A pretty “similar” article (in spirit?) I wrote a few years back: <a href="https://jmmv.dev/2019/11/macos-sandbox-exec.html" rel="nofollow">https://jmmv.dev/2019/11/macos-sandbox-exec.html</a>
Readers might also be interested in this script wrapper [0], which I believe was inspired by the linked blog post.<p>[0]: <a href="https://github.com/lynaghk/sandboxtron" rel="nofollow">https://github.com/lynaghk/sandboxtron</a>
We actually use this in our CI system to limit write access outside of the build environment’s build folder.<p>You can see some Julia code that generates the sandbox config rules here: <a href="https://github.com/JuliaCI/sandboxed-buildkite-agent/blob/main/common/mac_seatbelt_config.jl#L115" rel="nofollow">https://github.com/JuliaCI/sandboxed-buildkite-agent/blob/ma...</a>
oh, yeah, sandbox-exec is fun. for the record, the exact scheme they use is tinyscheme. the whole facility is largely undocumented, but it still somehow manages to be friendlier than seccomp -- i remember learning about it in a talk on the nix macos effort<p>you can “enjoy” the sight of some c++ directly generating scheme here: <a href="https://github.com/NixOS/nix/blob/2.9.2/src/libstore/build/local-derivation-goal.cc#L1915-L1967" rel="nofollow">https://github.com/NixOS/nix/blob/2.9.2/src/libstore/build/l...</a>