Released date: 2007.01.30

Revision number: 1728

Download link: GlowWorm-1.5.2b5.dmg.zip


   [Comments]

There was a long-standing issue in the Installer that prevented it from recognizing that GlowWorm.framework needed to be updated. This bug did not affect new installations.

Started work on a new feature dubbed "process chains" for the time being. This should provide a significantly greater level of control. The problem this should address is as follows: if you use telnet on a regular basis (ie, using it to make sure that your internet connection is alive, or that some service on a remote machine is in fact listening on the correct port), what permissions would you assign it in GlowWorm? Given the broad scope of possible remote hosts, it would likely be a lengthy list of endpoints in the rule. Process chains provides a possible alternative.

Beyond simply limiting telnet to being run by a specific user account or only allowing it to connect to specific remote hosts, we want to limit access based on the "chain" of parent processes leading up to the execution of telnet. For instance, launchd is the parent of WindowServer is the parent of Terminal is the parent of login is the parent of bash is the parent of telnet. With this kind of control, most attacks that allow for arbitrary code execution that subsequently make use of common tools would be prevented. It is important to realize that this feature does not necessarily have to pertain to network access at all. This can apply simply to file execution. The backend feature set for supporting this is called FileOps, for the time being.

In support of this feature, the Application table in the edit-rule panel in Rule Editor has been updated with a seemingly useles expand-triangle. With Process Chain support, one will be able to specify a list of application for each entry in the table.


   [Changelog]