Hi,
I'd like to prevet some sensitive project files from being deleted by unauthorized entities, So i use
kauth_listen_scope
with KAUTH_SCOPE_VNODE
option to add new callback function that prevent other from deleting those files.However, it appears that it's possible to move those files to trash folder from
Finder
since it uses the rename
system call which doesn't goes through vnode authorization, but only fileop event (but these are for detection only).Perhaps anyone have an alternative about what can be done in order to prevent this action ?
thanks