cancel
Showing results for 
Search instead for 
Did you mean: 

XFENCE not denying access to a file

Highlighted
Aspirant

XFENCE not denying access to a file

I created the below rule

Deny any /Library/Application Support/JAMF/ManagementFrameworkScripts/StartupScript.sh rwc

but then I can

cat /Library/Application Support/JAMF/ManagementFrameworkScripts/StartupScript.sh

 and get the file contents. vim can also edit and save the file.

 

XFENCE seems to be working on other paths, so why not this one? Also I can confirm I have no rules specifically permitting this path and no rule specifically permitting cat and vim to access any files although I'd hope a deny takes precedence.