diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 00000000..b845e8d0
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,9 @@
+FROM debian:bullseye
+
+RUN set -xe; \
+    apt-get -yqq update; \
+    apt-get install -y python2.7 python3 python3-pip; \
+	pip3 install lief;
+
+COPY  helpers /sandblaster/helpers/
+COPY reverse-sandbox /sandblaster/reverse-sandbox
diff --git a/tests/iPhone5__1_9.3_13E237/inputs/sandbox.kext b/tests/iPhone5__1_9.3_13E237/inputs/sandbox.kext
new file mode 100644
index 00000000..fb07cbea
Binary files /dev/null and b/tests/iPhone5__1_9.3_13E237/inputs/sandbox.kext differ
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/AGXCompilerService.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/AGXCompilerService.sb
new file mode 100644
index 00000000..f69fc1d1
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/AGXCompilerService.sb
@@ -0,0 +1,386 @@
+(version 1)
+(deny default)
+(allow file-ioctl
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(literal "/dev/dtracehelper"))
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal "/dev/random")
+	(subpath "/Developer")
+	(literal "/dev/urandom")
+	(literal "/dev/ptmx")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/System/Library")
+	(literal "/dev/aes_0")
+	(literal "/dev/dtracehelper")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.sandbox.executable")
+	(literal "/private/etc/master.passwd")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal "/dev/zero")
+	(subpath "/usr/lib")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(subpath "/usr/share")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(subpath "/private/var/db/timezone")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(subpath-prefix "${FRONT_USER_HOME}/Library/Logs/OpenGL")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(subpath "/private/var/tmp")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(require-not (vnode-type BLOCK-DEVICE))
+		(require-not (vnode-type CHARACTER-DEVICE))
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/private/var/tmp")
+	(subpath-prefix "${FRONT_USER_HOME}/Library/Logs/OpenGL")
+	(require-all
+		(require-not (vnode-type BLOCK-DEVICE))
+		(require-not (vnode-type CHARACTER-DEVICE))
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-write-create
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open
+	(extension "com.apple.security.exception.iokit-user-client-class")
+	(iokit-user-client-class "AppleMobileFileIntegrityUserClient"))
+(allow iokit-get-properties)
+(allow ipc-posix-shm*
+	(ipc-posix-name-regex #"^stack-logs")
+	(ipc-posix-name-regex #"^OA-")
+	(ipc-posix-name-regex #"^/FSM-"))
+(allow ipc-posix-shm-read*
+	(ipc-posix-name-regex #"^gdt-[0-9A-Za-z]+-c$" #"^gdt-[0-9A-Za-z]+-s$")
+	(ipc-posix-name "apple.shm.notification_center")
+	(ipc-posix-name-regex #"^apple[.]shm[.]cfprefsd[.]"))
+(allow ipc-posix-shm-write-data
+	(ipc-posix-name-regex #"^gdt-[0-9A-Za-z]+-c$" #"^gdt-[0-9A-Za-z]+-s$"))
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.lsd.icons")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow mach-register
+	(require-all
+		(extension "com.apple.security.exception.mach-register.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(extension "com.apple.security.exception.mach-register.global-name")
+		(global-name-regex #".+")))
+(allow network-outbound
+	(require-all
+		(require-not (regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
+		(literal "/private/var/run/syslog")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow signal
+	(target self))
+(allow sysctl-read)
+(allow system-privilege)
+(allow system-sched
+	(require-entitlement "com.apple.private.kernel.override-cpumon"))
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/AGXCompilerService.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/AGXCompilerService.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/AGXCompilerService.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/AdSheet.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/AdSheet.sb
new file mode 100644
index 00000000..5637d932
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/AdSheet.sb
@@ -0,0 +1,1508 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(extension-class "com.apple.app-sandbox.read")
+	(extension-class "com.apple.quicklook.readonly")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(extension-class "com.apple.mediaserverd.read")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(subpath-prefix "${HOME}/Media/MediaAnalysis")
+		(require-any
+			(extension-class "com.apple.mediaserverd.read-write")
+			(extension-class "com.apple.mediaserverd.read")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(literal-prefix "${HOME}/Library/SpringBoard"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(subpath "/private/var/MobileAsset")
+		(extension "com.apple.assets.read")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(subpath-prefix "${HOME}/Media/Photos")
+		(require-any
+			(extension-class "com.apple.mediaserverd.read-write")
+			(extension-class "com.apple.mediaserverd.read")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(subpath-prefix "${HOME}/Media/DCIM")
+		(require-any
+			(extension-class "com.apple.mediaserverd.read-write")
+			(extension-class "com.apple.mediaserverd.read")))
+	(require-all
+		(subpath "/private/var/tmp")
+		(require-any
+			(extension-class "com.apple.app-sandbox.read")
+			(extension-class "com.apple.app-sandbox.read-write")
+			(extension-class "com.apple.mediaserverd.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]AdSheetPad/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]AdSheetPad$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]AdSheetPhone/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]AdSheetPhone$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]AdSheetP(ad|hone)/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]AdSheetP(ad|hone)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(subpath-prefix "${HOME}/Media/Debug")
+		(require-any
+			(extension-class "com.apple.mediaserverd.read-write")
+			(extension-class "com.apple.mediaserverd.read")))
+	(require-all
+		(subpath-prefix "${HOME}/Media")
+		(extension "com.apple.avasset.read-only")
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(require-all
+				(subpath-prefix "${HOME}/Library/OnDemandResources/AssetPacks")
+				(extension "com.apple.odr-assets"))
+			(require-all
+				(subpath "/private/var/containers/Data/System/com.apple.ondemandd/Library/AssetPacks")
+				(extension "com.apple.odr-assets"))))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]AdSheetPad/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]AdSheetPad$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]AdSheetPhone/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]AdSheetPhone$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]AdSheetP(ad|hone)/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]AdSheetP(ad|hone)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Media/PhotoStreamsData"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(subpath-prefix "${HOME}/Media"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(subpath-prefix "${HOME}/Media/Memories")
+		(require-any
+			(extension-class "com.apple.mediaserverd.read-write")
+			(extension-class "com.apple.mediaserverd.read")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(subpath-prefix "${HOME}/Media/Photos")
+			(subpath-prefix "${HOME}/Media/PhotoData")
+			(subpath-prefix "${HOME}/Media/MediaAnalysis")
+			(subpath-prefix "${HOME}/Media/Debug")
+			(subpath-prefix "${HOME}/Media/Memories")
