diff options
author | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2017-11-08 16:16:42 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-11-08 16:16:42 +0100 |
commit | 513b143cd8fff4d7d931e14fd26306579cb9be31 (patch) | |
tree | 4f5802f905de0392d07e14544ac8a1a2c5ea3ad1 | |
parent | fd10f6f2414521947ca60b9d1508d909f50e9faa (diff) | |
parent | bc6b3f7e8fa46c183e20a9f28a5e0a7a6a19429d (diff) |
Merge pull request #1650 from copumpkin/darwin-sandbox-unix-socket
Always allow builds to use unix domain sockets in Darwin sandbox
-rw-r--r-- | src/libstore/sandbox-defaults.sb | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/src/libstore/sandbox-defaults.sb b/src/libstore/sandbox-defaults.sb index c8436d986..f556a26a0 100644 --- a/src/libstore/sandbox-defaults.sb +++ b/src/libstore/sandbox-defaults.sb @@ -25,7 +25,14 @@ (allow mach-lookup (global-name "com.apple.system.opendirectoryd.libinfo")) ; Access to /tmp. -(allow file* process-exec (literal "/tmp") (subpath TMPDIR)) +; The network-outbound/network-inbound ones are for unix domain sockets, which +; we allow access to in TMPDIR (but if we allow them more broadly, you could in +; theory escape the sandbox) +(allow file* process-exec network-outbound network-inbound + (literal "/tmp") (subpath TMPDIR)) + +; Always allow unix domain sockets, since they can't hurt purity or security + ; Some packages like to read the system version. (allow file-read* (literal "/System/Library/CoreServices/SystemVersion.plist")) |