MacOSX Leopard Sandbox (Seatbelt)

While most of the world is amazed by Leopard’s other 315 features, I’m digging through the system looking for more information on the sandbox.
The sandbox is a policy enforcement framework for applications, that is, when enabled and configured, it restricts what a given application can or cannot do. For instance, sshd may accept connections to port 22, but it may not create outbound connections to anywhere. One of the best know sandbox frameworks for BSDs and Linux is Systrace, by Niels Provos.
Interestingly enough, there’s now a “/dev/systrace” on MacOSX… It seems that the MacOSX sandbox (named “seatbelt”) is based on Systrace.
So, looking through the system, I found the folder where several policies kept: /usr/share/sandbox. I’m not quite sure if all these apps are in fact sandboxed (bsd.sb looks like a generic policy):

$ ls /usr/share/sandbox
bsd.sb named.sb syslogd.sb xgridagentd_task_somebody.sb
krb5kdc.sb ntpd.sb update.sb xgridcontrollerd.sb
mDNSResponder.sb portmap.sb xgridagentd.sb
mdworker.sb quicklookd.sb xgridagentd_task_nobody.sb

The syntax is very accessible, and even though I couldn’t yet find any documentation (besides 3 manpages that explain almost nothing), it looks like Apple did a pretty good job simplifying systrace’s configuration syntax. For example, if we had a simple webserver (/usr/bin/webserver) that only served static pages from /var/www/, a (very) simple policy would be something like this:

(version 1)
(debug deny)
(allow process-exec (regex #”^/usr/bin/webserver$”))
(allow process-fork)
(allow file-read-data file-read-metadata (regex
#”^/etc”
#”^/usr/lib/.*\.dylib$”
#”^/var”
#”^/private/var/db/dyld/”
#”^/dev/urandom$”
#”^/var/www/.*”))
(allow network-accept)
(allow network-inbound (to tcp4 “*:80″))
(deny default)

Saving the file as /tmp/policy, it can be run as:

$ sandbox-exec -f /tmp/policy /usr/bin/webserver

The above example works, except the allow network-inbound… For some reason it doesn’t enforce the port, allowing the app to bind to any port. Either the implementation is still buggy (from the comments on the policy files, it appears so), or I’m doing something wrong.

Anyway, I hope Apple releases the documentation for the policy configuration, since that would allow developers to also create a profile of their apps, and automagically start sandboxing all the apps. An automated policy generator, or an interactive one (a la systrace), would be even better… :)