+			(subpath-prefix "${HOME}/Media/DCIM")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]AdSheetPad/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]AdSheetPad$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]AdSheetPhone/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]AdSheetPhone$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]AdSheetP(ad|hone)/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]AdSheetP(ad|hone)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(subpath-prefix "${HOME}/Media/PhotoData")
+		(require-any
+			(extension-class "com.apple.mediaserverd.read-write")
+			(extension-class "com.apple.mediaserverd.read")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-only")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-only")
+				(extension "com.apple.tcc.kTCCServicePhotos"))))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(require-all
+				(subpath-prefix "${HOME}/Library/OnDemandResources/AssetPacks")
+				(extension "com.apple.odr-assets"))
+			(require-all
+				(subpath "/private/var/containers/Data/System/com.apple.ondemandd/Library/AssetPacks")
+				(extension "com.apple.odr-assets"))))
+	(require-all
+		(subpath "/private/var/tmp/MediaCache")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(extension "com.apple.librarian.ubiquity-container")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Assets")
+		(extension "com.apple.assets.read")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(subpath-prefix "${HOME}/Media/Photos")
+			(subpath-prefix "${HOME}/Media/PhotoData")
+			(subpath-prefix "${HOME}/Media/MediaAnalysis")
+			(subpath-prefix "${HOME}/Media/Debug")
+			(subpath-prefix "${HOME}/Media/Memories")
+			(subpath-prefix "${HOME}/Media/DCIM")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(subpath-prefix "${HOME}/Media/PhotoStreamsData")
+		(extension-class "com.apple.mediaserverd.read")))
+(allow file-link
+	(require-all
+		(require-not (subpath-prefix "${HOME}/Library/AddressBook"))
+		(require-any
+			(require-not (subpath-prefix "${HOME}/Media"))
+			(require-entitlement "platform-application"))))
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(subpath "/System/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AdSheetPad.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileSMS.plist")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/Ringtones.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+	(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.public.notbackedup.plist")
+	(literal-prefix "${HOME}/Library/Cookies/com.apple.iAd.cookiedb-journal")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+	(literal-prefix "${HOME}/Library/Cookies/com.apple.iAd.cookiedb")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AOSNotification.public.notbackedup.plist")
+	(literal-prefix "${HOME}/Library/SpringBoard")
+	(subpath-prefix "${HOME}/Media/Purchases")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.iTunesStore/URLCache")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreDuet.plist")
+	(literal-prefix "${HOME}/Library/Cookies/com.apple.iAd.cookiedb-shm")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AdSheetPhone.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.adtracking.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoRegistry.plist")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.AdSheetPhone")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.postwipe.plist")
+	(subpath "/private/var/db/timezone")
+	(subpath-prefix "${HOME}/Media/iTunes_Control/Ringtones")
+	(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.pairedsync.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AdLib.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.iad.LocationPermissions")
+	(literal-prefix "${HOME}/Library/Cookies")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.iad.adlibd")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(extension "com.apple.sandbox.executable")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.AdSheetPad")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.locationd.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.reminders.plist")
+	(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+	(subpath "/private/var/tmp")
+	(subpath-prefix "${HOME}/Library/SMS")
+	(literal-prefix "${HOME}/Library/Cookies/com.apple.iAd.cookiedb-wal")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaremote.plist")
+	(subpath "/Developer")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.iad")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataMigration.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.springboard.sharedimagecache/Wallpaper")
+	(require-all
+		(regex #"^/private/var/mobile/Library/SpringBoard/Lock.+" #"^/private/var/mobile/Library/SpringBoard/.+Lock.+" #"^/private/var/mobile/Library/SpringBoard/Home.+" #"^/private/var/mobile/Library/SpringBoard/.+Home.+" #"^/private/var/euser[0-9]+/Library/SpringBoard/((.*Lock|Home)|.+Home).+")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Caches/GeoServices/tguid.bin"))
+		(require-any
+			(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileAsset.plist")
+			(subpath "/private/var/containers/Data/System/com.apple.geod")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+			(literal-prefix "${HOME}/Library/Preferences/com.apple.dataaccess.launchd")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.keyboard.plist")
+			(literal "/private/var/preferences/SystemConfiguration/com.apple.accounts.exists.plist")
+			(literal-prefix "${HOME}/Library/Keyboard/LocalDictionary")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Sharing.plist")
+			(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+			(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-wal")
+			(subpath "/Library/Dictionaries")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.UIKit.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Accessibility.plist")
+			(literal "/private/var/preferences/com.apple.security.plist")
+			(subpath-prefix "${HOME}/Library/Caches/com.apple.IconsCache")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AOSNotification.public.notbackedup.plist")
+			(subpath-prefix "${HOME}/Library/Caches/com.apple.keyboards")
+			(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb-journal")
+			(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-journal")
+			(literal "/private/var/preferences/SystemConfiguration/com.apple.twitter.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.medialibrary.plist")
+			(subpath-prefix "${FRONT_USER_HOME}/Library/Caches/GeoServices")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.SpeakSelection.plist")
+			(literal-prefix "${HOME}/Library/Caches/com.apple.iTunesStore/network-constraints.plist")
+			(subpath-prefix "${HOME}/Library/Fonts")
+			(literal-prefix "${HOME}/Library/Caches/DateFormats.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.preferences.sounds.plist")
+			(extension "com.apple.app-sandbox.read")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+			(subpath-prefix "${HOME}/Library/Assets/com_apple_MobileAsset_VoiceServicesVocalizerVoice")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+			(literal "/com.apple.xpc.launchd.bootstrap.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iokit.IOMobileGraphicsFamily.plist")
+			(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MapKit.internal.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreMotion.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iapd.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Preferences.plist")
+			(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mt.plist")
+			(literal "/private/var/preferences/SystemConfiguration/com.apple.facebook.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.EmojiPreferences.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreanimation.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.da.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+			(literal-prefix "${HOME}/Library/Cookies")
