v2.1.3

improved 'find app bundle' algorithm
notarization mode will now allow iOS/App Store apps

Application/Application.xcodeproj/project.pbxproj

@@ -31,7 +31,6 @@
 		CD2F801724468A8C009C3D77 /* patrons.txt in Resources */ = {isa = PBXBuildFile; fileRef = CD2F801624468A8C009C3D77 /* patrons.txt */; };
 		CD32C2352094062D009CADF6 /* SigningInfoViewController.m in Sources */ = {isa = PBXBuildFile; fileRef = CD32C2332094062C009CADF6 /* SigningInfoViewController.m */; };
 		CD6836682391DB6F00CF19C1 /* security.plist in Resources */ = {isa = PBXBuildFile; fileRef = CD6836672391DB6F00CF19C1 /* security.plist */; };
-		CD80B7E527C6E4A300AD7BC1 /* BlockBlock Installer.app in Resources */ = {isa = PBXBuildFile; fileRef = CD80B7E427C6E4A300AD7BC1 /* BlockBlock Installer.app */; };
 		CD8FD5D523BAE2D200EFE0FB /* Preferences.xib in Resources */ = {isa = PBXBuildFile; fileRef = CD8FD5D323BAE2D100EFE0FB /* Preferences.xib */; };
 		CD8FD5D623BAE2D200EFE0FB /* PrefsWindowController.m in Sources */ = {isa = PBXBuildFile; fileRef = CD8FD5D423BAE2D200EFE0FB /* PrefsWindowController.m */; };
 		CD8FD5F623C05AD900EFE0FB /* RuleRow.m in Sources */ = {isa = PBXBuildFile; fileRef = CD8FD5F023C05AD800EFE0FB /* RuleRow.m */; };
@@ -40,6 +39,7 @@
 		CD8FD5FA23C05AD900EFE0FB /* Rules.xib in Resources */ = {isa = PBXBuildFile; fileRef = CD8FD5F523C05AD900EFE0FB /* Rules.xib */; };
 		CD8FD5FD23C05C6900EFE0FB /* Rule.m in Sources */ = {isa = PBXBuildFile; fileRef = CD8FD5FC23C05C6900EFE0FB /* Rule.m */; };
 		CDA88A792537CE2400C469BF /* Sentry.framework in CopyFiles */ = {isa = PBXBuildFile; fileRef = CD21501B20AD2EE000CEF17B /* Sentry.framework */; settings = {ATTRIBUTES = (CodeSignOnCopy, RemoveHeadersOnCopy, ); }; };
+		CDB964CE27D0774800A9674E /* BlockBlock Installer.app in Resources */ = {isa = PBXBuildFile; fileRef = CDB964CD27D0774800A9674E /* BlockBlock Installer.app */; };
 		CDFA08E1214900BF0089758C /* XPCUser.m in Sources */ = {isa = PBXBuildFile; fileRef = CDFA08DF214900BF0089758C /* XPCUser.m */; };
 /* End PBXBuildFile section */
 
