I can't figure out where this policy is defined, and I'd like to know how it's defined because I'm trying to understand why it's imposed and what specifically the restrictions are. Here's a scenario:
[user:~] cd /tmp
[user:/tmp] mkdir -p test.app/Contents/Resources/Base.lproj
[user:/tmp] cd test.app/Contents/Resources
[user:/tmp/test.app/Contents/Resources] touch Base.lproj/test.nib
[user:/tmp/test.app/Contents/Resources] ln Base.lproj/test.nib ./test.nib
ln: ./test.nib: Operation not permitted
At that point, I see this sandbox violation in the system log:
SandboxViolation: ln(24784) System Policy: deny forbidden-link-priv
Violation: System Policy: deny forbidden-link-priv
Process: ln [24784]
Path: /bin/ln
But, I can still produce that scenario if I simply move the item out of the lproj directory, then create the hard link inside of the lproj directory, e.g.:
[user:/tmp/test.app/Contents/Resources] mv Base.lproj/test.nib ./
[user:/tmp/test.app/Contents/Resources] ln ./test.nib Base.lproj/test.nib
[user:/tmp/test.app/Contents/Resources] ls -li . Base.lproj/
.:
39267820 drwxr-xr-x 3 user wheel 102 Mar 1 12:55 Base.lproj
39267821 -rw-r--r-- 2 user wheel 0 Mar 1 12:55 test.nib
Base.lproj/:
39267821 -rw-r--r-- 2 user wheel 0 Mar 1 12:55 test.nib
Now the hard link exists, no complaints from the system. I also don't have any trouble creating these hardlinks if the parent folder hierarchy does not contain ".app", or if neither of the referents' parents is an lproj folder. So the rule seems to be specific to application bundles and lproj folders.
It looks like perhaps macOS doesn't want me to have a hard link between *.lproj resources and items outside of that lproj folder. Is that the case? Why not? (I have some guesses, but I'm hoping for an authoritative answer, or some documentation). Are there other scenarios blocked by this same "forbidden-link-priv" rule?
Incidentally, I don't have any interest in putting hard links such as these in my own applications, my concern arises when I try to copy (preserving hard links) application bundles that exist with these presumably illegal hard links.
Thanks for any insight,
Mike