DeepGuard can be bypassed via shell commands

Hi I'm using macOS Big Sur now, but this problem also exists on Catalina. 


Details:

I set up an obverse rule for  folder '~/test', apps try to access it will trigger a DeepGuard dialog. However, when I use '$cd ~/test', in the folder I run commands like $rm $mv $touch, all succeed w/o any faults,  and I get 0 DeepGuard dialog.


Expected behaviour:

Shell commands that try to access protected folders should also trigger a DeepGuard dialog.

Accepted Answer

Answers

  • 66f2e490
    66f2e490 Posts: 56 Contributor

    Hi pajp, thanks for your detailed answer. Currently I'm using "Classic" mode now.

    Have done some tests under "Strict" mode, I did find some shell commands are still excepted from DeepGuard: cd/ls/mv/cp.. Are ALL commands under "/bin" excepted from DG, and is this by design too?

    Have a nice weekend:)

This discussion has been closed.
Feedback on New Design