+			(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+			(literal-prefix "${HOME}/Library/Caches/com.apple.itunesstored/url-resolution.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.homesharing.plist")
+			(literal "/private/var/preferences/com.apple.networkd.plist")
+			(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb-shm")
+			(extension "com.apple.app-sandbox.read-write")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.nanoprefsyncd.plist")
+			(subpath-prefix "${HOME}/Library/VoiceServices/Assets")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.support.plist")
+			(subpath-prefix "${HOME}/Library/Dictionaries")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.telephonyutilities.dialassist.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.voiceservices.plist")
+			(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.public.plist")
+			(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.plist")
+			(subpath-prefix "${HOME}/Library/Caches/com.apple.UIStatusBar")
+			(literal "/private/var/preferences/SystemConfiguration/com.apple.radios.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.InputModePreferences.plist")
+			(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+			(literal "/private/var/preferences/SystemConfiguration/com.apple.linkedin.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebUI.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist")
+			(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb")
+			(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb-wal")
+			(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-shm")
+			(literal-prefix "${HOME}/Media/iTunes_Control/iTunes")
+			(literal "/private/var/preferences/SystemConfiguration/com.apple.sinaweibo.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.VoiceOverTouch.plist")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/Application Support/CloudDocs/session/r")
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.clouddocs.version"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/Assets")
+				(extension "com.apple.assets.read"))
+			(require-all
+				(subpath "/private/var/MobileAsset")
+				(extension "com.apple.assets.read"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/Application Support/Ubiquity/genstore")
+				(extension "com.apple.librarian.ubiquity-revision"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(subpath "/private/var/containers/Data/System/com.apple.ondemandd/Library/AssetPacks")
+				(extension "com.apple.odr-assets"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+				(extension "com.apple.revisiond.revision"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/Mobile Documents")
+				(require-any
+					(extension "com.apple.librarian.ubiquity-container")
+					(require-entitlement "com.apple.private.librarian.container-proxy")))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com.apple.iTunesStore/ISURLBag/com[.]apple[.]AdSheetPad$" #"^/private/var/mobile/Library/Caches/com.apple.iTunesStore/ISURLBag/com[.]apple[.]AdSheetPad/$" #"^/private/var/mobile/Library/Caches/com.apple.iTunesStore/ISURLBag/com[.]apple[.]AdSheetPad/.+$" #"^/private/var/mobile/Library/Caches/com.apple.iTunesStore/ISURLBag/com[.]apple[.]AdSheetPhone/(?|.+)$" #"^/private/var/euser[0-9]+/Library/Caches/com.apple.iTunesStore/ISURLBag/com[.]apple[.]AdSheetP(ad|hone)/(?|.+)$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(require-not (subpath "/System/Library/Carrier Bundles"))
+				(require-not (subpath-prefix "${HOME}/Library/Carrier Bundles"))
+				(require-any
+					(literal "/private/var/preferences/com.apple.security.plist")
+					(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+					(literal-prefix-regex "${HOME}/Library/Preferences/com[.]apple[.]AdSheet(Pad|Phone).plist")
+					(subpath-prefix "${HOME}/Media/PhotoStreamsData")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.youtubeframework.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+					(literal-prefix "${HOME}/Media/Vibrations/UserGeneratedVibrationPatterns.plist")
+					(subpath-prefix "${HOME}/Media/Debug")
+					(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/Ringtones.plist")
+					(subpath "/Library/Ringtones")
+					(subpath-prefix "${HOME}/Media/Photos")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+					(subpath "/AppleInternal/Library/Frameworks/RadarCompose.framework")
+					(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.aggregated.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+					(literal-prefix "${HOME}/Library/Caches/com.apple.itunesstored/url-resolution.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+					(subpath-prefix "${HOME}/Media/MediaAnalysis")
+					(subpath-prefix "${HOME}/Media/PhotoData")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Preferences.plist")
+					(literal "/private/var/preferences/com.apple.networkd.plist")
+					(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+					(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+					(subpath-prefix "${HOME}/Media/DCIM")
+					(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.nanoprefsyncd.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaremote.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileslideshow.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+					(literal-prefix "${HOME}/Library/Caches/Checkpoint.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebKit.plist")
+					(subpath "/private/var/tmp")
+					(subpath-prefix "${HOME}/Media/Safari")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.camera.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+					(subpath-prefix "${HOME}/Media/iTunes_Control/Ringtones")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+					(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+					(subpath-prefix "${HOME}/Library/WebKit")
+					(subpath-prefix "${HOME}/Library/Cookies")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataAccess.BehaviorOptions.plist")
+					(subpath-prefix "${HOME}/Media/Purchases")
+					(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+					(subpath-prefix "${HOME}/Library/WebClips")
+					(subpath-prefix "${HOME}/Media/Memories")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.videos.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.springboard.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.locationd.plist")
+					(require-all
+						(regex #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]AdSheetPad-" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]AdSheetPad/" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]AdSheetPad$" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]AdSheetPhone-" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]AdSheetPhone/" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]AdSheetPhone$" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]AdSheetP(ad|hone)-" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]AdSheetP(ad|hone)/" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]AdSheetP(ad|hone)$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/SyncedPreferences/com[.]apple[.]AdSheetPad[.]plist" #"^/private/var/mobile/Library/SyncedPreferences/com[.]apple[.]AdSheetPad-.+[.]plist" #"^/private/var/mobile/Library/SyncedPreferences/com[.]apple[.]AdSheetPhone-.*[.]plist" #"^/private/var/euser[0-9]+/Library/SyncedPreferences/com[.]apple[.]AdSheetP(ad|hone)-.*[.]plist")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]AdSheetPad[.]savedState/" #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]AdSheetPhone[.]savedState/" #"^/private/var/euser[0-9]+/Library/Saved Application State/com[.]apple[.]AdSheetP(ad|hone)[.]savedState/")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(regex #"^/private/var/mobile/Documents/com[.]apple[.]AdSheetPad[.]settings$" #"^/private/var/mobile/Documents/com[.]apple[.]AdSheetPad[.]settings/" #"^/private/var/mobile/Documents/com[.]apple[.]AdSheetPhone[.]settings$" #"^/private/var/mobile/Documents/com[.]apple[.]AdSheetPhone[.]settings/" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.]AdSheetP(ad|hone)[.]settings$" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.]AdSheetP(ad|hone)[.]settings/")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(subpath-prefix "${HOME}/Media/PhotoData/Thumbnails")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(subpath-prefix "${HOME}/Media")
