User Profile

Ok, I found a way. If sandbox-exec calls Chrome directly, things break, but calling a wrapper that then calls Chrome is ok: (version 1) (allow default) (allow network*) (deny file* (subpath "/Users/nicolas")) (allow file-read-metadata (subpath "/Users/nicolas")) (deny file* (subpath "/Applications")) (deny file* (subpath "/Users/nicolas/Applications")) (allow file* (subpath "/Users/nicolas/Library/Application Support")) (allow process-exec (literal "/bin/ps") (literal "/path/to/chrome-runner") (with no-sandbox) ) The "chrome runner": #!/bin/sh /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome $ /usr/bin/sandbox-exec -f ./profile.sb ./chrome-runner ... actually opens Chrome I know this is a little unorthodox, but thanks for your patience Quinn!

@eskimo left some comments on your reply but it looks like they disappeared. Thanks for the quick reply. I'm trying to run a nodejs process in a sandbox so that it doesn't have access to the filesystem outside of its directory. The node process needs to spawn Chrome however, which I'm trying to run without the sandbox. We don’t support running applications as root. I'm not trying to run Chrome as root, I just noticed that when I started it with sudo, it worked. We don’t documented the sandbox programming language for third-party use. I understand, I was just hoping for pointers. :)