;; THIS IS THE MACOS SANDBOX FILE (version 1) (import "system.sb") (import "com.apple.corefoundation.sb") (corefoundation) ;; For Contacts - rdar://147442305 (import "contacts.sb") (contacts-client (param "_HOME") (param "_TMPDIR")) (define (home-subpath home-relative-subpath) (subpath (string-append (param "_HOME") home-relative-subpath))) (define (home-literal home-relative-literal) (literal (string-append (param "_HOME") home-relative-literal))) (define (home-prefix home-relative-subpath) (prefix (string-append (param "_HOME") home-relative-subpath))) (define (home-regex home-relative-regex) (regex (string-append "^" (regex-quote (param "_HOME")) home-relative-regex))) (allow file-read* file-write* (home-subpath "/Library/Suggestions") (home-subpath "/Library/PersonalizationPortrait") (home-subpath "/Library/Logs/PersonalizationPortrait") (home-subpath "/Library/Metadata/com.apple.IntelligentSuggestions") (home-literal "/Library/SyncedPreferences/com.apple.CoreSuggestions.plist") (home-literal "/Library/Keychains/login.keychain") ;; Security.framework (regex #"^/private/var/folders/[^/]+/[^/]+/C/mds/") ;; Security.framework (subpath (param "_TMPDIR")) ;; AddressBook lock, SQLite (mount-relative-regex "^/\\.TemporaryItems(/|$)") ;; NSData atomic write (home-subpath "/Library/Calendars") ;; EventKit (home-subpath "/Library/Application Support/AddressBook") ;; this needs to be r/w even if we only read: (home-subpath "/Library/Caches/com.apple.parsecd/CustomFeedback/") ;; Parsec feedback (Trystero uploads) (home-subpath "/Library/Caches/com.apple.proactive.eventtracker") ;; PET 2.0 (home-subpath "/Library/ResponseKit") ;; Required for Birthday extractions ) (allow file-write-create (home-literal "/Library/Metadata") ) (allow file-read* (home-subpath "/Library/Trial/NamespaceDescriptors") (home-subpath "/Library/Trial/Treatments") (literal "/Library/Preferences/.GlobalPreferences.plist") ;; rdar://49540921 (home-literal "/Library/Preferences/.GlobalPreferences.plist") ;; rdar://49540921 (home-regex #"/Library/Preferences/ByHost/\.GlobalPreferences\..*\.plist$") ;; rdar://49540921 (literal "/Library/Keychains/System.keychain") ;; Security.framework (literal "/private/var/db/mds/messages/se_SecurityMessages") ;; Security.framework (literal "/private/var/db/mds/system/mdsObject.db") ;; Security.framework (literal "/private/var/db/mds/system/mdsDirectory.db") ;; Spotlight (home-literal "/Library/Application Support/SyncServices/Local/SyncingClients.plist") ;; EventKit (literal "/Library/Application Support/CrashReporter/SubmitDiagInfo.domains") ;; MessageTracer (home-subpath "/Library/Mail/") ;; Mail attachments (home-subpath "/Library/Messages/Attachments/") ;; Messages attachments (regex #"^(/private)?/var/folders/[^/]+/[^/]+/[^/]+/com\.apple\.notificationcenter/attachments/.*") ;; Notifications attachments (subpath "/private/var/db/datadetectors/sys") ;; Data Detectors sources ) (allow file-read* file-write* (literal "/private/var/db/mds/system/mds.lock") ;; Security.framework ) ;; (allow file-read* (home-literal "/Library/Preferences/com.apple.LaunchServices/com.apple.launchservices.secure.plist")) (allow file-read* (regex #"\.app$")) (allow file-read* (regex #"\.app/Contents$")) (allow file-read* (regex #"\.app/Contents/Resources$")) (allow file-read* (regex #"/InfoPlist\.strings$")) (allow file-read* (regex #"/Info.plist$")) (allow file-read* (regex #"\.lproj$")) (allow mach-lookup (global-name "com.apple.awdd") ;; Trystero training sessions and stats (AWD) (global-name "com.apple.accountsd.accountmanager") ;; EventKit (global-name "com.apple.apsd") ;; SGDCloudKitSync (APNS) (global-name "com.apple.CalendarAgent") (global-name "com.apple.CalendarAgent.database") (global-name "com.apple.CalendarAgent.proxy") (global-name "com.apple.ContactsAgent.general") (global-name "com.apple.cloudd") ;; SGDCloudKitSync (CloudKit) (global-name "com.apple.contacts.donation.agent") ;; (global-name "com.apple.coreduetd") ;; HVPowerBudget (global-name "com.apple.coreduetd.knowledge") ;; PersonalizationPortrait (global-name "com.apple.coreduetd.knowledge.user") ;; PersonalizationPortrait (global-name "com.apple.coreduetd.context") ;; HVPowerBudget (global-name "com.apple.corerecents.recentsd") ;; for significant pseudo-contacts (global-name "com.apple.CoreServices.coreservicesd") ;; apparently needed by -[NSURL getResourceValue:forKey:error:] (global-name "com.apple.spotlight.SearchAgent") (global-name "com.apple.spotlight.IndexAgent") (global-name "com.apple.DiskArbitration.diskarbitrationd") ;; NSData atomic write (global-name "com.apple.distributed_notifications@Uv3") (global-name "com.apple.financed.service.financestore") ;; FinanceKit (global-name "com.apple.kvsd") ;; rdar://56668588 (global-name "com.apple.locationd.desktop.registration") ;; rdar://52199820 (global-name "com.apple.locationd.desktop.synchronous") ;; rdar://52199820 (global-name "com.apple.lsd.mapdb") ;; apparently needed by -[NSURL getResourceValue:forKey:error:] (global-name "com.apple.lsd.modifydb") ;; same, see (global-name "com.apple.metadata.mds") ;; (global-name "com.apple.mobileassetd") ;; SGAsset (global-name "com.apple.mobileassetd.v2") ;; SGAsset (global-name "com.apple.personalization.notificationCategorization") (global-name "com.apple.generativeexperiences.summarization") (global-name "com.apple.generativeexperiences.textcomposition") (global-name "com.apple.generativeexperiences.classification") (global-name "com.apple.reversetemplated") (global-name "com.apple.rtcreportingd") (global-name "com.apple.securityd.xpc") ;; SecItemCopyMatching (global-name "com.apple.SecurityServer") ;; Security.framework (global-name "com.apple.suggestd.contacts") ;; So that code in PersonalizationPortraitInternals call back into suggestd (global-name "com.apple.syncdefaultsd") (global-name "com.apple.system.opendirectoryd.api") ;; AddressBook.framework (global-name "com.apple.SystemConfiguration.configd") ;; SGDCloudKitSync (APNS) (global-name "com.apple.tccd") (global-name "com.apple.windowserver.active") ;; AGDCloudKitSync (APNS) (global-name "com.apple.FileCoordination") ;; MailServices for reimport (global-name "com.apple.duetactivityscheduler") ;; Duet activityStartedWithParameters:/activityStoppedWithParameters (global-name "com.apple.remindd") ;; Reminders found in Apps (global-name "com.apple.routined.registration") ;; LocationsOfInterest via CoreRoutine (global-name "com.apple.dprivacyd") ;; 55668594 (global-name "com.apple.dprivacyagentd") ;; 55668594 (global-name "com.apple.email.maild") ;; 60317475 (global-name "com.apple.Maps.MapsSync.store") ;; 64176268 (global-name "com.apple.coreservices.lsuseractivitymanager.xpc") ;; 64170965 (global-name "com.apple.assistant.backedup") ;; 64170965 (global-name "com.apple.powerlog.plxpclogger.xpc") ;; 72600155 (global-name "com.apple.SharedWebCredentials") ;; 74873898 (global-name "com.apple.ScreenTimeAgent.private") ;; 79992323 (global-name "com.apple.dmd.emergency-mode") ;; 79992323 (global-name "com.apple.dmd.policy") ;; 79992323 (global-name "com.apple.lsd.open") ;; 78400572 (global-name "com.apple.feedbackd.centralized-feedback") ;; feedbackd (global-name "com.apple.donotdisturb.service") ;; DND configurations (global-name "com.apple.donotdisturb.service.non-launching") (global-name "com.apple.containermanagerd") (global-name "com.apple.coreservices.launchservicesd") (global-name "com.apple.linkd.registry") (global-name "com.apple.linkd.mediator") (global-name "com.apple.fpsd") (global-name "com.apple.fairplayd") (global-name "com.apple.fairplayd.xpc") ) (allow file-read-metadata (literal "/Library/Caches/com.apple.DiagnosticReporting.HasBeenAppleInternal")) ;; See ;; We can't use shared-preferences-read as it's only defined in application.sb (allow user-preference-read (preference-domain "com.apple.CloudKit")) ;; 59030369 (allow user-preference-read (preference-domain "com.apple.iCal")) (allow user-preference-read (preference-domain "com.apple.MobileSMS")) (allow user-preference-read (preference-domain "com.apple.LanguageModeling")) (allow user-preference-read user-preference-write (preference-domain "com.apple.suggestions")) (allow user-preference-read user-preference-write (preference-domain "com.apple.suggestd")) (allow user-preference-read user-preference-write (preference-domain "com.apple.corespotlightui")) (allow user-preference-read (preference-domain "com.apple.spotlightui")) (allow user-preference-read user-preference-write (preference-domain "com.apple.ProactiveHarvesting")) (allow user-preference-read user-preference-write (preference-domain "com.apple.personalizationportrait.TextUnderstandingObserver")) (allow user-preference-read user-preference-write (preference-domain "com.apple.suggestions.TextUnderstandingObserver")) (allow user-preference-read (preference-domain "com.apple.security")) (allow file-read* (home-literal "/Library/Preferences/com.apple.security.plist")) (allow file-read* (literal "/Library/Preferences/com.apple.security.plist")) (allow user-preference-read (preference-domain "com.apple.security.revocation")) (allow file-read* (home-literal "/Library/Preferences/com.apple.security.revocation.plist")) (allow file-read* (literal "/Library/Preferences/com.apple.security.revocation.plist")) (allow file-read* (subpath "/Library/Managed Preferences")) ;; (allow managed-preference-read (preference-domain "kCFPreferencesAnyApplication")) ;; ;; CrashReporter support (allow file-read-metadata file-read-xattr (home-subpath "/Library/Logs/CrashReporter")) (allow file-read* file-write* (home-prefix "/Library/Logs/CrashReporter/personalization_") (home-prefix "/Library/Logs/CrashReporter/.personalization_")) (allow mach-lookup (global-name "com.apple.CrashReporterSupportHelper")) ;;; Homedir readable paths (allow file-read* (home-literal "/.CFUserTextEncoding")) (allow file-read-metadata) ;; (allow ipc-posix-shm-read* ipc-posix-shm-write-data (ipc-posix-name "com.apple.AppleDatabaseChanged") ;; Security.framework ) (allow ipc-posix-shm-read-data (ipc-posix-name-regex #"^/tmp/com.apple.csseed.[0-9]+$") ;; ) (allow system-fsctl ; (fsctl-command (_IO "h" 47)) ; HFSIOC_SET_HOTFILE_STATE (fsctl-command (_IO "z" 23)) ; afpfsByteRangeLock2FSCTL ) ;; (allow file-read* (home-subpath "/Library/Caches/GeoServices")) ;; SGAsset (allow file-read* (require-all (subpath "/Library/Assets") (extension "com.apple.assets.read"))) ;; SGAsset (allow user-preference-read (preference-domain "com.apple.SoftwareUpdate")) ;; GMS availability service (allow user-preference-read (preference-domain "com.apple.gms.availability")) ;; Mail settings for summarization (allow file-read* (home-literal "/Library/Group Containers/group.com.apple.mail/Library/Preferences/group.com.apple.mail.plist")) (allow user-preference-read (preference-domain "group.com.apple.mail")) ;; PersonalizationPortrait rdar://problem/33593450 (allow user-preference-read (preference-domain "com.apple.assistant.support")) ;; PersonalizationPortrait rdar://problem/93386495 (allow user-preference-read (preference-domain "com.apple.assistant.backedup")) ;; PersonalizationPortrait (allow user-preference-read user-preference-write (preference-domain "com.apple.proactive.PersonalizationPortrait")) ;; Address book ;; Copied and pasted from application.sb, ;; excluding the addressbook lock dir part and everything below it (we don't need it and relies on functions only provided in application.sb) (allow distributed-notification-post) (with-filter (extension "com.apple.tcc.kTCCServiceAddressBook") (allow mach-lookup (global-name "com.apple.AddressBook.abd") (global-name "com.apple.AddressBook.AddressBookApplicationFrameworkIPC") (global-name "com.apple.AddressBook.AssistantService") (global-name "com.apple.AddressBook.ContactsAccountsService") (global-name "com.apple.AddressBook.SourceSync") (global-name "com.apple.ContactsAgent.addressbook")) (allow user-preference-read user-preference-write (preference-domain "com.apple.AddressBook")) ; (this line modified from application.sb to remove dependency on a function) (allow file-read* file-write* (home-subpath "/Library/Application Support/AddressBook"))) ;; For reminder model inference (allow iokit-open (iokit-user-client-class "AGXSharedUserClient") (iokit-user-client-class "AGXCommandQueue")) ;; For reminder model inference (allow sysctl-read (sysctl-name "kern.bootsessionuuid")) ;; (allow mach-lookup (global-name "com.apple.coreduetd.people")) (allow file-read* (literal "/private/var/db/CoreDuet/People/interactionC.db") (literal "/private/var/db/CoreDuet/People/interactionC.db-shm") (literal "/private/var/db/CoreDuet/People/interactionC.db-wal")) (allow file-write* (literal "/private/var/db/CoreDuet/People/interactionC.db-shm")) ;; ;; Necessary to use LaunchServices openURL SPI (allow mach-lookup (global-name "com.apple.coreservices.quarantine-resolver")) (allow lsopen) ;; ;; Like the above radar but for macOS since we control our own .sb. ;; Need outbound network access to query DNS for DKIM. (allow network-outbound (literal "/private/var/run/mDNSResponder")) ;; rdar://74712121 (allow user-preference-read (preference-domain "com.apple.SocialLayer")) ;; rdar://75978772 (allow user-preference-read (preference-domain "com.apple.EmojiPreferences")) ;; rdar://74984503 (allow mach-lookup (global-name "com.apple.biomesyncd.sync")) ;; Allow suggestd to issue a sandbox extension token for the topic score cache (allow file-issue-extension (require-all (extension-class "com.apple.app-sandbox.read") (home-subpath "/Library/PersonalizationPortrait/Topics/ScoreCache"))) ;; Allow suggestd to issue a sandbox extension token for Messages attachments (allow file-issue-extension (require-all (extension-class "com.apple.app-sandbox.read") (home-subpath "/Library/Messages/Attachments/"))) ;; rdar://77462972 (allow user-preference-read (preference-domain "com.apple.TelephonyUtilities")) ;; rdar://77622187 (allow mach-lookup (global-name "com.apple.biome.access.user")) ;; rdar://78032673 (allow mach-lookup (global-name "com.apple.biome.compute.source.user")) ;; rdar://86493288 (allow mach-lookup (global-name "com.apple.contactsd.persistence")) ;; rdar://88386782 ;; for AMS cookie storage data vault (allow mach-lookup (global-name "com.apple.xpc.amsaccountsd")) ;; rdar://104041873 (Call into textunderstandingd from ProactiveHarvesting) (allow mach-lookup (global-name "com.apple.TextUnderstanding.DocumentUnderstandingHarvesting")) ;; rdar://121621226 (Use INSearchForMessagesIntent for context inflation for 3rd party messaging apps) (allow mach-lookup (global-name "com.apple.pluginkit.pkd")) ;; rdar://119356341 (Call out to medianalysis for photo captions) (allow mach-lookup (global-name "com.apple.mediaanalysisd.analysis")) ;; rdar://125594050 ([Presub][Forwarded email][MAC] None of Event not get extracted) (allow mach-lookup (global-name "com.apple.intelligenceplatform.Knosis")) ;; rdar://145347423 (Call TU2 APIs from Suggestions for Events & Wallet) (allow mach-lookup (global-name "com.apple.TextUnderstanding.process")) ;; rdar://146785509 (allow iokit-open-user-client (iokit-user-client-class "IOSurfaceRootUserClient") (iokit-user-client-class "AppleKeyStoreUserClient") (iokit-user-client-class "AppleVirtIONeuralEngineDeviceUserClient") (iokit-user-client-class "AppleParavirtDeviceUserClient") ) ;; rdar://146785509 (allow mach-lookup (global-name "com.apple.tccd.system") (global-name "com.apple.coreduetd.people.user") ) ;; rdar://151648852 (allow user-preference-read (preference-domain "com.apple.SiriViewService"))