From eae21d85e29eeaaacc15034b3d904b7a75dda372 Mon Sep 17 00:00:00 2001
From: Robert <Robert@TryingToScale.com>
Date: Sun, 18 May 2025 17:09:50 -0400
Subject: [PATCH] Added go routine for sendAlert to prevent system crash...

---
 README.md    |  7 +++++++
 execguard.go | 30 ++++++++++++++----------------
 2 files changed, 21 insertions(+), 16 deletions(-)

diff --git a/README.md b/README.md
index b2416e6..704c283 100644
--- a/README.md
+++ b/README.md
@@ -5,6 +5,13 @@ This for educational use ONLY. Not fit for any real world system.
 Beaware it is possible to lock your self out of your own system with this program, if not used right!
 Please look at the go code, etc...
 
+## If LOCKED OUT:
+Boot into a Linux Live USB disk. Then mount your hard drive, open the folder to etc, right click and open in new Terminal. From the etc folder... change directory to systemd/system.
+```
+cd systemd/system/
+mv execguard.service ../opps.backup
+reboot
+```
 ### About execgaurd --init
 This will initialize the /etc/execguard/allowed.db SQLite3 Database.
 It is in Leaning mode... All program will run as normal.
diff --git a/execguard.go b/execguard.go
index bbff0d6..52cecba 100644
--- a/execguard.go
+++ b/execguard.go
@@ -109,15 +109,17 @@ func main() {
 		runMigration(db)
 		return
 	}
-
-	go func() {
-		defer func() {
-			if r := recover(); r != nil {
-				log.Printf("Recovered from scan panic: %v", r)
-			}
-		}()
-		periodicScan(config.ProtectedDirs, db)
-	}()
+    
+    if config.ScanInterval > 0 {
+        go func() {
+            defer func() {
+                if r := recover(); r != nil {
+                    log.Printf("Recovered from scan panic: %v", r)
+                }
+            }()
+            periodicScan(config.ProtectedDirs, db)
+        }()
+    }
 
 	if err := monitorExecutions(db); err != nil {
 		log.Fatalf("Execution monitoring failed: %v", err)
@@ -298,11 +300,6 @@ func computeHash(path string) string {
 }
 
 func periodicScan(dirs []string, db *sql.DB) {
-    if config.ScanInterval == 0 {
-		// log.Println("Periodic scanning is disabled by configuration.")
-		return
-	}
-    
 	skipSet := make(map[string]struct{})
 	for _, skip := range config.SkipDirs {
 		if abs, err := filepath.Abs(skip); err == nil {
@@ -342,7 +339,7 @@ func periodicScan(dirs []string, db *sql.DB) {
 					} else if !isAllowed(db, absPath) {
 						log.Printf("Found unauthorized executable: %s", absPath)
 						os.Chmod(absPath, info.Mode()&^0111)
-						sendAlert(fmt.Sprintf("Unauthorized executable found and blocked: %s", absPath))
+						go sendAlert(fmt.Sprintf("Unauthorized executable found and blocked: %s", absPath))
 					}
 				}
 				return nil
@@ -393,7 +390,8 @@ func monitorExecutions(db *sql.DB) error {
 							addToAllowed(db, absPath)
 						} else if !isAllowed(db, absPath) {
 							log.Printf("Blocked execution attempt: %s", absPath)
-							sendAlert(fmt.Sprintf("Unauthorized execution attempt blocked: %s", absPath))
+                            // To avoid locking up the Whole System...use go function on sendAlert!!!
+							go sendAlert(fmt.Sprintf("Unauthorized execution attempt blocked: %s", absPath))
 							resp.Response = unix.FAN_DENY
 						}
 					}