Sandbox prevent localhost listening on MacOS

[maiste]

The MacOS sandbox seems to prevent opening a connection on localhost. On the CI MacOS worker, the localhost:port binding raised:

Unix.Unix_error(Unix.EPERM, "bind", "")

@kit-ty-kate executed a command to test it and it also failed:

% ~/.opam/opam-init/hooks/sandbox.sh build nc -l 8000
nc: Operation not permitted

Would there be a way to tweak sandbox-exec to support it?

[kit-ty-kate]

It looks like a hard problem to fix sadly :/
sandbox-exec does not seem to support creating a new network namespace like bubblewrap --unshare-net can.
The best that can be done is:

(allow network* (local ip "localhost:*"))

but this would allow possible outside attackers to connect to the macOS machine remotely (I tested it) and maybe even highjacking some of the already open ports (not tested)

[maiste]

Spending some time looking at it this weekend; here is what I've found.

• This issue has already been discussed in the past: Sandboxing on MacOS is too strict #3659.
• They have had the same issue in bazel as they wanted to allow local bindings, too(block-network not working as expected in darwin-sandbox bazelbuild/bazel#10068). Their solution seems to be:

  (deny network*)
  (allow network-inbound (local ip "localhost:*"))
  (allow network* (remote ip "localhost:*"))