1(version 1) 2 3(deny default) 4 5(import "system.sb") 6 7(allow file-ioctl 8 (literal "/dev/auditsessions")) 9 10(allow file-read*) 11 12(allow file-read* file-write* 13 (regex #"^/private/var/db/auth\.db.*$") 14 (literal "/private/var/db/mds/system/mds.lock")) 15 16(allow mach-lookup 17 (global-name "com.apple.CoreServices.coreservicesd") 18 (global-name "com.apple.PowerManagement.control") 19 (global-name "com.apple.security.agentMain") 20 (global-name "com.apple.security.agentStub") 21 (global-name "com.apple.security.authhost") 22 (global-name "com.apple.SecurityServer") 23 (global-name "com.apple.system.opendirectoryd.api") 24 (global-name "com.apple.ocspd")) 25 26(allow ipc-posix-shm 27 (ipc-posix-name "apple.shm.notification_center") 28 (ipc-posix-name "com.apple.AppleDatabaseChanged")) 29 30(allow mach-per-user-lookup) 31 32(allow system-audit system-sched) 33