Yeah, I get that. I'm looking to see if there's some way of making /usr/local more of an ENOENT than an EPERM sort of lookup.
On Sep 26, 2012, at 9:12 AM, Clemens Lang <[email protected]> wrote: > On Thu, Sep 27, 2012 at 02:24:44AM +1000, Joshua Root wrote: >> % sandbox-exec -p '(version 1) (allow default) (deny file* (subpath >> "/usr/local") (subpath "/Library/Frameworks"))' gcc test.c >> cc1: error: /usr/local/include: Operation not permitted >> cc1: error: /Library/Frameworks: Operation not permitted > > Ideally, the sandboxing could just pretend /usr/local wasn't there to > begin with? Just denying access unfortunately isn't of any use to us. > > -- > Clemens Lang > > _______________________________________________ > macports-dev mailing list > [email protected] > http://lists.macosforge.org/mailman/listinfo/macports-dev _______________________________________________ macports-dev mailing list [email protected] http://lists.macosforge.org/mailman/listinfo/macports-dev
