From 8dc8c1a9b520dc418a677c66d1c4cb7c23831334 Mon Sep 17 00:00:00 2001 From: Charlie Fenton Date: Sun, 6 Nov 2022 22:41:46 -0800 Subject: [PATCH] Mac: Add new security access restrictions profile for project graphics. Update screensaver options UI file for Xcode 14. --- clientscr/res/BOINCSaver.xib | 6 +++--- clientscr/res/mac_restrict_access.sb | 8 ++++++++ 2 files changed, 11 insertions(+), 3 deletions(-) create mode 100644 clientscr/res/mac_restrict_access.sb diff --git a/clientscr/res/BOINCSaver.xib b/clientscr/res/BOINCSaver.xib index 5286b9392f..aa6a7c55ea 100644 --- a/clientscr/res/BOINCSaver.xib +++ b/clientscr/res/BOINCSaver.xib @@ -1,8 +1,8 @@ - + - - + + diff --git a/clientscr/res/mac_restrict_access.sb b/clientscr/res/mac_restrict_access.sb new file mode 100644 index 0000000000..39798b0a8d --- /dev/null +++ b/clientscr/res/mac_restrict_access.sb @@ -0,0 +1,8 @@ +(version 1) +(allow default) +(deny file-read* (subpath "/Users") (subpath "/Volumes") (subpath "/private") (subpath "/etc") (subpath "/cores") (subpath "/opt") (subpath "/dev") (subpath "/var")) +(deny file-write* (subpath "/Users") (subpath "/Volumes") (subpath "/private") (subpath "/etc") (subpath "/cores") (subpath "/opt") (subpath "/dev") (subpath "/var")) +(deny file-read* (subpath "/Library/Application Support") ) +(deny file-write* (subpath "/Library/Application Support") ) +(allow file-write* (subpath "/Library/Application Support/BOINC Data") (subpath "/private/tmp") ) +(allow file-read* (subpath "/Library/Application Support/BOINC Data") (subpath "/private/tmp") )