running
fix
mode the audit results are no longer also printed (822bd0f) - Use
sudo --prompt
to getsudo
privileges rather than waiting for the first command which usessudo
to prompt the user for their password (add16bb & d8ca512)- For
enable_admin_password_preferences
invoke thesecurity
write
command withsudo
to prevent the system password prompt appearing (dadcfe0)
- For
- Update
fix
mode output messages (c36576f) - main: Remove condition from final else case (b37561d)
Initial Release
Reached a good baseline of eighteen (18) settings to audit, can remediate thirteen (13).
All audit and fix commands are considered correct and stable.
Settings:
enable automatic updates
enable gatekeeper
enable firewall
enable admin password preferences
enable terminal secure entry
disable firewall builin software
disable firewall downloaded signed
disable ipv6
disable mail remote content
disable remote apple events
disable remote login
set airdrop contacts only
set appstore update check daily
check SIP
check kext loading consent
check EFI integrity
check filevault
check firmware password set