1(version 1) 2(deny default) 3(import "system.sb") 4 5; System is read only 6(allow file-read* 7 (subpath "/var/mobile/Library/Caches")) 8 9(allow mach-register 10 (global-name "com.apple.snhelper")) 11 12(allow iokit-open 13 (iokit-user-client-class "AppleMobileFileIntegrityUserClient")) 14 15(allow ipc-posix-shm 16 (ipc-posix-name "apple.shm.notification_center")) 17 18(allow mach-lookup 19 (global-name "com.apple.system.logger") 20 (global-name "com.apple.system.notification_center")) 21 22(allow sysctl-read) 23