+						(extension "com.apple.avasset.read-only")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(vnode-type REGULAR-FILE)
+						(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AdSheetPad/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AdSheetPad$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AdSheetPhone/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AdSheetPhone$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AdSheetP(ad|hone)/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AdSheetP(ad|hone)$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite-shm")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(subpath-prefix "${HOME}/Media/PhotoData/Metadata")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite-journal")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(subpath-prefix "${HOME}/Media/PhotoData/Sync/FaceAlbumThumbnails")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(literal-prefix "${HOME}/Media/PhotoData/syncInfo.plist")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]AdSheetPad/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]AdSheetPad$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]AdSheetPhone/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]AdSheetPhone$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]AdSheetP(ad|hone)/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]AdSheetP(ad|hone)$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]ToneLibrary$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]ToneLibrary$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(require-not (subpath-prefix "${HOME}/Library/FairPlay"))
+						(require-not (literal "/usr/sbin/fairplayd"))
+						(require-not (subpath-prefix "${HOME}/Media"))
+						(require-any
+							(literal "/dev/random")
+							(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+							(literal "/dev/urandom")
+							(literal "/dev/ptmx")
+							(literal "/dev/aes_0")
+							(literal "/dev/dtracehelper")
+							(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+							(literal "/dev/null")
+							(literal "/dev/zero")
+							(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+							(require-all
+								(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+								(require-entitlement "com.apple.bulletinboard.dataprovider"))
+							(require-all
+								(vnode-type TTY)
+								(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+							(require-all
+								(extension "com.apple.sandbox.system-container")
+								(require-entitlement "com.apple.security.system-container"))
+							(require-all
+								(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+								(extension "com.apple.sandbox.pty"))
+							(require-all
+								(extension "com.apple.sandbox.system-container")
+								(require-entitlement "com.apple.security.system-container"))
+							(require-all
+								(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+								(require-entitlement "com.apple.bulletinboard.dataprovider"))
+							(require-all
+								(extension "com.apple.sandbox.system-group")
+								(require-any
+									(require-entitlement "com.apple.security.system-group-containers")
+									(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+									(require-entitlement "com.apple.security.system-groups")
+									(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+							(require-all
+								(extension "com.apple.sandbox.system-group")
+								(require-any
+									(require-entitlement "com.apple.security.system-group-containers")
+									(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+									(require-entitlement "com.apple.security.system-groups")
+									(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+							(require-all
+								(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+								(subpath-prefix "${FRONT_USER_HOME}"))
+							(require-all
+								(require-not (vnode-type BLOCK-DEVICE))
+								(require-not (vnode-type CHARACTER-DEVICE)))))
+					(require-all
+						(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AdSheetPad/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AdSheetPad$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AdSheetPhone/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AdSheetPhone$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AdSheetP(ad|hone)/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AdSheetP(ad|hone)$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite-wal")
+						(extension "com.apple.tcc.kTCCServicePhotos"))))
+			(require-all
+				(vnode-type SYMLINK)
+				(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+				(extension "com.apple.revisiond.revision"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/OnDemandResources/AssetPacks")
+				(extension "com.apple.odr-assets"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/[.]GlobalPreferences$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/[.]GlobalPreferences$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(vnode-type SYMLINK)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+				(extension "com.apple.revisiond.revision"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/AddressBook")
+		(extension "com.apple.tcc.kTCCServiceAddressBook")))
+(allow file-read-metadata
+	(subpath-prefix "${HOME}/Library/Carrier Bundles")
+	(literal-prefix "${HOME}/Library/DeviceRegistry")
+	(literal-prefix "${HOME}/Media/Memories")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.iTunesStore")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.iTunesStore/ISURLBag")
+	(literal-prefix "${HOME}/Library/com.apple.iTunesStore")
+	(literal-prefix "${HOME}/Media")
+	(literal-prefix "${HOME}/Library/com.apple.iTunesStore/LocalStorage")
+	(literal "/private/var/run/syslog")
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library")
+	(literal "/private/var/run/printd")
+	(literal-prefix "${HOME}/Library/Caches/Snapshots")
+	(literal-prefix "${HOME}/Library/Caches")
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}/Library/Saved Application State")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal-prefix "${HOME}/Media/MediaAnalysis")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.DictionaryServices")
+	(literal-prefix "${HOME}/Library/PPTDevice")
+	(vnode-type DIRECTORY)
+	(literal-prefix "${HOME}/Library/Mobile Documents")
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches/com.apple.DictionaryServices"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Media/MediaAnalysis")
+			(literal-prefix "${HOME}/Media/Memories")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]AdSheetPad[.]savedState" #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]AdSheetPhone[.]savedState" #"^/private/var/euser[0-9]+/Library/Saved Application State/com[.]apple[.]AdSheetP(ad|hone)[.]savedState")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/Caches/com.apple.iTunesStore")
