[99892] trunk/base/src/port1.0/portsandbox.tcl

jmr at macports.org jmr at macports.org
Tue Nov 20 19:18:04 PST 2012


Revision: 99892
          https://trac.macports.org/changeset/99892
Author:   jmr at macports.org
Date:     2012-11-20 19:18:04 -0800 (Tue, 20 Nov 2012)
Log Message:
-----------
some more safe sandbox exceptions

Modified Paths:
--------------
    trunk/base/src/port1.0/portsandbox.tcl

Modified: trunk/base/src/port1.0/portsandbox.tcl
===================================================================
--- trunk/base/src/port1.0/portsandbox.tcl	2012-11-21 03:13:21 UTC (rev 99891)
+++ trunk/base/src/port1.0/portsandbox.tcl	2012-11-21 03:18:04 UTC (rev 99892)
@@ -83,8 +83,10 @@
     }
 
     set portsandbox_profile "(version 1) (allow default) (deny file-write*) \
-(allow file-write-data (literal \"/dev/null\")) (allow file-write* (regex #\"^(/private)?(/var)?/tmp/\" \
-#\"^(/private)?/var/folders/\"))"
+(allow file-write-data (literal \"/dev/null\") (literal \"/dev/dtracehelper\") \
+(literal \"/dev/tty\") (literal \"/dev/stdin\") (literal \"/dev/stdout\") \
+(literal \"/dev/stderr\") (regex #\"^/dev/fd/\")) (allow file-write* \
+(regex #\"^(/private)?(/var)?/tmp/\" #\"^(/private)?/var/folders/\"))"
 
     foreach dir $allow_dirs {
         append portsandbox_profile " (allow file-write* ("
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/macports-changes/attachments/20121120/51851afd/attachment.html>


More information about the macports-changes mailing list