; Copyright (C) 2013 Apple Inc. All rights reserved. ; ; Redistribution and use in source and binary forms, with or without ; modification, are permitted provided that the following conditions ; are met: ; 1. Redistributions of source code must retain the above copyright ; notice, this list of conditions and the following disclaimer. ; 2. Redistributions in binary form must reproduce the above copyright ; notice, this list of conditions and the following disclaimer in the ; documentation and/or other materials provided with the distribution. ; ; THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' ; AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, ; THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ; PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS ; BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR ; CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF ; SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS ; INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN ; CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ; ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF ; THE POSSIBILITY OF SUCH DAMAGE. (allow iokit-open (iokit-user-client-class "IOHIDLibUserClient") (iokit-user-client-class "IOBluetoothHCIUserClient")) (shared-preferences-read "com.microsoft.PlayReady" "com.microsoft.autoupdate2") (shared-preferences-read-write "com.microsoft.silverlight") (allow file-write-create (home-library-literal "/Application Support/Microsoft")) (allow file-read* file-write* ;; Sigh, mode 777 in /Library. (subpath "/Library/Application Support/Microsoft/PlayReady") (home-library-subpath "/Application Support/Microsoft/PlayReady") (home-library-subpath "/Application Support/Microsoft/Silverlight") (home-library-subpath "/Caches/TemporaryItems")) (if (defined? 'semaphore-owner) (allow ipc-posix-sem (semaphore-owner same-sandbox)) (allow ipc-posix-sem (ipc-posix-name "LC_Mutex"))) ;; FIXME: (allow ipc-posix-shm* (ipc-posix-name-regex #"^CoreCLR_")) (allow network-bind (local ip)) (webkit-powerbox) (webkit-printing)