Bitdefender blocking Mac cli commands
Bitdefender is blocking cli commands like /bin/mv and prompting for password. How can I allow permanent access for standard posix commands?
Answers
-
Hello @mark helzer,
Check this article for steps to take:
You need to select Allow from Safe Files.
Regards,
Alex
Premium Security & Bitdefender Endpoint Security Tools user
1 -
Sorry, Alex, but that doesn't address the original poster's issue. The OP wants to give these CLI commands permanent permission. Many of the commands run from Terminal can only be given 5 minutes of allowed access. After 5 minutes, commands such as /bin/rm are again blocked and only temp access via password can be granted.
For those of us who work at the command line for many hours a day, having to type in our passwords to reuse the same commands over and over is quite annoying. There should be a possibility to permanently allow these commands.
Cheers,
trane
0 -
Hello @608xperience and thanks for joining us here.
I'll share a bit more context regarding the CLI commands.
Permanent access to such a command can be given if the user goes to the Safe Files permissions screen in the GUI ("application access" I think it's called) and presses "+" and navigates manually to the /bin/mv executable path and adds it to the list, and changes its automatic permission from Block to Allow.
A caveat here is that this way, any execution of this program will be allowed, whether it is a /bin/mv executed from the User Terminal, or whether it is a /bin/mv launched as a subprocess by any process in the system, which is why we consider that it is not really advisable to give permanent permission to such processes and therefore this option is not directly offered to the user. Those commands can be "exploited" by rogue apps. Hence the restriction on them.
I hope things are clearer now.
Regards,
Alex
Premium Security & Bitdefender Endpoint Security Tools user
1 -
Hi, Alex.
That's helpful. I do think that there should be little risk from these commands when executed from an already running shell in a Terminal session. Perhaps more granular protection would be possible, e.g., requiring a password for executable files being run that call the commands. As it is now, I tend to disable Safe Files when compiling large projects because of how such commands tend to be called.
Have a good day.
1