Security improvements:
- Force Kill (SIGKILL) now always requires confirmation - removed "Don't ask
again" option for this destructive operation
- Added protection for critical system processes (kernel_task, launchd,
WindowServer, loginwindow) - UI prevents force-killing these
- Terminate (SIGTERM) retains the "Don't ask again" option as it's a gentler
operation that allows processes to save data
UX improvements:
- Clear error message when attempting to force-kill protected processes
- ConfirmationSheet now supports optional "Don't ask again" toggle via
nullable skipPreferenceKey parameter
This prevents accidental system crashes from force-killing critical processes
while maintaining power-user convenience for regular termination.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Defensive coding improvements to mitigate "kernel as messenger" attack vector
where a local malicious process could craft extreme process names/paths:
- fetchProcessName: Create string from explicit length instead of relying
on null terminator. Protects against edge cases where path buffer might
not be null-terminated at exactly maxPathSize.
- BSD name extraction: Copy to safe buffer with guaranteed null termination
before converting to String. Protects against pbi_name being exactly
MAXCOMLEN bytes without null terminator.
- fetchBasicProcessInfo: Same safe pattern for p_comm field extraction.
- Strip control characters and whitespace from process names to prevent
display/injection issues from maliciously crafted names.
Security: Addresses potential buffer over-read in unsafe Swift pointer
operations when parsing attacker-influenced kernel data structures.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Security improvements:
- Validate process still exists before sending signals
- Verify process start time matches to detect PID reuse
- Add ProcessControlError enum with descriptive error messages
- Show error alerts when operations fail (permission denied, process not found, PID reused)
- Pass expectedStartTime to all process control operations
This prevents accidentally terminating the wrong process when a PID
gets reused between user selection and confirmation.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add cpuUsageTotal property to ProcessItem (100% = all cores)
- Keep cpuUsage as per-core percentage (100% = 1 core)
- Display both columns: CPU/Core and CPU/Total
- CPU/Total values now sum to match the total system CPU
This clarifies the difference between per-core and system-wide CPU
measurements that was causing confusion.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Major performance improvements to reduce CPU usage from 25-30% to ~0.5%:
- Move all data fetching to dedicated background queue
- Prime CPU and process monitors at startup with 1-second delay for accurate delta calculation
- Implement smart refresh cycles: processes fetched every other cycle after initial warmup
- Add lightweight refresh that skips expensive calls for idle processes (CPU < 0.1%)
- Increase refresh interval from 2s to 3s
- Add caching for processes with no icons to avoid repeated lookups
- Use sysctl fallback to get correct user ownership for system processes
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
A native SwiftUI app for monitoring macOS system resources:
- Processes tab with sorting, filtering, and process control
- Apps tab for running applications
- Performance tab with CPU, memory, and network charts
- Power & Storage tab with system info, GPU, storage, and network
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
