Privilege Management for Mac 5.5 SR1 Release Notes
February 4, 2020
- Improved performance times for Xcode compilation.
- The list of exclusions is now stored and executed at the kernel level, vastly reducing times due to no communication needed between daemons, rules processing, and the kernel.
- The Interrogator now reuses connections to reduce CPU time when a binary is triggered multiple times.
- Privilege Management finder extension can fail to load correctly on installation. This can be enabled manually by the end user or by deployment of a script.
- In the MMC, ?* matches on a single valid character (non-white space) and "*" matches zero or more characters. Combined, they should match anything with more than one character, but also matches on empty strings, which is unexpected.
- Unable to control authorizations from GarageBand updater.
- Unable to control authorization from Xcode that adds users to the _developer group. This can be done via a deployed script or on the endpoint using a command.
- Unable to effectively control authorization prompts triggered via AEWP / Security_AuthTrampoline. AEWP is a deprecated function and should not be used.
Catalina Specific Issues:
- Cannot control auth prompt where Standard User installs apps through the app store. The application will install regardless of user interaction.
- Cannot control auth prompt for Console.app when run as Standard User. Standard Users can still use the CaptureConfig utility for collecting logs for support.
- System Preferences can fail to unlock using Privilege Management for Mac. This has been reported to and accepted by Apple as a bug in macOS.
- Privilege Management Policy Editor 5.5
- Privilege Management ePO Extension 5.5
- Privilege Management Console Adapter 2.4.44323.0
- BeyondInsight Adapter 5.4
If you have a business requirement to downgrade the Mac client, please first uninstall the currently installed version.
Supported Operating Systems:
- macOS 10.15 Catalina
- macOS 10.14 Mojave
- macOS 10.13 High Sierra