@@ -101,7 +101,6 @@
 		CD32C2332094062C009CADF6 /* SigningInfoViewController.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = SigningInfoViewController.m; sourceTree = "<group>"; };
 		CD32C2342094062C009CADF6 /* SigningInfoViewController.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = SigningInfoViewController.h; sourceTree = "<group>"; };
 		CD6836672391DB6F00CF19C1 /* security.plist */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.xml; path = security.plist; sourceTree = "<group>"; };
-		CD80B7E427C6E4A300AD7BC1 /* BlockBlock Installer.app */ = {isa = PBXFileReference; lastKnownFileType = wrapper.application; name = "BlockBlock Installer.app"; path = "../DerivedData/BlockBlock/Build/Products/Release/BlockBlock Installer.app"; sourceTree = "<group>"; };
 		CD8FD5D123B585FE00EFE0FB /* FileMonitor.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = FileMonitor.h; path = ../Shared/Libraries/FileMonitor.h; sourceTree = "<group>"; };
 		CD8FD5D223BAE2D100EFE0FB /* PrefsWindowController.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = PrefsWindowController.h; sourceTree = "<group>"; };
 		CD8FD5D323BAE2D100EFE0FB /* Preferences.xib */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = file.xib; path = Preferences.xib; sourceTree = "<group>"; };
@@ -115,6 +114,7 @@
 		CD8FD5F523C05AD900EFE0FB /* Rules.xib */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = file.xib; path = Rules.xib; sourceTree = "<group>"; };
 		CD8FD5FB23C05C6900EFE0FB /* Rule.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = Rule.h; path = ../Shared/Rule.h; sourceTree = "<group>"; };
 		CD8FD5FC23C05C6900EFE0FB /* Rule.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; name = Rule.m; path = ../Shared/Rule.m; sourceTree = "<group>"; };
+		CDB964CD27D0774800A9674E /* BlockBlock Installer.app */ = {isa = PBXFileReference; lastKnownFileType = wrapper.application; name = "BlockBlock Installer.app"; path = "../DerivedData/BlockBlock/Build/Products/Release/BlockBlock Installer.app"; sourceTree = "<group>"; };
 		CDFA08D7214606DB0089758C /* XPCDaemonProto.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = XPCDaemonProto.h; path = ../Shared/XPCDaemonProto.h; sourceTree = "<group>"; };
 		CDFA08DB21460A400089758C /* XPCUserProto.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = XPCUserProto.h; path = ../Shared/XPCUserProto.h; sourceTree = "<group>"; };
 		CDFA08DF214900BF0089758C /* XPCUser.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; name = XPCUser.m; path = ../Shared/XPCUser.m; sourceTree = "<group>"; };
@@ -244,7 +244,7 @@
 		CD80B7E327C6E49100AD7BC1 /* Uninstaller */ = {
 			isa = PBXGroup;
 			children = (
-				CD80B7E427C6E4A300AD7BC1 /* BlockBlock Installer.app */,
+				CDB964CD27D0774800A9674E /* BlockBlock Installer.app */,
 			);
 			name = Uninstaller;
 			sourceTree = "<group>";
@@ -346,7 +346,7 @@
 				CD2F801724468A8C009C3D77 /* patrons.txt in Resources */,
 				CD8FD5FA23C05AD900EFE0FB /* Rules.xib in Resources */,
 				7D7755F01F02E05B00D0017D /* MainMenu.xib in Resources */,
-				CD80B7E527C6E4A300AD7BC1 /* BlockBlock Installer.app in Resources */,
+				CDB964CE27D0774800A9674E /* BlockBlock Installer.app in Resources */,
 				7DD25FF01F23B73C00277EC4 /* Assets.xcassets in Resources */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;
@@ -516,15 +516,15 @@
 				ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon;
 				CODE_SIGN_IDENTITY = "Developer ID Application";
 				COMBINE_HIDPI_IMAGES = YES;
-				CURRENT_PROJECT_VERSION = 2.1.2;
+				CURRENT_PROJECT_VERSION = 2.1.3;
 				DEVELOPMENT_TEAM = VBG97UB4TA;
 				ENABLE_HARDENED_RUNTIME = YES;
 				FRAMEWORK_SEARCH_PATHS = "$(PROJECT_DIR)/../Carthage/Build/Mac";
 				INFOPLIST_FILE = Application/Info.plist;
 				LD_RUNPATH_SEARCH_PATHS = "$(LD_RUNPATH_SEARCH_PATHS_$(IS_MACCATALYST)) @executable_path/../Frameworks";
 				LIBRARY_SEARCH_PATHS = "";
 				MACOSX_DEPLOYMENT_TARGET = 10.15;
-				MARKETING_VERSION = 2.1.2;
+				MARKETING_VERSION = 2.1.3;
 				ONLY_ACTIVE_ARCH = NO;
 				PRODUCT_BUNDLE_IDENTIFIER = "com.objective-see.blockblock.helper";
 				PRODUCT_NAME = "BlockBlock Helper";
@@ -538,15 +538,15 @@
 				ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon;
 				CODE_SIGN_IDENTITY = "Developer ID Application";
 				COMBINE_HIDPI_IMAGES = YES;
-				CURRENT_PROJECT_VERSION = 2.1.2;
+				CURRENT_PROJECT_VERSION = 2.1.3;
 				DEVELOPMENT_TEAM = VBG97UB4TA;
 				ENABLE_HARDENED_RUNTIME = YES;
 				FRAMEWORK_SEARCH_PATHS = "$(PROJECT_DIR)/../Carthage/Build/Mac";
 				INFOPLIST_FILE = Application/Info.plist;
 				LD_RUNPATH_SEARCH_PATHS = "$(LD_RUNPATH_SEARCH_PATHS_$(IS_MACCATALYST)) @executable_path/../Frameworks";
 				LIBRARY_SEARCH_PATHS = "";
 				MACOSX_DEPLOYMENT_TARGET = 10.15;
-				MARKETING_VERSION = 2.1.2;
+				MARKETING_VERSION = 2.1.3;
 				ONLY_ACTIVE_ARCH = NO;
 				PRODUCT_BUNDLE_IDENTIFIER = "com.objective-see.blockblock.helper";
 				PRODUCT_NAME = "BlockBlock Helper";

