macOS cheatsheet
Flush DNS cache
sudo dscacheutil -flushcache
sudo killall -HUP mDNSResponder
sandbox-exec
$ sandbox-exec -f restrictions.sb CMD ARG1...
$ cat restrictions.sb
(version 1)
(deny default)
(allow process-exec)
(allow sysctl-read)
(allow file-read* (subpath "/"))
- https://igorstechnoclub.com/sandbox-exec/
- To view violations in real-time:
log stream --style compact --predicate 'sender=="Sandbox"'