+			(literal-prefix "${HOME}/Library/Caches/com.apple.iTunesStore/ISURLBag")))
+	(require-all
+		(literal-prefix "${HOME}/Media/PhotoData")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Saved Application State"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]AdSheetPad[.]savedState" #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]AdSheetPhone[.]savedState" #"^/private/var/euser[0-9]+/Library/Saved Application State/com[.]apple[.]AdSheetP(ad|hone)[.]savedState")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches/Snapshots"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/com.apple.iTunesStore")
+			(literal-prefix "${HOME}/Library/com.apple.iTunesStore/LocalStorage")))
+	(require-all
+		(literal-prefix "${HOME}/Media/PhotoData/Thumbnails")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(extension "com.apple.tcc.kTCCServicePhotos")))
+(allow file-read-xattr
+	(literal-prefix "${HOME}/Library/Caches"))
+(allow file-write*
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${HOME}/Library/Cookies")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.iTunesStore/URLCache")
+	(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/Ringtones.plist")
+	(literal-prefix "${HOME}/Library/Cookies/com.apple.iAd.cookiedb-journal")
+	(literal-prefix "${HOME}/Library/Cookies/com.apple.iAd.cookiedb")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AdSheetPad.plist")
+	(literal-prefix "${HOME}/Library/SpringBoard")
+	(subpath-prefix "${HOME}/Media/Purchases")
+	(literal-prefix "${HOME}/Library/Cookies/com.apple.iAd.cookiedb-shm")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.AdSheetPhone")
+	(subpath-prefix "${HOME}/Media/iTunes_Control/Ringtones")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AdSheetPhone.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.iad.LocationPermissions")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.iad.adlibd")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.AdSheetPad")
+	(subpath "/private/var/tmp")
+	(subpath-prefix "${HOME}/Library/SMS")
+	(literal-prefix "${HOME}/Library/Cookies/com.apple.iAd.cookiedb-wal")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.iad")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AdLib.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.reminders.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/kCFPreferencesAnyApplication.plist")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.springboard.sharedimagecache/Wallpaper")
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/SpringBoard/Lock.+" #"^/private/var/mobile/Library/SpringBoard/.+Lock.+" #"^/private/var/mobile/Library/SpringBoard/Home.+" #"^/private/var/mobile/Library/SpringBoard/.+Home.+" #"^/private/var/euser[0-9]+/Library/SpringBoard/((.*Lock|Home)|.+Home).+")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.springboard.plist"))
+		(require-not (literal-prefix "${HOME}/Library/Caches/GeoServices/tguid.bin"))
+		(require-not (literal-prefix "${HOME}/Library/Caches/DateFormats.plist"))
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.EmojiPreferences.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Preferences.plist")
+			(literal-prefix-regex "${HOME}/Library/Preferences/com[.]apple[.]AdSheet(Pad|Phone).plist")
+			(subpath-prefix "${HOME}/Media/Memories")
+			(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+			(subpath-prefix "${HOME}/Media/Debug")
+			(subpath-prefix "${HOME}/Media/Photos")
+			(literal-prefix "${HOME}/Library/Caches/com.apple.iTunesStore/network-constraints.plist")
+			(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-wal")
+			(literal-prefix "${HOME}/Library/Preferences/com.apple.dataaccess.launchd")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+			(subpath-prefix "${HOME}/Media/PhotoData")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.youtubeframework.plist")
+			(extension "com.apple.app-sandbox.read-write")
+			(subpath-prefix "${HOME}/Library/Cookies")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+			(literal-prefix "${HOME}/Media/iTunes_Control/iTunes")
+			(subpath-prefix "${HOME}/Media/MediaAnalysis")
+			(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+			(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-shm")
+			(subpath-prefix "${HOME}/Media/DCIM")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.public.plist")
+			(subpath-prefix "${HOME}/Library/WebKit")
+			(subpath-prefix "${HOME}/Library/Caches/com.apple.keyboards")
+			(subpath-prefix "${HOME}/Library/WebClips")
+			(subpath "/private/var/tmp")
+			(literal-prefix "${HOME}/Library/Keyboard/LocalDictionary")
+			(subpath-prefix "${HOME}/Media/Safari")
+			(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-journal")
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]AdSheetPad-" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]AdSheetPad/" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]AdSheetPad$" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]AdSheetPhone-" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]AdSheetPhone/" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]AdSheetPhone$" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]AdSheetP(ad|hone)-" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]AdSheetP(ad|hone)/" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]AdSheetP(ad|hone)$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]AdSheetPad[.]savedState/" #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]AdSheetPhone[.]savedState/" #"^/private/var/euser[0-9]+/Library/Saved Application State/com[.]apple[.]AdSheetP(ad|hone)[.]savedState/")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(require-not (subpath-prefix "${HOME}/Media"))
+				(require-any
+					(require-all
+						(extension "com.apple.sandbox.system-group")
+						(require-any
+							(require-entitlement "com.apple.security.system-groups")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+							(require-entitlement "com.apple.security.system-group-containers")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+					(require-all
+						(vnode-type BLOCK-DEVICE)
+						(vnode-type CHARACTER-DEVICE)
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(extension "com.apple.sandbox.system-container")
+						(require-entitlement "com.apple.security.system-container"))))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AdSheetPad/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AdSheetPad$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AdSheetPhone/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AdSheetPhone$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AdSheetP(ad|hone)/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AdSheetP(ad|hone)$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]AdSheetPad/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]AdSheetPad$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]AdSheetPhone/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]AdSheetPhone$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]AdSheetP(ad|hone)/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]AdSheetP(ad|hone)$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/WebKit/Databases"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/WebKit/LocalStorage"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AdSheetPad/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AdSheetPad$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AdSheetPhone/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AdSheetPhone$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AdSheetP(ad|hone)/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AdSheetP(ad|hone)$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/Mobile Documents")
+				(require-any
+					(extension "com.apple.librarian.ubiquity-container")
