MrSphay/MrTrust
1
0
Fork 0
generated from MrSphay/codex-agent-repository-kit
Code Issues Pull Requests Actions Packages Projects Releases 5 Wiki Activity
Files
d3234e03b82dc4e8ecfb2c70e0784f6b518493f4
MrTrust/docs/security-model.md
MrSphay b58b6358f4
Some checks failed
Build MrTrust / build-windows (push) Has been cancelled
Details
Add MrTrust GUI and Gitea release build
2026-05-15 23:47:10 +02:00

1.2 KiB
Raw Blame History

MrTrust Security Model

MrTrust is a trust bootstrapper, not a security bypass.

Allowed Behavior

  • Import a public MrSphay certificate into Windows certificate stores after explicit user approval.
  • Sign MrSphay build artifacts with a private code-signing certificate kept outside git.
  • Provide an uninstall script that removes the same certificate again.

Disallowed Behavior

  • Disabling Microsoft Defender.
  • Disabling SmartScreen.
  • Silently modifying certificate stores.
  • Installing private keys on user machines.
  • Hiding certificate installation inside unrelated app actions.
  • Shipping .pfx files or signing passwords in a repository or release.

Recommended Stores

For normal users:

Cert:\CurrentUser\Root
Cert:\CurrentUser\TrustedPublisher

For managed PCs or all-user installs:

Cert:\LocalMachine\Root
Cert:\LocalMachine\TrustedPublisher

The LocalMachine stores require administrator approval.

Residual Windows Warnings

Even after MrTrust is installed, Windows can still block suspicious software. SmartScreen reputation, Defender detections, enterprise security policy, and downloaded-file mark-of-the-web behavior are separate from Authenticode trust.

Reference in New Issue View Git Blame Copy Permalink