Sexprs in Leopard

Bill St. Clair noticed that Mac OS X Leopard's new “sandbox” facility uses Lisp syntax (supposedly it's actually TinyScheme).

/usr/share/sandbox/bsd.sb:

;; ;; common rules for various BSD daemons ;; Copyright (c) 2007 Apple Inc. All Rights reserved. ;; ;; WARNING: The sandbox rules in this file currently constitute ;; Apple System Private Interface and are subject to change at any time and ;; without notice. The contents of this file are also auto-generated and not ;; user editable; it may be overwritten at any time. ;; (version 1) (debug deny) (define (bsd.traverse-symlinks) (allow file-read-metadata)) (define (bsd.dylibs-and-frameworks) (allow file-read-data file-write-data (regex ; Allow files accessed by system dylibs and frameworks #"^/dev/null$" #"^(/private)?/var/run/syslog$" #"^/dev/u?random$" #"^/dev/dtracehelper$" #"/\.CFUserTextEncoding$" #"^(/private)?/etc/localtime$" #"^/usr/share/nls/" #"^/usr/share/zoneinfo/")) (allow file-read-data file-read-metadata (regex ; Allow reading system dylibs and frameworks #"^/usr/lib/.*\.dylib$" #"^/System/")) (allow ipc-posix-shm) ; Libnotify ) (bsd.traverse-symlinks) (bsd.dylibs-and-frameworks)

Update: My pal est of e7 fame has some code in TinyScheme (code he wrote in 1988) and so is now an official part of Mac OS X.

Posted by jjwiseman at October 30, 2007 08:22 AM

