" (remote udp \"*:*\"))\n");
/* Also allow access to Bluetooth, USB, device files, etc. */
- cupsFilePuts(fp, "(allow iokit-open)\n");
+ cupsFilePuts(fp, "(allow iokit*)\n");
cupsFilePuts(fp, "(allow file-write* file-read-data file-read-metadata file-ioctl\n"
" (regex #\"^/dev/\"))\n");
cupsFilePuts(fp, "(allow distributed-notification-post)\n");
" (remote udp \"*:161\"))\n");
cupsFilePuts(fp, "(allow network-inbound\n"
" (local udp \"localhost:*\"))\n");
+ cupsFilePuts(fp, "(deny iokit* (with no-report))\n");
}
cupsFileClose(fp);