Changeset 98679


Ignore:
Timestamp:
Oct 12, 2012, 11:15:53 PM (12 years ago)
Author:
jmr@…
Message:

add /var/folders to sandbox

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/base/src/port1.0/portsandbox.tcl

    r98281 r98679  
    7070
    7171    set portsandbox_profile "(version 1) (allow default) (deny file-write*) \
    72 (allow file-write-data (literal \"/dev/null\")) (allow file-write* (regex #\"^(/private)?(/var)?/tmp/\"))"
     72(allow file-write-data (literal \"/dev/null\")) (allow file-write* (regex #\"^(/private)?(/var)?/tmp/\" \
     73#\"^(/private)?/var/folders/\"))"
     74
    7375    foreach dir $allow_dirs {
    74         append portsandbox_profile " (allow file-write* "
     76        append portsandbox_profile " (allow file-write* ("
    7577        if {${os.major} > 9} {
    76             append portsandbox_profile "(subpath \"${dir}\")"
     78            append portsandbox_profile "subpath \"${dir}\"))"
    7779        } else {
    78             append portsandbox_profile "(regex #\"^${dir}/\")"
     80            append portsandbox_profile "regex #\"^${dir}/\"))"
    7981        }
    80         append portsandbox_profile ")"
    8182    }
    8283}
Note: See TracChangeset for help on using the changeset viewer.