diff options
| author | Christian Lohmaier <lohmaier+LibreOffice@googlemail.com> | 2023-11-02 10:44:10 +0100 |
|---|---|---|
| committer | Christian Lohmaier <lohmaier+LibreOffice@googlemail.com> | 2023-11-05 12:18:59 +0100 |
| commit | 2486803ee26c10751ff92e46c53cc03ad0a1218d (patch) | |
| tree | 3ad0fc3db0389f87d1acf9ec7a9a18ca6ae17d96 /sysui | |
| parent | cfd7cffb00f9f4ee934006a706184fefc8cb8d9d (diff) | |
move macOS specific entitlements file templates to sysui/desktop/macosx
generated location is kept to not have further changes in existing
scripts using those files.
Change-Id: Ia14864bd6f9c69e2c77d39806e733f50155d12b3
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/158791
Tested-by: Jenkins
Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
Diffstat (limited to 'sysui')
| -rw-r--r-- | sysui/desktop/macosx/hardened_runtime.xcent.in | 23 | ||||
| -rw-r--r-- | sysui/desktop/macosx/lo.xcent.in | 28 |
2 files changed, 51 insertions, 0 deletions
diff --git a/sysui/desktop/macosx/hardened_runtime.xcent.in b/sysui/desktop/macosx/hardened_runtime.xcent.in new file mode 100644 index 000000000000..74318ba0efe8 --- /dev/null +++ b/sysui/desktop/macosx/hardened_runtime.xcent.in @@ -0,0 +1,23 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> +<plist version="1.0"> + <dict> + <!-- AppleScript support --> + <key>com.apple.security.automation.apple-events</key> + <true/> + <!-- Needed for our C++/binary UNO bridge runtime machine code generation: --> + <key>com.apple.security.cs.allow-jit</key> + <true/> + <!-- Needed for our C++/binary UNO bridge runtime machine code generation on old macOS that + reject mmap MAP_JIT (macOS <= 10.13?); and for in-process JVM: --> + <key>com.apple.security.cs.disable-executable-page-protection</key> + <true/> + <!-- allow use of third-party plugins/frameworks (aka Java) --> + <key>com.apple.security.cs.disable-library-validation</key> + <true/> + <!-- Allow Base to import data from Address Book --> + <key>com.apple.security.personal-information.addressbook</key> + <true/> + @GET_TASK_ALLOW_ENTITLEMENT@ + </dict> +</plist> diff --git a/sysui/desktop/macosx/lo.xcent.in b/sysui/desktop/macosx/lo.xcent.in new file mode 100644 index 000000000000..09a8df9b6fb5 --- /dev/null +++ b/sysui/desktop/macosx/lo.xcent.in @@ -0,0 +1,28 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> +<plist version="1.0"> +<dict> + <key>com.apple.security.app-sandbox</key> + <true/> + <key>com.apple.security.files.bookmarks.app-scope</key> + <true/> + <key>com.apple.security.files.bookmarks.document-scope</key> + <true/> + <key>com.apple.security.files.bookmarks.collection-scope</key> + <true/> + <key>com.apple.security.files.user-selected.read-write</key> + <true/> + <key>com.apple.security.network.client</key> + <true/> + <key>com.apple.security.print</key> + <true/> + <key>com.apple.security.cs.disable-executable-page-protection</key> + <true/> + <!-- Allow Base to import data from Address Book --> + <key>com.apple.security.personal-information.addressbook</key> + <true/> +@SDREMOTE_ENTITLEMENT@ +@MACOSX_PROVISIONING_INFO@ +@GET_TASK_ALLOW_ENTITLEMENT@ +</dict> +</plist> |