3 Replies
      Latest reply on Oct 16, 2019 2:58 AM by eskimo
      thomasjannaudpointfr Level 1 Level 1 (0 points)

        hi

        I have a rules file like this

         

        (version 1)
        (deny default)
        ...
        (allow file-write* (regex "/Users/thomas/Desktop"))

         

        When I use it on app A, it works fine (the app can write to the desktop) but when use it on app B, it doesn't work (the app cannot save a file to the desktop). So I made a test app (app C), a simple cocoa app that just writes a dummy string to a file, and it still doesn't work. If I replace (allow file-write* (regex "/Users/thomas/Desktop")) with (allow file-write*) it works on app B and C too, so I know that's the only thing that's wrong.

         

        So I really don't understand what's going on. How can it work for app A but not for B or C? Especially given that:

        • allowing all file-writes works (so I know the regex is the culprit, even though it works for app A (I tested that the app A can save to Desktop but not to other locations)
        • app C is minimal and is not a "blackbox"
        • I tried tons of different variations: literal instead of regex, "^/Users/thomas/Desktop", "^/Users/thomas/Desktop/" , "^/Users/thomas/Desktop/*", ...
        • apps A, B and C are not sandboxed apps if I run them normally (I can check this in the activity monitor)

         

        Thanks in advance for your help!