Kindly be advised we cannot cancel subscriptions or issue refunds on the forum.
You may cancel your Bitdefender subscription from Bitdefender Central or by contacting Customer Support at: https://www.bitdefender.com/consumer/support/help/

Thank you for your understanding.

Bitdefender blocking Mac cli commands

Options
mark helzer
mark helzer Mr
edited September 2023 in Protection - Malware/ Firmware etc.

Bitdefender is blocking cli commands like /bin/mv and prompting for password. How can I allow permanent access for standard posix commands?

Answers

  • Alexandru_BD
    Alexandru_BD admin
    Options

    Hello @mark helzer,

    Check this article for steps to take:

    https://www.bitdefender.com/consumer/support/answer/2443/#:~:text=Bitdefender%20Safe%20Files%20guards%20your,for%20Mac%20on%20your%20Macintosh

    You need to select Allow from Safe Files.

    Regards,

    Alex

    Premium Security & Bitdefender Endpoint Security Tools user

  • 608xperience
    608xperience
    Options

    Sorry, Alex, but that doesn't address the original poster's issue. The OP wants to give these CLI commands permanent permission. Many of the commands run from Terminal can only be given 5 minutes of allowed access. After 5 minutes, commands such as /bin/rm are again blocked and only temp access via password can be granted.

    For those of us who work at the command line for many hours a day, having to type in our passwords to reuse the same commands over and over is quite annoying. There should be a possibility to permanently allow these commands.

    Cheers,

    trane

    Screen Shot 2024-02-01 at 14.17.37.png
    Screen Shot 2024-02-01 at 14.18.08.png


  • Alexandru_BD
    Alexandru_BD admin
    Options

    Hello @608xperience and thanks for joining us here.

    I'll share a bit more context regarding the CLI commands.

    Permanent access to such a command can be given if the user goes to the Safe Files permissions screen in the GUI ("application access" I think it's called) and presses "+" and navigates manually to the /bin/mv executable path and adds it to the list, and changes its automatic permission from Block to Allow.

    A caveat here is that this way, any execution of this program will be allowed, whether it is a /bin/mv executed from the User Terminal, or whether it is a /bin/mv launched as a subprocess by any process in the system, which is why we consider that it is not really advisable to give permanent permission to such processes and therefore this option is not directly offered to the user. Those commands can be "exploited" by rogue apps. Hence the restriction on them.

    I hope things are clearer now.

    Regards,

    Alex

    Premium Security & Bitdefender Endpoint Security Tools user

  • 608xperience
    608xperience
    edited February 3
    Options

    Hi, Alex.

    That's helpful. I do think that there should be little risk from these commands when executed from an already running shell in a Terminal session. Perhaps more granular protection would be possible, e.g., requiring a password for executable files being run that call the commands. As it is now, I tend to disable Safe Files when compiling large projects because of how such commands tend to be called.

    Have a good day.

All Time Leaders

Categories

Defenders of the month