Daemon/Daemon.xcodeproj/project.pbxproj

@@ -520,7 +520,7 @@
 				CODE_SIGN_ENTITLEMENTS = "$(SRCROOT)/Daemon/BlockBlock.entitlements";
 				CODE_SIGN_IDENTITY = "Developer ID Application";
 				COMBINE_HIDPI_IMAGES = YES;
-				CURRENT_PROJECT_VERSION = 2.1.2;
+				CURRENT_PROJECT_VERSION = 2.1.3;
 				DEVELOPMENT_TEAM = VBG97UB4TA;
 				ENABLE_HARDENED_RUNTIME = YES;
 				FRAMEWORK_SEARCH_PATHS = "$(PROJECT_DIR)/../Carthage/Build/Mac";
@@ -532,7 +532,7 @@
 					"$(SDKROOT)/usr/lib/system",
 				);
 				MACOSX_DEPLOYMENT_TARGET = 10.15;
-				MARKETING_VERSION = 2.1.2;
+				MARKETING_VERSION = 2.1.3;
 				ONLY_ACTIVE_ARCH = NO;
 				OTHER_CFLAGS = "-DDAEMON_BUILD=1";
 				PRODUCT_BUNDLE_IDENTIFIER = "com.objective-see.blockblock";
@@ -549,7 +549,7 @@
 				CODE_SIGN_ENTITLEMENTS = "$(SRCROOT)/Daemon/BlockBlock.entitlements";
 				CODE_SIGN_IDENTITY = "Developer ID Application";
 				COMBINE_HIDPI_IMAGES = YES;
-				CURRENT_PROJECT_VERSION = 2.1.2;
+				CURRENT_PROJECT_VERSION = 2.1.3;
 				DEVELOPMENT_TEAM = VBG97UB4TA;
 				ENABLE_HARDENED_RUNTIME = YES;
 				FRAMEWORK_SEARCH_PATHS = "$(PROJECT_DIR)/../Carthage/Build/Mac";
@@ -561,7 +561,7 @@
 					"$(SDKROOT)/usr/lib/system",
 				);
 				MACOSX_DEPLOYMENT_TARGET = 10.15;
-				MARKETING_VERSION = 2.1.2;
+				MARKETING_VERSION = 2.1.3;
 				ONLY_ACTIVE_ARCH = NO;
 				OTHER_CFLAGS = "-DDAEMON_BUILD=1";
 				PRODUCT_BUNDLE_IDENTIFIER = "com.objective-see.blockblock";

Daemon/Daemon/Plugins/Processes.m

@@ -57,6 +57,9 @@ -(BOOL)shouldIgnore:(Process*)process
     //item path
     NSString* path = nil;
 
+    //app bundle
+    NSBundle* appBundle = nil;
+
     //app's path
     NSString* appPath = nil;
 
@@ -123,7 +126,7 @@ -(BOOL)shouldIgnore:(Process*)process
     }
 
     //not a script
-    // ignore apple / notarized processes
+    // ignore here if it's an apple or notarized processes
     else if( (YES == process.isPlatformBinary.boolValue) ||
              (YES == [process.signingInfo[KEY_SIGNING_IS_NOTARIZED] boolValue]) )
     {
@@ -133,9 +136,33 @@ -(BOOL)shouldIgnore:(Process*)process
         //done
         goto bail;
     }
-
+    
     //dbg msg
     logMsg(LOG_DEBUG, [NSString stringWithFormat:@"using path: %@", path]);
+
+    //not a script?
+    // grab app bundle (for subsequent checks)
+    if(YES != isScript)
+    {
+        //find app bundle
+        appBundle = findAppBundle(path);
+        if(nil != appBundle)
+        {
+            //dbg msg
+            logMsg(LOG_DEBUG, @"is app, with bundle...");
+        }
+    }
+
+    //is from app store?
+    // ignore, as it's trusted (though not 'notarized' per se)
+    if(nil != appBundle.appStoreReceiptURL)
+    {
+        //dbg msg
+        logMsg(LOG_DEBUG, [NSString stringWithFormat:@"%@ has an app store receipt, will allow", process.name]);
+
+        //done
+        goto bail;
+    }
 
