From 6c5e9c6f1c4b6d753e7418df1f3e8294995a49d4 Mon Sep 17 00:00:00 2001
From: Richard Feldman <oss@rtfeldman.com>
Date: Mon, 9 Mar 2026 23:06:47 -0700
Subject: [PATCH] Resolve $TMPDIR on macOS instead of granting broad
 /var/folders access

Replace the blanket /var/folders read-write path with the resolved $TMPDIR
environment variable, which points to the per-user, per-session temp
directory (e.g. /private/var/folders/xx/xxxx/T/). This prevents the sandbox
from granting read-write access to all users' temp files on the system.
---
 crates/sandbox/src/sandbox.rs | 21 +++++++++++++++------
 1 file changed, 15 insertions(+), 6 deletions(-)

diff --git a/crates/sandbox/src/sandbox.rs b/crates/sandbox/src/sandbox.rs
index 55ec28cc0594d8fe0b2b92ba2fe57a63e4db5a32..71d07cbf6e58f2d65b75e833f9230ffae99ec453 100644
--- a/crates/sandbox/src/sandbox.rs
+++ b/crates/sandbox/src/sandbox.rs
@@ -144,12 +144,21 @@ impl ResolvedSystemPaths {
 
     #[cfg(target_os = "macos")]
     fn default_read_write() -> Vec<PathBuf> {
-        vec![
-            "/dev".into(),
-            "/private/tmp".into(),
-            "/var/folders".into(),
-            "/private/var/run/mDNSResponder".into(),
-        ]
+        let mut paths = vec![
+            PathBuf::from("/dev"),
+            PathBuf::from("/private/tmp"),
+            PathBuf::from("/private/var/run/mDNSResponder"),
+        ];
+        // Resolve $TMPDIR to the per-user, per-session temp directory
+        // (e.g. /private/var/folders/xx/xxxx/T/) rather than granting
+        // broad access to all of /var/folders.
+        if let Ok(tmpdir) = std::env::var("TMPDIR") {
+            let tmpdir = PathBuf::from(tmpdir);
+            if tmpdir.exists() {
+                paths.push(tmpdir);
+            }
+        }
+        paths
     }
 
     #[cfg(target_os = "linux")]