restricted networking for all sandboxing methods, new seatbelt profiles, updated docs, fixes to sandbox build, debugging through sandbox (#891)

author: Olcan <[email protected]> 2025-06-10 08:58:37 -0700
committer: GitHub <[email protected]> 2025-06-10 08:58:37 -0700
commit: e38d2078cc70b0453ef70523a8ad38279941aca2 (patch)
tree: b5a4024d1c006a2d116631ac7a51bb5b0eaf34a6 /packages/cli/src/utils/sandbox-macos-permissive-open.sb
parent: 895c1f132f9d1cc88bd56584e461fd22a5f23394 (diff)
1 files changed, 19 insertions, 0 deletions
diff --git a/packages/cli/src/utils/sandbox-macos-permissive-open.sb b/packages/cli/src/utils/sandbox-macos-permissive-open.sb
new file mode 100644
index 00000000..552efcd4
--- /dev/null
+++ b/packages/cli/src/utils/sandbox-macos-permissive-open.sb
@@ -0,0 +1,19 @@
+(version 1)
+
+;; allow everything by default
+(allow default)
+
+;; deny all writes EXCEPT under specific paths
+(deny file-write*)
+(allow file-write*
+    (subpath (param "TARGET_DIR"))
+    (subpath (param "TMP_DIR"))
+    (subpath (param "CACHE_DIR"))
+    (subpath (string-append (param "HOME_DIR") "/.gemini"))
+    (subpath (string-append (param "HOME_DIR") "/.npm"))
+    (subpath (string-append (param "HOME_DIR") "/.cache"))
+    (subpath (string-append (param "HOME_DIR") "/.gitconfig"))
+    (literal "/dev/stdout")
+    (literal "/dev/stderr")
+    (literal "/dev/null")
+)
+\ No newline at end of file
author	Olcan <[email protected]>	2025-06-10 08:58:37 -0700
committer	GitHub <[email protected]>	2025-06-10 08:58:37 -0700
commit	e38d2078cc70b0453ef70523a8ad38279941aca2 (patch)
tree	b5a4024d1c006a2d116631ac7a51bb5b0eaf34a6 /packages/cli/src/utils/sandbox-macos-permissive-open.sb
parent	895c1f132f9d1cc88bd56584e461fd22a5f23394 (diff)