VCVRack
/
Rack
mirror of https://github.com/VCVRack/Rack.git
1
0
Fork 0
Code Issues 0 Releases 38 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
513 Commits
4 Branches
2.0GB
Tree: c26b909c1c
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'c26b909c1c'
${ noResults }
Rack/Rack.sb

63 lines
1.1KB
Raw Blame History 

  1. 

  2. (version 1)

  3. (debug allow)

  4. 

  5. (define rack-home "RACK_HOME")

  6. 

  7. ; This is needed for IPC on OSX >= 10.6

  8. (allow ipc-posix-shm)

  9. 

  10. ; Allow inbound and outbound connections

  11. (allow network-outbound)

  12. (allow network-inbound)

  13. 

  14. ; Allow reading with sysctl

  15. (allow sysctl-read)

  16. 

  17. ; Allow it to read metadata

  18. (allow file-read-metadata)

  19. 

  20. ; Allow it to run processes and fork

  21. (allow process*)

  22. 

  23. ; Allow it to signal self

  24. (allow signal)

  25. 

  26. (allow iokit-open)

  27. 

  28. (allow mach-lookup)

  29. 

  30. (allow system-socket)

  31. 

  32. (allow file-read* file-write* (subpath (param rack-home)))

  33. 

  34. ; Allow file reading

  35. (allow file-read*

  36.     (regex

  37.         #"^/Applications/Rack.app"

  38.         #"^/Library/*"

  39.         #"^/System/Library/*"

  40.         #"^/usr/*"

  41.         #"^/dev/*"

  42.         #"/Users/jon/Projects/Rack"

  43.         #"/Users/[^.]+/Library/Saved Application State/com.vcvrack.rack.savedState"

  44.     )

  45. )

  46. 

  47. ; Allow write access to a subset of the above

  48. (allow file-write*

  49.     (regex

  50.         #"^/private/var/*"

  51.         #"^/private/tmp/*"

  52.         #"^/var/folders/th/*"

  53.     )

  54. )

  55. 

  56. (allow file-issue-extension

  57.     (regex

  58.         #"^/private/var/*"

  59.     )

  60. )

  61. 

  62. (deny default)