     //not translocated
     // ...if quarantined, make sure it's user approved
@@ -169,9 +196,8 @@ -(BOOL)shouldIgnore:(Process*)process
             goto bail;
         }
 
-
-        //get app bundle
-        appPath = findAppBundle(path).bundlePath;
+        //get app path
+        appPath = appBundle.bundlePath;
 
         //also check app bundle
         // to see if it has been approved

Installer/Installer.xcodeproj/project.pbxproj

@@ -403,14 +403,14 @@
 				CODE_SIGN_ENTITLEMENTS = "";
 				CODE_SIGN_IDENTITY = "Developer ID Application";
 				CODE_SIGN_STYLE = Manual;
-				CURRENT_PROJECT_VERSION = 2.1.2;
+				CURRENT_PROJECT_VERSION = 2.1.3;
 				DEVELOPMENT_TEAM = VBG97UB4TA;
 				ENABLE_HARDENED_RUNTIME = YES;
 				FRAMEWORK_SEARCH_PATHS = "$(PROJECT_DIR)/../Carthage/Build/Mac";
 				GCC_WARN_ABOUT_MISSING_FIELD_INITIALIZERS = NO;
 				INFOPLIST_FILE = Helper/Info.plist;
 				MACOSX_DEPLOYMENT_TARGET = 10.15;
-				MARKETING_VERSION = 2.1.2;
+				MARKETING_VERSION = 2.1.3;
 				ONLY_ACTIVE_ARCH = NO;
 				OTHER_CODE_SIGN_FLAGS = "";
 				OTHER_LDFLAGS = (
@@ -438,14 +438,14 @@
 				CODE_SIGN_ENTITLEMENTS = "";
 				CODE_SIGN_IDENTITY = "Developer ID Application";
 				CODE_SIGN_STYLE = Manual;
-				CURRENT_PROJECT_VERSION = 2.1.2;
+				CURRENT_PROJECT_VERSION = 2.1.3;
 				DEVELOPMENT_TEAM = VBG97UB4TA;
 				ENABLE_HARDENED_RUNTIME = YES;
 				FRAMEWORK_SEARCH_PATHS = "$(PROJECT_DIR)/../Carthage/Build/Mac";
 				GCC_WARN_ABOUT_MISSING_FIELD_INITIALIZERS = NO;
 				INFOPLIST_FILE = Helper/Info.plist;
 				MACOSX_DEPLOYMENT_TARGET = 10.15;
-				MARKETING_VERSION = 2.1.2;
+				MARKETING_VERSION = 2.1.3;
 				ONLY_ACTIVE_ARCH = NO;
 				OTHER_CODE_SIGN_FLAGS = "";
 				OTHER_LDFLAGS = (
@@ -474,7 +474,7 @@
 				CODE_SIGN_IDENTITY = "Developer ID Application";
 				CODE_SIGN_STYLE = Manual;
 				COMBINE_HIDPI_IMAGES = YES;
-				CURRENT_PROJECT_VERSION = 2.1.2;
+				CURRENT_PROJECT_VERSION = 2.1.3;
 				DEVELOPMENT_TEAM = VBG97UB4TA;
 				ENABLE_HARDENED_RUNTIME = YES;
 				FRAMEWORK_SEARCH_PATHS = "$(PROJECT_DIR)/../Carthage/Build/Mac";
@@ -483,7 +483,7 @@
 				LD_RUNPATH_SEARCH_PATHS = "$(LD_RUNPATH_SEARCH_PATHS_$(IS_MACCATALYST)) @executable_path/../Frameworks";
 				LIBRARY_SEARCH_PATHS = "";
 				MACOSX_DEPLOYMENT_TARGET = 10.15;
-				MARKETING_VERSION = 2.1.2;
+				MARKETING_VERSION = 2.1.3;
 				ONLY_ACTIVE_ARCH = NO;
 				OTHER_CODE_SIGN_FLAGS = "";
 				PRODUCT_BUNDLE_IDENTIFIER = "com.objective-see.blockblock.installer";
@@ -501,7 +501,7 @@
 				CODE_SIGN_IDENTITY = "Developer ID Application";
 				CODE_SIGN_STYLE = Manual;
 				COMBINE_HIDPI_IMAGES = YES;
-				CURRENT_PROJECT_VERSION = 2.1.2;
+				CURRENT_PROJECT_VERSION = 2.1.3;
 				DEVELOPMENT_TEAM = VBG97UB4TA;
 				ENABLE_HARDENED_RUNTIME = YES;
 				FRAMEWORK_SEARCH_PATHS = "$(PROJECT_DIR)/../Carthage/Build/Mac";
@@ -510,7 +510,7 @@
 				LD_RUNPATH_SEARCH_PATHS = "$(LD_RUNPATH_SEARCH_PATHS_$(IS_MACCATALYST)) @executable_path/../Frameworks";
 				LIBRARY_SEARCH_PATHS = "";
 				MACOSX_DEPLOYMENT_TARGET = 10.15;
-				MARKETING_VERSION = 2.1.2;
+				MARKETING_VERSION = 2.1.3;
 				OTHER_CODE_SIGN_FLAGS = "";
 				PRODUCT_BUNDLE_IDENTIFIER = "com.objective-see.blockblock.installer";
 				PRODUCT_NAME = "BlockBlock Installer";

