Feature Suggestion: Certificate Based Global Rules

Vallum application firewall
Post Reply
jasmas
Posts: 3
Joined: Wed Apr 29, 2015 10:05 pm

Feature Suggestion: Certificate Based Global Rules

Post by jasmas » Thu Jul 06, 2017 6:34 am

I appreciate the conceptual idea behind the current implementation of Global Rules and Managed Folders, but am hesitant to use either because I'd like to be able to rely on Vallum to catch malicious software if it is hidden in default executable directories or attempting to access iCloud. What would be really useful is if I could create global rules based on trusted certificates. I'd like to be able to create global rules based on either specific trusted developer signing certificates or trusted CAs and intermediate authorities with inheritance. It would also be useful if when prompted by Vallum a global rule could be created right from the prompt based on the application's signature to either trust either the specific certificate used to sign the executable or all certificates issued by a CA in the chain of authority. This would give me an easy way to trust all software shipped by Apple for example.

I'm not sure, but it may also help with the problem of how to create rules for scripting engines, such as python and ruby because the macOS code signing implementation is capable of signing and verifying signatures on the script files themselves.

Post Reply