+					(require-entitlement "com.apple.private.librarian.container-proxy")))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com.apple.iTunesStore/ISURLBag/com[.]apple[.]AdSheetPad$" #"^/private/var/mobile/Library/Caches/com.apple.iTunesStore/ISURLBag/com[.]apple[.]AdSheetPad/$" #"^/private/var/mobile/Library/Caches/com.apple.iTunesStore/ISURLBag/com[.]apple[.]AdSheetPad/.+$" #"^/private/var/mobile/Library/Caches/com.apple.iTunesStore/ISURLBag/com[.]apple[.]AdSheetPhone/(?|.+)$" #"^/private/var/euser[0-9]+/Library/Caches/com.apple.iTunesStore/ISURLBag/com[.]apple[.]AdSheetP(ad|hone)/(?|.+)$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Documents/com[.]apple[.]AdSheetPad[.]settings$" #"^/private/var/mobile/Documents/com[.]apple[.]AdSheetPad[.]settings/" #"^/private/var/mobile/Documents/com[.]apple[.]AdSheetPhone[.]settings$" #"^/private/var/mobile/Documents/com[.]apple[.]AdSheetPhone[.]settings/" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.]AdSheetP(ad|hone)[.]settings$" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.]AdSheetP(ad|hone)[.]settings/")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Cookies"))
+			(require-all
+				(vnode-type SYMLINK)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Media/iTunes_Control/iTunes"))))
+	(require-all
+		(subpath-prefix "${HOME}/Library/AddressBook")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Cookies")))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches/com.apple.DictionaryServices"))
+			(require-all
+				(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.Accessibility.plist"))
+				(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.UIKit.plist"))
+				(require-any
+					(require-all
+						(vnode-type DIRECTORY)
+						(require-any
+							(literal-prefix "${HOME}/Library/Caches/com.apple.iTunesStore")
+							(literal-prefix "${HOME}/Library/Caches/com.apple.iTunesStore/ISURLBag")))
+					(require-all
+						(vnode-type REGULAR-FILE)
+						(extension "com.apple.private.safe-move.send"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(require-any
+							(literal-prefix "${HOME}/Media/MediaAnalysis")
+							(literal-prefix "${HOME}/Media/Memories")))
+					(require-all
+						(vnode-type DIRECTORY)
+						(literal-prefix "${HOME}/Library/Caches"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(literal-prefix "${HOME}/Library/Caches/Snapshots"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(regex #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]AdSheetPad[.]savedState" #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]AdSheetPhone[.]savedState" #"^/private/var/euser[0-9]+/Library/Saved Application State/com[.]apple[.]AdSheetP(ad|hone)[.]savedState")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(literal-prefix "${HOME}/Library/Saved Application State"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(require-any
+							(literal-prefix "${HOME}/Library/com.apple.iTunesStore")
+							(literal-prefix "${HOME}/Library/com.apple.iTunesStore/LocalStorage"))))))))
+(allow file-write-data
+	(literal-prefix "${HOME}/Library/Cookies/com.apple.iAd.cookiedb")
+	(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb")
+	(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb")
+	(literal "/dev/ptmx")
+	(literal-prefix "${HOME}/Library/WebKit/LocalStorage/StorageTracker.db")
+	(literal "/dev/aes_0")
+	(literal-prefix "${HOME}/Library/WebKit/Databases/Databases.db")
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open
+	(extension "com.apple.security.exception.iokit-user-client-class")
+	(iokit-user-client-class "AppleKeyStoreUserClient")
+	(iokit-user-client-class "IOAccelDevice2")
+	(iokit-user-client-class "AppleJPEGDriverUserClient")
+	(iokit-user-client-class "IOAccelSharedUserClient2")
+	(iokit-user-client-class "IOSurfaceSendRight")
+	(iokit-user-client-class "IOAccelContext")
+	(iokit-user-client-class "IOAccelSharedUserClient")
+	(iokit-user-client-class "IOSurfaceAcceleratorClient")
+	(iokit-user-client-class "IOAccelDevice")
+	(iokit-user-client-class "IOMobileFramebufferUserClient")
+	(iokit-user-client-class "IOSurfaceRootUserClient")
+	(iokit-user-client-class "IOAccelSubmitter2")
+	(iokit-user-client-class "RootDomainUserClient")
+	(iokit-user-client-class "IOAccelContext2")
+	(iokit-user-client-class "AppleMobileFileIntegrityUserClient"))
+(allow iokit-get-properties)
+(allow ipc-posix-shm-read*
+	(ipc-posix-name-regex #"^gdt-[0-9A-Za-z]+-c$" #"^gdt-[0-9A-Za-z]+-s$")
+	(ipc-posix-name-regex #"^Apple MIDI in [0-9]+$" #"^Apple MIDI out [0-9]+$")
+	(ipc-posix-name-regex #"^apple[.]shm[.]cfprefsd[.]")
+	(ipc-posix-name "apple.shm.notification_center"))
+(allow ipc-posix-shm-write-data
+	(ipc-posix-name-regex #"^gdt-[0-9A-Za-z]+-c$" #"^gdt-[0-9A-Za-z]+-s$")
+	(ipc-posix-name-regex #"^Apple MIDI in [0-9]+$" #"^Apple MIDI out [0-9]+$"))
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.pairedsyncd.syncstate")
+	(global-name "com.apple.nano.nanoregistry.paireddeviceregistry")
+	(global-name "com.apple.coremedia.videocompositor")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.mobileassetd")
+	(global-name "com.apple.assistant.dictation")
+	(global-name "com.apple.coremedia.capturesession")
+	(global-name "com.apple.UIKit.KeyboardManagement")
+	(global-name "com.apple.chatkit.clientcomposeserver.xpc")
+	(global-name "com.apple.audio.AudioSession")
+	(global-name "PurpleSystemEventPort")
+	(global-name "com.apple.medialibraryd.xpc")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.coreduetd.batterysaver")
+	(global-name "com.apple.fairplayd.versioned")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.mobilemail")
+	(global-name "com.apple.UIKit.statusbarserver")
+	(global-name-regex #"^com[.]apple[.]uikit[.]viewservice[.].+")
+	(global-name "com.apple.iTunesStore.daemon.deatchwatch")
+	(global-name "com.apple.FileProvider")
+	(global-name "com.apple.backboard.animation-fence-arbiter")
+	(global-name "com.apple.MediaRemote.daemon")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.marco")
+	(global-name "ScripterServer")
+	(global-name "com.apple.iTunesStore.daemon-notifications")
+	(global-name "com.apple.audio.AURemoteIOServer")
+	(global-name "com.apple.librariand")
+	(global-name "com.apple.PowerManagement.control")
+	(global-name "PurplePPTServer")
+	(global-name "PurpleSystemAppPort")
+	(global-name "com.apple.spotlight.IndexAgent")
+	(global-name "com.apple.UIKit.KeyboardManagement.hosted")
+	(global-name "com.apple.iTunesStore.daemon")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.nanomaps.xpc.GeoServices")
+	(global-name "com.apple.coremedia.audiodeviceclock")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "UIASTNotificationCenter")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.mobilemail.services.xpc")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.cmfsyncagent.embedded.auth")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.uikit.GestureServer")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.MediaRemote.isrunning")
+	(global-name "com.apple.calaccessd")
+	(global-name "com.apple.managedconfiguration.profiled")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.passd.assertions")
+	(local-name-regex #"^com[.]apple[.]assistant[.]contextprovider[.]")
+	(global-name "com.apple.powerlog.plxpclogger.xpc")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.iphone.axserver-systemwide")
+	(global-name "com.apple.ABDatabaseDoctor")
+	(global-name "com.apple.nanoprefsync")
+	(global-name "com.apple.springboard.services")
+	(global-name "com.apple.TextInput.lexicon-server")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.fig.movie")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name-regex #"^com[.]apple[.]iad[.]")
+	(global-name "com.apple.accessibility.AXBackBoardServer")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.airplaydiagnostics.server")
+	(global-name "com.apple.coremedia.admin")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.WebBookmarks.webbookmarksd")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.locationd.registration")
+	(global-name "com.apple.webinspector")
+	(global-name "com.apple.MediaRemote.nowplayingserver")
+	(global-name "com.apple.telephonyutilities.callservicesdaemon.callcapabilities")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.PersistentURLTranslator.Gatekeeper")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.FileCoordination")
+	(global-name "com.apple.itunesstored.xpc")
+	(global-name "com.apple.mobilecheckpoint.checkpointd")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.NPKCompanionAgent.library")
+	(global-name "com.apple.TextInput")
+	(global-name "com.apple.SBUserNotification")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.mobile.deleted")
+	(global-name "com.apple.usernotification.notificationregistrar")
+	(global-name "com.apple.assetsd.changehub")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.TextInput.rdt")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.coremedia.sandboxserver")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.accessibility.gax.backboard")
+	(global-name "com.apple.itunescloudd.xpc")
+	(global-name "com.apple.locationd.synchronous")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.coremedia.capturesource")
+	(global-name "com.apple.coremedia.recorder")
+	(global-name "com.apple.springboard.backgroundappservices")
+	(global-name "com.apple.gmmd.cookie")
+	(global-name "com.apple.accountsd.oauthsigner")
+	(global-name "com.apple.mobile.installd")
+	(global-name "com.apple.CARenderServer")
+	(global-name "com.apple.audio.AudioQueueServer")
+	(global-name "com.apple.mediaremoted.xpc")
+	(global-name "com.apple.gpumemd.source")
+	(global-name "com.apple.mobilemail.messageuiservices")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.TextInput.shortcuts")
+	(global-name "com.apple.coremedia.assetimagegenerator")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.bird.token")
+	(global-name "com.apple.twitterd.server")
+	(global-name "com.apple.backboard.hid.services")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.imagent.embedded.auth")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.eventpump")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.geod")
+	(global-name "com.apple.coremedia.endpoint.xpc")
+	(global-name "com.apple.backboard.TouchDeliveryPolicyServer")
+	(global-name "com.apple.dictationd.recognition")
+	(global-name "com.apple.ait.client")
+	(global-name "com.apple.ondemandd.client")
+	(global-name "com.apple.voiceservices.keepalive")
+	(global-name "com.apple.cvmsServ")
+	(local-name "com.apple.iphone.axserver")
+	(global-name "com.apple.cache_delete")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.dataaccess.dataaccessd")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.safarifetcherd")
+	(global-name "com.apple.revisiond")
+	(global-name "com.apple.voiceservices.tts")
+	(global-name "com.apple.assistant.settings")
+	(global-name "com.apple.mediaserverd")
+	(global-name "com.apple.pegasus")
+	(global-name "com.apple.assertiond.expiration")
+	(global-name "com.apple.companion.camera")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.frontboard.systemappservices")
+	(global-name "com.apple.iohideventsystem")
+	(global-name "com.apple.passd.in-app-payment")
+	(global-name "com.apple.frontboard.workspace")
+	(global-name "com.apple.webfilterd")
+	(global-name "com.apple.locationd.spi")
+	(global-name "com.apple.identityservicesd.idquery.embedded.auth")
+	(global-name "com.apple.pluginkit.pkd")
+	(global-name "com.apple.mobile.keybagd.xpc")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.quicklook.ThumbnailsAgent")
+	(global-name "com.apple.usernotification.notificationscheduler")
+	(global-name "com.apple.backboard.display.services")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.sharingd.nsxpc")
+	(global-name "com.apple.dataaccess.dataaccessd.active")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.vibrationmanagerd")
+	(global-name "com.apple.audio.SystemSoundServer-iOS")
+	(global-name "com.apple.coremedia.asset")
+	(global-name "com.apple.springboard.processinvalidation")
+	(global-name "com.apple.passd.library")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.assertiond.extension")
+	(global-name "com.apple.coremedia.remaker")
+	(global-name "com.apple.coremedia.cameraviewfinder")
+	(global-name "com.apple.telephonyutilities.callservicesdaemon.callstatecontroller")
+	(global-name "com.apple.imagent.Embedded.Launched")
+	(global-name "com.apple.bird")
+	(global-name "com.apple.sharingd")
+	(global-name "com.apple.UIKit.pasteboardd")
+	(require-all
+		(global-name "com.apple.mediaserverd")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.itunescloudd.xpc")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.springboard.backgroundappservices")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.capturesession")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(global-name "com.apple.coremedia.capturesource")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.remaker")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.recorder")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.pegasus")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.springboard.statusbarservices")
+		(require-entitlement "com.apple.springboard.statusbarstyleoverrides"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(global-name "com.apple.coremedia.admin")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(global-name "com.apple.coremedia.assetimagegenerator")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.audio.AudioSession")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.asset")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(global-name "com.apple.coremedia.endpoint.xpc")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.fig.movie")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.sandboxserver")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.videocompositor")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow mach-register
+	(local-name "com.apple.accessibility.gax.client")
+	(local-name-regex #"^com[.]apple[.]assistant[.]contextprovider[.]")
+	(local-name "com.apple.iphone.axserver")
+	(require-all
+		(extension "com.apple.security.exception.mach-register.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(extension "com.apple.security.exception.mach-register.global-name")
+		(global-name-regex #".+")))
+(allow network-outbound
+	(require-all
+		(require-not (regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
+		(require-any
+			(literal "/private/var/run/lockdown.sock")
+			(remote tcp "*:*")
+			(literal "/private/var/run/printd")
+			(literal "/private/var/run/mDNSResponder")
+			(control-name "com.apple.netsrc")
+			(control-name "com.apple.network.statistics")
+			(literal "/private/var/run/syslog"))))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(preference-domain "com.apple.NanoRegistry")
+	(preference-domain "com.apple.demo-settings")
+	(preference-domain "com.apple.Preferences")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.UIKit")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.adtracking")
+	(preference-domain "com.apple.icloud.findmydeviced.postwipe")
+	(preference-domain "com.apple.locationd")
+	(preference-domain "com.apple.AdLib")
+	(preference-domain "com.apple.coreanimation")
+	(preference-domain "com.apple.iokit.IOMobileGraphicsFamily")
+	(preference-domain "com.apple.mt")
+	(preference-domain "com.apple.avfoundation")
+	(preference-domain "com.apple.assistant.support")
+	(preference-domain "com.apple.corevideo")
+	(preference-domain "com.apple.MapKit.internal")
+	(preference-domain "com.apple.voiceservices")
+	(preference-domain "com.apple.nanoprefsyncd")
+	(preference-domain "com.apple.EmojiPreferences")
+	(preference-domain "com.apple.preferences.sounds")
+	(preference-domain "com.apple.mediaaccessibility")
+	(preference-domain "com.apple.telephonyutilities.dialassist")
+	(preference-domain "com.apple.mediaremote")
+	(preference-domain "com.apple.assistant")
+	(preference-domain "com.apple.GEO")
+	(preference-domain "com.apple.youtubeframework")
