tvl-depot/third_party/nix/src/libstore/sandbox-network.sb
Vincent Ambo 7994fd1d54 Add 'third_party/nix/' from commit 'be66c7a6b24e3c3c6157fd37b86c7203d14acf10'
git-subtree-dir: third_party/nix
git-subtree-mainline: cf8cd640c1
git-subtree-split: be66c7a6b24e3c3c6157fd37b86c7203d14acf10
2020-05-17 15:52:38 +01:00

16 lines
513 B
Text

; Allow local and remote network traffic.
(allow network* (local ip) (remote ip))
; Allow access to /etc/resolv.conf (which is a symlink to
; /private/var/run/resolv.conf).
(allow file-read-metadata
(literal "/var")
(literal "/etc")
(literal "/etc/resolv.conf")
(literal "/private/etc/resolv.conf"))
(allow file-read*
(literal "/private/var/run/resolv.conf"))
; Allow DNS lookups.
(allow network-outbound (remote unix-socket (path-literal "/private/var/run/mDNSResponder")))