Sandbox/OS X Rule Set: Difference between revisions

Sandbox/OS X Rule Set (view source)

Revision as of 23:22, 28 September 2016

135 bytes removed , 28 September 2016

Cleanup

Haftandilian

202

edits

@@ Line 634: / Line 634: @@
 |-
 ! Blocked at Sandbox Level !! Access Type !! Are Subpaths Included? !! Path
+|-
+| 1 || W || yes || <HOME DIR>
+|-
+| 1 || W || yes || <PROFILE DIR>
+|-
+| 2 || R || yes || <HOME DIR>/Library
+|-
+| 2 || R || yes || <PROFILE DIR>
+|-
+| 3 || R || yes || <PROFILE DIR>/extensions
+|-
+| 3 || R || yes || <PROFILE DIR>/weave
+|-
+| 3 || R || yes || <HOME DIR> and anywhere accessible by user by default
 |-
 | 99 || W || no || /dev/null
@@ Line 661: / Line 675: @@
 | 99 || R || no || ~/Library/Caches/TemporaryItems/Temp-{UUID} (Content Temp Dir)
 |-
-| 1 || W || yes || <HOME DIR> and anywhere accessible by user by default
+| 99 || R || no || /dev/autofs_nowait
 |-
-| 3 || R || yes || <HOME DIR> and anywhere accessible by user by default
+| 99 || R || no || /dev/random
 |-
-| 2 || R || yes || <HOME DIR>/Library
+| 99 || R || no || /dev/urandom
 |-
-| 1 || W || yes || <PROFILE DIR>
+| 99 || R || no || /
 |-
-| 2 || R || yes || <PROFILE DIR>
+| 99 || R || no || /private/tmp
 |-
-| 3 || R || yes || <PROFILE DIR>/extensions
+| 99 || R || no || /private/var/tmp
 |-
-| 3 || R || yes || <PROFILE DIR>/weave
+| 99 || R || no || <HOME DIR>/.CFUserTextEncoding
 |-
-| 99 || read metadata || no || /etc
+| 99 || R || no || <HOME DIR>/Library/Preferences/com.apple.DownloadAssessment.plist
 |-
-| 99  || read metadata || no || /tmp
+| 99 || R || no || <HOME DIR>/Library/Preferences/.../...plist
 |-
-| 99  || read metadata || no || /var
+| 99 || R || yes || <HOME DIR>/Library/Colors
 |-
-| 99  || read metadata || no || /private/etc/localtime
+| 99 || R || yes || <HOME DIR>/Library/Fonts
 |-
-| 99  || read metadata || no || *
+| 99 || R || yes || <HOME DIR>/Library/FontCollections
 |-
-| 99  || read metadata || no || /home
+| 99 || R || yes || <HOME DIR>/Library/Keyboard Layouts
 |-
-| 99  || read metadata || no || /net
+| 99 || R || yes || <HOME DIR>/Library/Input Methods
 |-
-| 99  || read metadata || no || /private/tmp/KSInstallAction.*
+| 99 || R || yes || <HOME DIR>/Library/Spelling
 |-
-| 99 || read metadata || no || /private/var/folders/[^/][^/].*
+| 99 || R || yes || /Library/Filesystems/NetFSPlugins
 |-
-| 99 || read metadata || no || <HOME DIR>/Library
+| 99 || R || yes || /System
 |-
-| 99 || read || no || /dev/autofs_nowait
+| 99 || R || yes || /private/var/db/dyld
 |-
-| 99 || read || no || /dev/random
+| 99 || R || yes || /usr/lib
 |-
-| 99 || read || no || /dev/urandom
+| 99 || R || yes || /usr/share
 |-
-| 99 || read || no || /
+| 99 || R || no || /Library/Preferences/com.apple.HIToolbox.plist
 |-
-| 99 || read || no || /private/tmp
+| 99 || R || no || /Library/Preferences/.GlobalPreferences.plist
 |-
-| 99 || read || no || /private/var/tmp
+| 99 || R || yes || /Library/Fonts
