summaryrefslogtreecommitdiffstats
path: root/mDNSResponder/mDNSMacOSX/mDNSResponder.sb
diff options
context:
space:
mode:
Diffstat (limited to 'mDNSResponder/mDNSMacOSX/mDNSResponder.sb')
-rw-r--r--mDNSResponder/mDNSMacOSX/mDNSResponder.sb14
1 files changed, 7 insertions, 7 deletions
diff --git a/mDNSResponder/mDNSMacOSX/mDNSResponder.sb b/mDNSResponder/mDNSMacOSX/mDNSResponder.sb
index 5c8eedd7..30747491 100644
--- a/mDNSResponder/mDNSMacOSX/mDNSResponder.sb
+++ b/mDNSResponder/mDNSMacOSX/mDNSResponder.sb
@@ -50,10 +50,12 @@
(global-name "com.apple.CoreServices.coreservicesd")
(global-name "com.apple.coreservices.quarantine-resolver")
(global-name "com.apple.distributed_notifications.2")
+ (global-name "com.apple.distributed_notifications@1v3")
(global-name "com.apple.lsd.mapdb")
(global-name "com.apple.ocspd")
(global-name "com.apple.PowerManagement.control")
(global-name "com.apple.mDNSResponderHelper")
+ (global-name "com.apple.mDNSResponder_Helper")
(global-name "com.apple.SecurityServer")
(global-name "com.apple.SystemConfiguration.configd")
(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
@@ -110,7 +112,11 @@
(literal "/Library/Security/Trust Settings/Admin.plist")
(regex #"^/Library/Preferences/com\.apple\.security\.")
(literal "/Library/Preferences/SystemConfiguration/com.apple.PowerManagement.plist")
- (literal "/private/var/preferences/SystemConfiguration/preferences.plist"))
+ (literal "/private/var/preferences/SystemConfiguration/preferences.plist")
+ (subpath "/System/Library/Preferences/Logging")
+ (subpath "/AppleInternal/Library/Preferences/Logging")
+ (subpath "/Library/Preferences/Logging"))
+
; For MAC Address
(allow system-info (info-type "net.link.addr"))
@@ -122,12 +128,6 @@
(deny file-read-data (regex #"^/Library/Keychains/") (with no-log))
(allow file-read-data (literal "/Library/Keychains/System.keychain"))
-; Access to mDNSResponder Managed Preferences profile
-; instead of using (mobile-preferences-read "com.apple.mDNSResponder") we use the lines below for OSX compatibility
-(allow file-read* (literal "/private/var/Managed Preferences/mobile"))
-(allow file-read* (literal "/private/var/Library/Preferences/"))
-(allow file-read* (literal "/Library/Managed Preferences"))
-(allow file-read* (literal "/private/var/Managed Preferences/mobile/com.apple.mDNSResponder.plist"))
; Our Module Directory Services cache
(allow file-read-data
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-06 10:15:01 +0000