Privilege Management for Mac 21.2 Release Notes
April 13, 2021
New Features and Enhancements:
- Allow message types configured for Password or Any authentication now support using Touch ID wherever password authentication for the current user alone Is sufficient.
- Users can now create a reason message (allow or block) with a dropdown. Custom messages can be created in the dropdown.
- Using sudo, users can now create a reason message (allow or block) with a dropdown. Custom messages can be created in the dropdown.
- Implemented a workaround for an issue that caused multiple authentication prompts on systems running Big Sur.
- Added a template to the Policy Editor to control the new Battery preference pane on systems running Big Sur.
You can not match on only the URI as other preference panes allow; the exact file path must be written, including the URI of system.preferences.
- Added functionality to the CaptureConfig.app support tool to capture logs for the BIAdapter and PasswordSafe feature.
- Resolved an issue in which PMfM could cause the Keychain app to crash when changing certificate trust settings.
- Resolved an issue in which authorization requests that came from a process on behalf of another process caused the plugin server to exit prematurely.
- Resolved an issue in which defendpointd would hang when communicating with sudo. PMfM now handles chunked pieces of data better.
- Resolved issue in which the SecurityAgent process occasionally transferred string data without a terminating NULL character, which resulted in some authorization requests not being successfully matched during PMfM rules processing, and log entries looking malformed.
- Resolved issue in which the minimum supported versions were not listed in the relevant PLIST files. The minimum supported version is now displayed correctly as 10.14.
- Resolved issue in which Xcode asked for administrator password for initial installation of simulators (on first start up). The associated rights are now controlled by PMfM via policy.
- Resolved issue in which the Finder extension sometimes crashed when opening a context menu.
- Resolved issue in which users were unable to install bundles which have restrictive ownership, restrictive permissions or both, such as Blender.app. Installed bundles are now owned by root:wheel, and the permissions of their contents are modified appropriately.
- Hardened a daemon against sensitive information disclosure that could lead to privilege escalation.
- Resolved issue in which installable and deletable actions were unable to match using file hash when the bundle was signed.
- Resolved issue that incorrectly set the status flag of a bundle's com.apple.quarantine attribute, preventing the installation of the bundle into the /Applications directory.
- Privilege Management Policy Editor 21.2
- Privilege Management ePO Extension 21.1
- Privilege Management Cloud Adapter 21.2
- Privilege Management Console Adapter 21.2
- BeyondInsight Adapter 21.2
If you have a business requirement to downgrade the Mac client, please first uninstall the currently installed version.
Supported Operating Systems:
- macOS 11.0 Big Sur
- macOS 10.15 Catalina
- macOS 10.14 Mojave