From 8e05e69465e2d34b0a06cea89c73161507c5fab6 Mon Sep 17 00:00:00 2001
From: Thomas Stromberg <t+github@chainguard.dev>
Date: Tue, 13 Sep 2022 21:25:04 -0400
Subject: [PATCH] whitelist more launchd entries

---
 startup/unexpected-launchd-program-arguments.sql | 8 +++++++-
 startup/unexpected-launchd-program.sql           | 3 +++
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/startup/unexpected-launchd-program-arguments.sql b/startup/unexpected-launchd-program-arguments.sql
index cdfcd4b..8d2038c 100644
--- a/startup/unexpected-launchd-program-arguments.sql
+++ b/startup/unexpected-launchd-program-arguments.sql
@@ -22,6 +22,7 @@ WHERE (
     AND l.path NOT LIKE "/System/%"
     AND program_authority NOT IN (
         'Developer ID Application: Adobe Inc. (JQ525L2MZD)',
+        'Developer ID Application: Corsair Memory, Inc. (Y93VXCB8Q5)',
         'Developer ID Application: Foxit Corporation (8GN47HTP75)',
         'Developer ID Application: Google LLC (EQHXZ8M8AV)',
         'Developer ID Application: Keybase, Inc. (99229SGT5K)',
@@ -31,10 +32,15 @@ WHERE (
         'Developer ID Application: Mersive Technologies (63B5A5WDNG)',
         'Developer ID Application: Microsoft Corporation (UBF8T346G9)',
         'Developer ID Application: Proton Technologies AG (6UN54H93QT)',
+        'Developer ID Application: Seiko Epson Corporation (TXAEAV5RN4)',
         'Software Signing',
         'yabai-cert'
 
     )
-    AND program_arguments NOT IN ('/opt/homebrew/opt/skhd/bin/skhd')
+    AND program_arguments NOT IN (
+        '/opt/homebrew/opt/skhd/bin/skhd',
+        '/usr/local/MacGPG2/libexec/fixGpgHome'
+    )
     AND program_arguments NOT LIKE '/Users/%/Library/Application Support/com.grammarly.ProjectLlama/Scripts/post-uninstall.sh'
+    AND program_arguments NOT LIKE '/Users/%/homebrew/opt/mysql/bin/mysqld_safe --datadir=/Users/%/homebrew/var/mysql'
 
diff --git a/startup/unexpected-launchd-program.sql b/startup/unexpected-launchd-program.sql
index 07295c9..cefa37f 100644
--- a/startup/unexpected-launchd-program.sql
+++ b/startup/unexpected-launchd-program.sql
@@ -23,4 +23,7 @@ WHERE (
         'Developer ID Application: Microsoft Corporation (UBF8T346G9)',
         'Developer ID Application: Valve Corporation (MXGJJ98X76)',
         'Developer ID Application: Wireshark Foundation, Inc. (7Z6EMTD2C6)'
+    )
+    AND program NOT IN (
+        '/usr/local/MacGPG2/libexec/shutdown-gpg-agent'
     )
\ No newline at end of file