Does the launcher auto-updater also allow for installing extra extensions when you publish an update?
s
seph
04/10/2020, 4:42 PM
Launcher’s update mechanism is explicitly just for launcher and osqueryd.
I’m not sure there’s a straightfoward way to run launcher with additional extensions anyhow. It’s certainly possible, but I don’t think there are obvious hooks. Maybe
j
john
04/10/2020, 9:04 PM
hmm, is that because launcher is designed to only insert itself as an extension via the socket?
s
seph
04/10/2020, 9:05 PM
Launcher is a bit more complicated, but yes. It’s not impossible to launcher other extensions, but it’s not part of launchers’s designed use case, so we didn’t write it
j
john
04/10/2020, 9:05 PM
my goal was to package the fwctl extension from trailofbits so we have a nice way to read windows/linux firewall status as they don’t have an easy table like we have for macos’s alf
s
seph
04/10/2020, 9:29 PM
Dows fwctl add notable read abilities? I thought it was mostly oriented around being a writable interface
j
john
04/11/2020, 12:49 AM
it does indeed mostly describe that new write table stuff but i’m mostly interested in reading the windows firewall status, which it also does (as well as pf, iptables)
but now that you mention it, knowing if it has enabled rules doesn’t mean the firewall itself is running 🤔
s
seph
04/11/2020, 12:52 AM
You often need to look at multiple tables to understand the state of a system
j
john
04/11/2020, 12:53 AM
yeah, so far i’ve looked at processes, services and the registry, but i’ve also seen states where the process is running the firewall service is running and the registry key says it’s enabled, but