[DeepGuard] TeamID in rules no longer work

66f2e490
66f2e490 Posts: 51 Contributor
edited October 14 in Home Security Beta Programs

Hi Dev team,

With the newest release Version 19.8 (63381) I found that TeamID in rules are not working properly in strict mode.

For example, I only allow apps with TeamID UBF8T346G9, which is Microsoft-Apps that can read/write .xlsx file:

allow suffix ".xlsx" "/ via any" rw "" "UBF8T346G9" ; Microsoft

This works in pervious version.

As the screenshot I attached here:

  • file type ".uuidcache-114514-2" is not pre-defined. Deleting this file will trigger a DeepGuard pop-up, which I rejected.
  • file-type ".xlsx" is configured as only processes with TeamID UBF8T346G9 can access it. But deleting it won't trigger any DeepGuard pop-up and thus user will have no chance to notice this event.

I checked the other rules that has TeamID, and it seems that these rules do not check the TeamID but instead allow the rule for all processes.

ProductName:macOS

ProductVersion:15.1

BuildVersion:24B5070a

F-Secure: Version 19.8 (63381), DeepGuard is running under strict mode.

Bildschirmfoto 2024-10-14 um 04.52.08.jpg

1Like Awesome

Answers

  • 66f2e490
    66f2e490 Posts: 51 Contributor
    edited October 14

    After downgrading to Version 19.7 (62280), TeamID in rules is working again.

    *only in this form:

    allow suffix ".xlsx" "/ via any" rw "" "UBF8T346G9" ; Microsoft

    Bildschirmfoto 2024-10-14 um 17.25.32.jpg

    1Like Awesome

Categories