summaryrefslogtreecommitdiff
path: root/sysui
diff options
context:
space:
mode:
Diffstat (limited to 'sysui')
-rw-r--r--sysui/desktop/macosx/hardened_runtime.xcent.in23
-rw-r--r--sysui/desktop/macosx/lo.xcent.in28
2 files changed, 51 insertions, 0 deletions
diff --git a/sysui/desktop/macosx/hardened_runtime.xcent.in b/sysui/desktop/macosx/hardened_runtime.xcent.in
new file mode 100644
index 000000000000..74318ba0efe8
--- /dev/null
+++ b/sysui/desktop/macosx/hardened_runtime.xcent.in
@@ -0,0 +1,23 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+ <dict>
+ <!-- AppleScript support -->
+ <key>com.apple.security.automation.apple-events</key>
+ <true/>
+ <!-- Needed for our C++/binary UNO bridge runtime machine code generation: -->
+ <key>com.apple.security.cs.allow-jit</key>
+ <true/>
+ <!-- Needed for our C++/binary UNO bridge runtime machine code generation on old macOS that
+ reject mmap MAP_JIT (macOS <= 10.13?); and for in-process JVM: -->
+ <key>com.apple.security.cs.disable-executable-page-protection</key>
+ <true/>
+ <!-- allow use of third-party plugins/frameworks (aka Java) -->
+ <key>com.apple.security.cs.disable-library-validation</key>
+ <true/>
+ <!-- Allow Base to import data from Address Book -->
+ <key>com.apple.security.personal-information.addressbook</key>
+ <true/>
+ @GET_TASK_ALLOW_ENTITLEMENT@
+ </dict>
+</plist>
diff --git a/sysui/desktop/macosx/lo.xcent.in b/sysui/desktop/macosx/lo.xcent.in
new file mode 100644
index 000000000000..09a8df9b6fb5
--- /dev/null
+++ b/sysui/desktop/macosx/lo.xcent.in
@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+ <key>com.apple.security.app-sandbox</key>
+ <true/>
+ <key>com.apple.security.files.bookmarks.app-scope</key>
+ <true/>
+ <key>com.apple.security.files.bookmarks.document-scope</key>
+ <true/>
+ <key>com.apple.security.files.bookmarks.collection-scope</key>
+ <true/>
+ <key>com.apple.security.files.user-selected.read-write</key>
+ <true/>
+ <key>com.apple.security.network.client</key>
+ <true/>
+ <key>com.apple.security.print</key>
+ <true/>
+ <key>com.apple.security.cs.disable-executable-page-protection</key>
+ <true/>
+ <!-- Allow Base to import data from Address Book -->
+ <key>com.apple.security.personal-information.addressbook</key>
+ <true/>
+@SDREMOTE_ENTITLEMENT@
+@MACOSX_PROVISIONING_INFO@
+@GET_TASK_ALLOW_ENTITLEMENT@
+</dict>
+</plist>
generated by cgit (git 2.34.1) at 2025-01-09 10:32:43 +0000