git.saurik.com Git - apple/security.git/blame_incremental - keychain/TrustedPeersHelper/com.apple.TrustedPeersHelper.sb

... / ...

Commit	Line	Data
	1	(version 1)
	2
	3	(define (home-subpath home-relative-subpath)
	4	(subpath (string-append (param "HOME") home-relative-subpath)))
	5
	6	(deny default)
	7	(deny file-map-executable iokit-get-properties process-info* nvram*)
	8	(deny dynamic-code-generation)
	9
	10	(deny mach-priv-host-port)
	11	(import "system.sb")
	12	(import "com.apple.corefoundation.sb")
	13	(corefoundation)
	14
	15	(allow distributed-notification-post)
	16
	17	(allow process-info* (target self))
	18	(allow process-info-codesignature)
	19
	20	(allow file-read-metadata)
	21
	22	(allow file-read* file-write*
	23	(home-subpath "/Library/Keychains/"))
	24
	25	(allow mach-lookup
	26	(global-name "com.apple.cloudd")
	27	(global-name "com.apple.apsd")
	28	(global-name "com.apple.securityd.xpc")
	29	(global-name "com.apple.security.sfkeychainserver")
	30	(global-name "com.apple.SecurityServer")
	31	(global-name "com.apple.lsd.mapdb")
	32	)
	33
	34	(allow user-preference-read
	35	(preference-domain "kCFPreferencesAnyApplication")
	36	)
	37
	38	(allow file-read* file-write*
	39	(subpath "/private/var/db/mds/")
	40	(subpath "/Library/Keychains/")
	41	)