org.openssh.sshd.sb   [plain text]

;; Copyright (c) 2008 Apple Inc.  All Rights reserved.
;;
;; sshd - profile for privilege separated children
;;
;; WARNING: The sandbox rules in this file currently constitute 
;; Apple System Private Interface and are subject to change at any time and
;; without notice.
;;

(version 1)

(deny default)

(allow file-chroot)
(allow file-read-metadata (literal "/var"))

(allow sysctl-read)
(allow mach-per-user-lookup)
(allow mach-lookup
	(global-name "com.apple.system.notification_center")
	(global-name "com.apple.system.logger"))