dyld3/closured/com.apple.dyld.closured.sb

   1 ;;; Copyright (c) 2017 Apple Inc.  All Rights reserved.
   2 ;;;
   3 ;;; WARNING: The sandbox rules in this file currently constitute
   4 ;;; Apple System Private Interface and are subject to change at any time and
   5 ;;; without notice.
   6 ;;;
   7 (version 1)
   8
   9 (deny default)
  10 (deny file-map-executable iokit-get-properties process-info* nvram*)
  11 (deny dynamic-code-generation)
  12
  13 (import "system.sb")
  14
  15 ;; For reading dylibs
  16 (allow file-read*)
  17
  18 ;; For resolving symlinks, realpath(3), and equivalents.
  19 (allow file-read-metadata)
  20
  21 ;; for logging name of client
  22 (allow process-info-pidinfo)