Skip to content

Instantly share code, notes, and snippets.

@inC3ASE
Created October 14, 2016 01:44
Show Gist options
  • Save inC3ASE/5aef2dd1994444515667ddf3273f38c6 to your computer and use it in GitHub Desktop.
Save inC3ASE/5aef2dd1994444515667ddf3273f38c6 to your computer and use it in GitHub Desktop.
Sandbox/Profiles/
;; OriginatingProject: files
;;
;; common rules for various BSD daemons
;; Copyright (c) 2007-2011 Apple Inc. All Rights reserved.
;;
;; WARNING: The sandbox rules in this file currently constitute
;; Apple System Private Interface and are subject to change at any time and
;; without notice. The contents of this file are also auto-generated and not
;; user editable; it may be overwritten at any time.
;;
(version 1)
(debug deny)
(import "system.sb")
;; allow processes to traverse symlinks
(allow file-read-metadata)
(allow file-read-data file-write-data
(regex
; Allow files accessed by system dylibs and frameworks
#"/\.CFUserTextEncoding$"
#"^/usr/share/nls/"
#"^/usr/share/zoneinfo/"
))
(allow ipc-posix-shm (ipc-posix-name "apple.shm.notification_center")) ; Libnotify
(allow signal (target self))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment