ClearanceKit

ClearanceKit intercepts every file‑system operation on macOS through Apple’s Endpoint Security framework and evaluates a per‑process policy before the kernel grants access. The policy is based on the cryptographic Team ID and Signing ID of the requesting binary, allowing or denying reads, writes, renames, and opens instantly. It also supports jail rules that restrict a process to specific path prefixes and ancestry checks that require a trusted parent process.

The tool is aimed at users who need to protect sensitive files such as SSH keys, credentials, or other secrets from supply‑chain attacks originating from package managers or other installers. System administrators can deploy policies via MDM profiles, and the native SwiftUI interface provides a live event stream, one‑click policy creation, and visualisation of process trees and throughput.

ClearanceKit is an open‑source, stable utility with no third‑party dependencies, zero network traffic, and a single post‑install script that activates the system extension. Policies are bound to code signatures, making them resistant to spoofing and ensuring they remain effective after software updates.