Installer/Source/main.m

@@ -16,6 +16,16 @@
 #import "utilities.h"
 #import "Configure.h"
 
+/* To build:
+ 
+ 1. Comment out Installer's 'Run Script' (no need to copy in app/helper)
+ 2. Build Installer in 'Release Mode'
+ 3. Copy Installer to Application
+ 4. Comment in Installer's 'Run Script'
+ 5. Build Installer in 'Achive Mode'
+ 
+ */
+
 //main interface
 int main(int argc, char *argv[])
 {

Shared/patrons.txt

@@ -2,4 +2,4 @@ Patrons (2^6+):
 Jan Koum, Christian Blümlein, MikeyH
 
 Friends of Objective-See:
-Jamf, Mosyle, Kandji, CleanMyMac X, Kolide, SmugMug, Guardian Mobile Firewall, iVerify, Halo Privacy, uberAgent
+Jamf, Mosyle, Kandji, CleanMyMac X, Kolide, Fleet, SmugMug, Guardian Mobile Firewall, iVerify, Halo Privacy, uberAgent

Shared/utilities.m

@@ -436,42 +436,54 @@ OSStatus verifyApp(NSString* path, NSString* signingAuth)
 
 //given a path to binary
 // parse it back up to find app's bundle
-NSBundle* findAppBundle(NSString* binaryPath)
+NSBundle* findAppBundle(NSString* path)
 {
     //app's bundle
     NSBundle* appBundle = nil;
 
+    //standarized path
+    NSString* standardedPath = nil;
+
     //app's path
     NSString* appPath = nil;
 
+    //standardize path
+    standardedPath = [[path stringByStandardizingPath] stringByResolvingSymlinksInPath];
+
     //first just try full path
-    appPath = [[binaryPath stringByStandardizingPath] stringByResolvingSymlinksInPath];
+    appPath = standardedPath;
 
-    //try to find the app's bundle/info dictionary
+    //try to find the app's bundle
     do
     {
         //try to load app's bundle
         appBundle = [NSBundle bundleWithPath:appPath];
 
+        //was an app passed in?
+        if(YES == [appBundle.bundlePath isEqualToString:standardedPath])
+        {
+            //all done
+            break;
+        }
+
         //check for match
-        // ->binary path's match
+        // binary path's match
         if( (nil != appBundle) &&
-            (YES == [appBundle.executablePath isEqualToString:binaryPath]))
+            (YES == [appBundle.executablePath isEqualToString:standardedPath]))
         {
             //all done
             break;
         }
 
-        //always unset bundle var since it's being returned
-        // ->and at this point, its not a match
+        //unset
         appBundle = nil;
 
         //remove last part
-        // ->will try this next
+        // will try this next
         appPath = [appPath stringByDeletingLastPathComponent];
 
     //scan until we get to root
-    // ->of course, loop will exit if app info dictionary is found/loaded
+    // of course, loop will exit if app info dictionary is found/loaded
     } while( (nil != appPath) &&
              (YES != [appPath isEqualToString:@"/"]) &&
              (YES != [appPath isEqualToString:@""]) );