Hi, > There's a buffer somewhere that holds the sandbox definition string, > which contains $prefix a couple of times. I figure that's the one that's > actually overflowing, but I'd have to check.
In your case, I think this was a simple off-by-one, should be fixed in https://trac.macports.org/changeset/124145. > That code should really be rewritten to accept arbitrary sizes – last > time I've hit that I was lazy and just increased the buffer size :/ Taking a look at *that* part of the tracelib code was a good idea, though. Turns out generally allowing access to /usr will also allow access to /usr/local, and I didn't even notice before. Fixed (and deleted the messy code that did it) in https://trac.macports.org/changeset/124146 Also, added /Library/Frameworks to the deny list of the sandbox, since that directory causes some problems. -- Clemens Lang _______________________________________________ macports-dev mailing list [email protected] https://lists.macosforge.org/mailman/listinfo/macports-dev
