OSX/trustd/com.apple.trustd.sb

   1 (version 1)
   2
   3 (deny default)
   4
   5 (import "system.sb")
   6
   7 (allow file-read*)
   8
   9 (allow file-read* file-write*
  10        (regex #"^/private/var/db/crls/.*$")
  11        (regex #"^/System/Library/Security/.*$")
  12        (literal "/private/var/db/mds/system/mds.lock"))
  13
  14 (allow mach-lookup
  15        (global-name "com.apple.CoreServices.coreservicesd")
  16        (global-name "com.apple.PowerManagement.control")
  17        (global-name "com.apple.security.agent")
  18        (global-name "com.apple.security.agent.login")
  19        (global-name "com.apple.security.authhost")
  20        (global-name "com.apple.SecurityServer")
  21        (global-name "com.apple.system.opendirectoryd.api")
  22        (global-name "com.apple.ocspd"))
  23
  24 (allow ipc-posix-shm
  25        (ipc-posix-name "apple.shm.notification_center")
  26        (ipc-posix-name "com.apple.AppleDatabaseChanged"))
  27
  28 (allow mach-per-user-lookup)
  29
  30 (allow system-audit system-sched)