202
edits
Haftandilian (talk | contribs) (Glossary) |
Haftandilian (talk | contribs) (Path list) |
||
Line 618: | Line 618: | ||
Allow full reads and writes to appTempDir which (in this example) is "/Users/<USERNAME>/Library/Caches/TemporaryItems/Temp-{62ac76fa-73fd-8f46-bd2b-12c4d53aa1cc}". The directory is reset each time Firefox starts. | Allow full reads and writes to appTempDir which (in this example) is "/Users/<USERNAME>/Library/Caches/TemporaryItems/Temp-{62ac76fa-73fd-8f46-bd2b-12c4d53aa1cc}". The directory is reset each time Firefox starts. | ||
|} | |} | ||
= File Paths in the Rules = | |||
<pre> | |||
On OS X the Firefox profile is (by default) stored in ~/Library/Application Support/Firefox/Profiles | |||
read & write: | |||
All paths except ~/Library and what is specifically allowed in ~/Library | |||
-- This rule makes most other rules redundant, but once it is removed | |||
the other rules with specific inclusions will take effect. | |||
/dev/null | |||
/dev/zero | |||
/dev/dtracehelper | |||
/private/var/folders/[^/][^/][^/]+/[^/]com.apple.IntlDataCache.le | |||
/private/var/folders/[^/][^/][^/]+/[^/]org.chromium.[a-Z0-9]* | |||
~/Library/Caches/TemporaryItems/plugtmp.* | |||
~/Library/Caches/TemporaryItems/Temp-{UUID} | |||
read: | |||
/Library/Filesystems/NetFSPlugins | |||
/System | |||
/private/var/db/dyld | |||
/usr/lib | |||
/usr/share | |||
/Library/Fonts | |||
/Library/Audio/Plug-Ins | |||
/Library/CoreMediaIO/Plug-Ins/DAL | |||
/Library/Spelling | |||
/private/etc/cups/ppd | |||
/private/var/run/cupsd | |||
/Library/Application Support/[^/]+/Extensions/[^/]/ | |||
/private/var/folders/[^/][^/][^/]+/[^/]com.apple.IconServices | |||
/private/var/folders/[^/][^/][^/]+/[^/][^/]+.mozrunner/extensions/[^/]/chrome/[^/]+/content/[^/]+.j(s|ar) | |||
~/Library/Colors | |||
~/Library/Fonts | |||
~/Library/FontCollections | |||
~/Library/Keyboard Layouts | |||
~/Library/Input Methods | |||
~/Library/PDF Services | |||
~/Library/Spelling | |||
~/Library/Application Support/[^/]+/Extensions/[^/]/ | |||
~/Library/Application Support/Firefox/Profiles/[^/]+/extensions/ | |||
~/Library/Application Support/Firefox/Profiles/[^/]+/weave/ | |||
~/Library/Caches/TemporaryItems/* | |||
~/.cups/lpoptions | |||
~/.cups/client.conf | |||
/private/etc/cups/lpoptions | |||
/private/etc/cups/client.conf | |||
/private/etc/cups/ppd/*... | |||
/private/var/run/cupsd | |||
/Library/Printers/[^/]+/PDEs/[^/]+.plugin | |||
/Library/PDF Services/*... | |||
/Applications/Preview.app | |||
~/Library/Preferences/com.apple.ServicesMenu.Services.plist | |||
read literal: | |||
/dev/autofs_nowait | |||
/dev/random | |||
/dev/urandom | |||
/ | |||
/private/tmp | |||
/private/var/tmp | |||
~/.CFUserTextEncoding | |||
~/Library/Preferences/com.apple.DownloadAssessment.plist | |||
~/Library/Preferences/.../...plist | |||
read metadata: | |||
literal /etc | |||
/tmp | |||
/var | |||
/private/etc/localtime | |||
* | |||
/home | |||
/net | |||
/private/var/folders/... | |||
~/Library | |||
</pre> |
edits