Make the default impure prefix (not actual allowed impurities!) include all of /System/Library, since we also want PrivateFrameworks from there and (briefly) TextEncodings, and who knows what else. Yay infectious impurities?

This commit is contained in:
Dan Peebles 2015-03-02 23:01:24 -05:00
parent cffa7f80ab
commit 336c4270c6

View file

@ -56,7 +56,7 @@
/* chroot-like behavior from Apple's sandbox */
#if __APPLE__
#define SANDBOX_ENABLED 1
#define DEFAULT_ALLOWED_IMPURE_PREFIXES "/System/Library/Frameworks /usr/lib /dev /bin/sh"
#define DEFAULT_ALLOWED_IMPURE_PREFIXES "/System/Library /usr/lib /dev /bin/sh"
#else
#define SANDBOX_ENABLED 0
#define DEFAULT_ALLOWED_IMPURE_PREFIXES "/bin" "/usr/bin"