X-Git-Url: https://git.saurik.com/apple/ipsec.git/blobdiff_plain/64c59980f82beb1accdfb0d8567e51b97b9c7857..d9c572c0d1634988834f2a68361f92bc7242cce4:/racoon.sb

diff --git a/racoon.sb b/racoon.sb
index 8aefd9c..ec52313 100644
--- a/racoon.sb
+++ b/racoon.sb
@@ -23,7 +23,9 @@
     (subpath "/Library/Managed\ Preferences")
     (subpath "/Library/Preferences")
     (subpath "/private/var/root")
-    (literal "/private/var/db/mds/messages/se_SecurityMessages"))
+    (literal "/private/var/mobile/Library/Caches/com.apple.MobileGestalt.plist")
+    (literal "/private/var/db/mds/messages/se_SecurityMessages")
+    (literal "/private/var/db/icu"))
 
 (allow file-write*
     (literal "/private/var/run/racoon.sock")
@@ -50,7 +52,16 @@
 (allow mach-lookup
     (global-name "com.apple.SecurityServer")
     (global-name "com.apple.SystemConfiguration.configd")
-    (global-name "com.apple.ocspd"))
+    (global-name "com.apple.ocspd")
+    (global-name "com.apple.commcenter.xpc")
+    (global-name "com.apple.aggregated")
+    (global-name "com.apple.cfprefsd.daemon")
+    (global-name "com.apple.cfprefsd.agent")
+    (local-name "com.apple.cfprefsd.agent")
+    (global-name "com.apple.nehelper"))
+	
+(allow ipc-posix-shm-read*
+    (ipc-posix-name-regex #"^apple\.shm\.cfprefsd\."))
 
 ;;;;;; Common system sandbox rules
 ;;;;;;