MozillaWiki

Sandbox/Mac: Difference between revisions

Page Discussion

Sandbox/Mac (view source)

Revision as of 17:54, 11 August 2016

4,769 bytes removed ,  11 August 2016
Link the debugging page
(Created page with "== Using the (trace <filename>) option. == <pre> ~ $ cat test.sb (version 1) (debug all) (trace "trace.sb") (deny default) ~ $ sandbox-exec -f ./test.sb ls /tmp com.apple.lau...")
 
(Link the debugging page)
 
Line 1: Line 1:
== Using the (trace <filename>) option. ==
[[Sandbox/Mac/Debugging]]
<pre>
~ $ cat test.sb
(version 1)
(debug all)
(trace "trace.sb")
(deny default)
~ $ sandbox-exec -f ./test.sb ls /tmp
com.apple.launchd.TxO9Zrlk0Y textmate-501.sock
com.apple.launchd.Wx9IMgekbf wifi-Uy2Oqp.log
~ $ cat trace.sb
(version 1) ; Thu Aug 11 10:46:24 2016
(allow process-exec* (path "/bin/ls"))
(allow process-exec* (path "/bin/ls"))
(allow file-read-metadata (path "/usr/lib/libutil.dylib"))
(allow file-read-metadata (path "/usr/lib/libncurses.5.4.dylib"))
(allow file-read-metadata (path "/usr/lib/libSystem.B.dylib"))
(allow file-read-metadata (path "/usr/lib/libc++.1.dylib"))
(allow file-read-metadata (path "/usr/lib/libc++abi.dylib"))
(allow file-read-metadata (path "/usr/lib/system/libcache.dylib"))
(allow file-read-metadata (path "/usr/lib/system/libcommonCrypto.dylib"))
(allow file-read-metadata (path "/usr/lib/system/libcompiler_rt.dylib"))
(allow file-read-metadata (path "/usr/lib/system/libcopyfile.dylib"))
(allow file-read-metadata (path "/usr/lib/system/libcorecrypto.dylib"))
(allow file-read-metadata (path "/usr/lib/system/libdispatch.dylib"))
(allow file-read-metadata (path "/usr/lib/system/libdyld.dylib"))
(allow file-read-metadata (path "/usr/lib/system/libkeymgr.dylib"))
(allow file-read-metadata (path "/usr/lib/system/liblaunch.dylib"))
(allow file-read-metadata (path "/usr/lib/system/libmacho.dylib"))
(allow file-read-metadata (path "/usr/lib/system/libquarantine.dylib"))
(allow file-read-metadata (path "/usr/lib/system/libremovefile.dylib"))
(allow file-read-metadata (path "/usr/lib/system/libsystem_asl.dylib"))
(allow file-read-metadata (path "/usr/lib/system/libsystem_blocks.dylib"))
(allow file-read-metadata (path "/usr/lib/system/libsystem_c.dylib"))
(allow file-read-metadata (path "/usr/lib/system/libsystem_configuration.dylib"))
(allow file-read-metadata (path "/usr/lib/system/libsystem_coreservices.dylib"))
(allow file-read-metadata (path "/usr/lib/system/libsystem_coretls.dylib"))
(allow file-read-metadata (path "/usr/lib/system/libsystem_dnssd.dylib"))
(allow file-read-metadata (path "/usr/lib/system/libsystem_info.dylib"))
(allow file-read-metadata (path "/usr/lib/system/libsystem_kernel.dylib"))
(allow file-read-metadata (path "/usr/lib/system/libsystem_m.dylib"))
(allow file-read-metadata (path "/usr/lib/system/libsystem_malloc.dylib"))
(allow file-read-metadata (path "/usr/lib/system/libsystem_network.dylib"))
(allow file-read-metadata (path "/usr/lib/system/libsystem_networkextension.dylib"))
(allow file-read-metadata (path "/usr/lib/system/libsystem_notify.dylib"))
(allow file-read-metadata (path "/usr/lib/system/libsystem_platform.dylib"))
(allow file-read-metadata (path "/usr/lib/system/libsystem_pthread.dylib"))
(allow file-read-metadata (path "/usr/lib/system/libsystem_sandbox.dylib"))
(allow file-read-metadata (path "/usr/lib/system/libsystem_secinit.dylib"))
(allow file-read-metadata (path "/usr/lib/system/libsystem_trace.dylib"))
(allow file-read-metadata (path "/usr/lib/system/libunc.dylib"))
(allow file-read-metadata (path "/usr/lib/system/libunwind.dylib"))
(allow file-read-metadata (path "/usr/lib/system/libxpc.dylib"))
(allow file-read-metadata (path "/usr/lib/libobjc.A.dylib"))
(allow file-read-metadata (path "/usr/lib/libauto.dylib"))
(allow file-read-metadata (path "/usr/lib/libDiagnosticMessagesClient.dylib"))
(allow file-read-data (path "/dev/dtracehelper"))
(allow file-write-data (path "/dev/dtracehelper"))
(allow file-ioctl (path "/dev/dtracehelper"))
(allow sysctl-read (sysctl-name "kern.usrstack64"))
(allow file-read-metadata (path "/usr/share/locale/en_US.UTF-8/LC_COLLATE"))
(allow file-read-data (path "/usr/share/locale/la_LN.US-ASCII/LC_COLLATE"))
(allow file-read-metadata (path "/usr/share/locale/en_US.UTF-8/LC_CTYPE"))
(allow file-read-data (path "/usr/share/locale/UTF-8/LC_CTYPE"))
(allow file-read-metadata (path "/usr/share/locale/en_US.UTF-8/LC_MONETARY"))
(allow file-read-data (path "/usr/share/locale/en_US.ISO8859-1/LC_MONETARY"))
(allow file-read-metadata (path "/usr/share/locale/en_US.UTF-8/LC_NUMERIC"))
(allow file-read-data (path "/usr/share/locale/en_US.ISO8859-1/LC_NUMERIC"))
(allow file-read-metadata (path "/usr/share/locale/en_US.UTF-8/LC_TIME"))
(allow file-read-data (path "/usr/share/locale/en_US.ISO8859-1/LC_TIME"))
(allow file-read-metadata (path "/usr/share/locale/en_US.UTF-8/LC_MESSAGES/LC_MESSAGES"))
(allow file-read-data (path "/usr/share/locale/en_US.ISO8859-1/LC_MESSAGES/LC_MESSAGES"))
(allow file-read-metadata (path "/tmp"))
(allow file-read-metadata (path "/private/tmp"))
(allow file-read-data (path "/Users/haftandilian"))
(allow file-read-metadata (path "/tmp"))
(allow file-read-data (path "/private/tmp"))
(allow sysctl-read (sysctl-name "hw.pagesize_compat"))
~ $
</pre>
Haftandilian
202

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/1143625"