 |-
-| 99 || read || no || <HOME DIR>/.CFUserTextEncoding
+| 99 || R || yes || /Library/Audio/Plug-Ins
 |-
-| 99 || read || no || <HOME DIR>/Library/Preferences/com.apple.DownloadAssessment.plist
+| 99 || R || yes || /Library/CoreMediaIO/Plug-Ins/DAL
 |-
-| 99 || read || no || <HOME DIR>/Library/Preferences/.../...plist
+| 99 || R || yes || /Library/Spelling
 |-
-| 99 || read || yes || <HOME DIR>/Library/Colors
+| 99 || R || yes || <INSTALL DIR>/Firefox.app/Contents/Resources/browser
 |-
-| 99 || read || yes || <HOME DIR>/Library/Fonts
+| 99 || R || no  || <INSTALL DIR>/Firefox.app/Contents/MacOS/plugin-container.app
 |-
-| 99 || read || yes || <HOME DIR>/Library/FontCollections
+| 99 || R || no  || <INSTALL DIR>/Firefox.app/Contents/MacOS/plugin-container.app/Contents/MacOS/plugin-container
 |-
-| 99 || read || yes || <HOME DIR>/Library/Keyboard Layouts
+| 99 || R || yes || <HOME DIR>/Library/Application Support/[^/]+/Extensions/[^/]/
 |-
-| 99 || read || yes || <HOME DIR>/Library/Input Methods
+| 99 || R || yes || /Library/Application Support/[^/]+/Extensions/[^/]/
 |-
-| 99 || read || yes || <HOME DIR>/Library/Spelling
+| 99 || R || yes || <HOME DIR>/Library/Caches/TemporaryItems
 |-
-| 99 || read || yes || /Library/Filesystems/NetFSPlugins
+| 99 || read metadata || no || /etc
 |-
-| 99 || read || yes || /System
+| 99  || read metadata || no || /tmp
 |-
-| 99 || read || yes || /private/var/db/dyld
+| 99  || read metadata || no || /var
 |-
-| 99 || read || yes || /usr/lib
+| 99  || read metadata || no || /private/etc/localtime
 |-
-| 99 || read || yes || /usr/share
+| 99  || read metadata || no || *
 |-
-| 99 || read || no || /Library/Preferences/com.apple.HIToolbox.plist
+| 99  || read metadata || no || /home
 |-
-| 99 || read || no || /Library/Preferences/.GlobalPreferences.plist
+| 99  || read metadata || no || /net
 |-
-| 99 || read || yes || /Library/Fonts
+| 99  || read metadata || no || /private/tmp/KSInstallAction.*
 |-
-| 99 || read || yes || /Library/Audio/Plug-Ins
+| 99 || read metadata || no || /private/var/folders/[^/][^/].*
 |-
-| 99 || read || yes || /Library/CoreMediaIO/Plug-Ins/DAL
+| 99 || read metadata || no || <HOME DIR>/Library
-|-
-| 99 || read || yes || /Library/Spelling
-|-
-| 99 || read || yes || <INSTALL DIR>/Firefox.app/Contents/Resources/browser
-|-
-| 99 || read || no  || <INSTALL DIR>/Firefox.app/Contents/MacOS/plugin-container.app
-|-
-| 99 || read || no  || <INSTALL DIR>/Firefox.app/Contents/MacOS/plugin-container.app/Contents/MacOS/plugin-container
-|-
-| 99 || read || yes || <HOME DIR>/Library/Application Support/[^/]+/Extensions/[^/]/
-|-
-| 99 || read || yes || /Library/Application Support/[^/]+/Extensions/[^/]/
 |-
-| 99 || read || yes || <HOME DIR>/Library/Caches/TemporaryItems
 |}

Sandbox/OS X Rule Set: Difference between revisions

Sandbox/OS X Rule Set (view source)

Revision as of 23:22, 28 September 2016

Navigation menu

Search