+	(preference-domain "com.apple.mobileipod")
+	(preference-domain "com.apple.CoreMotion")
+	(preference-domain ".GlobalPreferences")
+	(preference-domain "com.apple.pairedsync")
+	(preference-domain "com.apple.homesharing")
+	(preference-domain "com.apple.CoreDuet")
+	(preference-domain "com.apple.itunesstored")
+	(preference-domain "com.apple.Sharing")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.keyboard")
+	(preference-domain "com.apple.MobileSMS")
+	(preference-domain "com.apple.coreaudio")
+	(preference-domain "com.apple.iapd")
+	(preference-domain "com.apple.da")
+	(preference-domain "com.apple.reminders")
+	(preference-domain "com.apple.mobileslideshow")
+	(preference-domain "com.apple.MobileAsset")
+	(preference-domain "com.apple.WebUI")
+	(preference-domain "com.apple.carrier")
+	(preference-domain "com.apple.springboard")
+	(preference-domain "com.apple.medialibrary")
+	(preference-domain "com.apple.SpeakSelection")
+	(preference-domain "com.apple.AdSheetPad")
+	(preference-domain "com.apple.DataAccess.BehaviorOptions")
+	(preference-domain "com.apple.coremedia")
+	(preference-domain "com.apple.InputModePreferences")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "com.apple.AdSheetPhone")
+	(preference-domain "com.apple.DataMigration")
+	(preference-domain "com.apple.mediaaccessibility.public")
+	(preference-domain "com.apple.icloud.findmydeviced.public.notbackedup")
+	(preference-domain "com.apple.WebKit")
+	(preference-domain "com.apple.videos")
+	(preference-domain "com.apple.AOSNotification.public.notbackedup")
+	(preference-domain "com.apple.camera")
+	(preference-domain "com.apple.marco")
+	(preference-domain "com.apple.logging")
+	(preference-domain "com.apple.aggregated")
+	(preference-domain "com.apple.VoiceOverTouch")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.Accessibility")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(preference-domain "com.apple.avfoundation")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.coreaudio")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.coremedia")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.itunesstored")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.mobileipod")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.corevideo")
+		(extension "com.apple.tcc.kTCCServicePhotos")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.Preferences")
+	(preference-domain "com.apple.reminders")
+	(preference-domain "com.apple.itunesstored")
+	(preference-domain "com.apple.EmojiPreferences")
+	(preference-domain "com.apple.AdLib")
+	(preference-domain "com.apple.mobileipod")
+	(preference-domain "com.apple.AdSheetPad")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.youtubeframework")
+	(preference-domain "com.apple.AdSheetPhone")
+	(preference-domain "com.apple.mediaaccessibility.public"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-fsctl
+	(fsctl-command (_IO "h" 31))
+	(fsctl-command (_IO "h" 32)))
+(allow system-info
+	(info-type "net.link.addr"))
+(allow system-privilege)
+(allow system-socket
+	(socket-domain AF_ROUTE)
+	(require-all
+		(socket-domain AF_SYSTEM)
+		(socket-protocol 2)))
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/AdSheet.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/AdSheet.sb.xml
new file mode 100644
index 00000000..c9d99090
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/AdSheet.sb.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/AirTraffic.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/AirTraffic.sb
new file mode 100644
index 00000000..cab1d102
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/AirTraffic.sb
@@ -0,0 +1,135 @@
+(version 1)
+(allow default)
+(deny file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/[.]com[.]apple[.]")
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/[.]com[.]apple[.]")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/[.]com[.]apple[.]"))))
+(deny file-mount)
+(deny file-mount-update)
+(deny file-read*
+	(regex #"^/private/var/containers/Data/System/[^/]+/[.]com[.]apple[.]")
+	(require-all
+		(require-not (subpath "/Developer"))
+		(require-not (extension "com.apple.security.exception.files.absolute-path.read-write"))
+		(require-not (extension "com.apple.security.exception.files.home-relative-path.read-write"))
+		(require-not (extension "com.apple.security.exception.files.absolute-path.read-only"))
+		(require-not (extension "com.apple.security.exception.files.home-relative-path.read-only"))
+		(require-not (extension "com.apple.sandbox.executable"))
+		(require-not (literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist"))
+		(require-not (literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist"))
+		(require-not (regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$"))
+		(require-not (subpath "/System/Library"))
+		(require-not (subpath "/usr/lib"))
+		(require-not (subpath "/usr/share"))
+		(require-not (subpath "/private/var/db/timezone"))
+		(require-any
+			(literal "/private/etc/master.passwd")
+			(literal "/private/var")
+			(literal "/private/var/root")
+			(require-all
+				(require-not (literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist"))
+				(require-not (regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$"))
+				(require-not (regex #"^/private/var/mobile" #"^/private/var/euser[0-9]+"))
+				(require-not (subpath "/private/var/tmp"))
+				(require-not (literal "/private/var/preferences/com.apple.security.plist"))
+				(require-not (literal "/private/var/preferences/com.apple.NetworkStatistics.plist"))
+				(require-not (literal "/private/var/preferences/com.apple.networkd.plist"))
+				(require-not (literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist"))
+				(require-not (literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist"))
+				(require-not (literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist"))
+				(require-not (literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist"))
+				(require-not (literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist"))
+				(require-not (literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.pairedsync.plist"))
+				(require-not (literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist"))
+				(require-not (literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist"))
+				(require-not (literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoRegistry.plist"))
+				(require-not (literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.homesharing.plist"))
+				(require-not (literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.medialibrary.plist"))
+				(require-not (literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-shm"))
+				(require-not (literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-wal"))
+				(require-not (literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-journal"))
+				(require-not (literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb"))
+				(require-not (literal-prefix "${HOME}/Media/iTunes_Control/iTunes"))
+				(require-not (literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ids.plist"))
+				(require-not (literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.conference.plist"))
+				(require-not (literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist"))
+				(require-not (literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iokit.IOMobileGraphicsFamily.plist"))
+				(require-any
+					(require-all
+						(extension "com.apple.sandbox.system-container")
+						(require-entitlement "com.apple.security.system-container"))
+					(require-all
+						(require-not (subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library"))
+						(require-not (subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo"))
+						(require-not (literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist"))
+						(require-not (literal "/dev/ptmx"))
+						(require-not (literal "/dev/aes_0"))
+						(require-not (literal "/dev/random"))
+						(require-not (literal "/dev/urandom"))
+						(require-not (literal "/dev/dtracehelper"))
+						(require-not (literal "/dev/null"))
+						(require-not (literal "/dev/zero"))
+						(require-any
+							(require-not (vnode-type BLOCK-DEVICE))
+							(require-not (vnode-type CHARACTER-DEVICE))))
+					(require-all
+						(extension "com.apple.sandbox.system-group")
+						(require-any
+							(require-entitlement "com.apple.security.system-groups")
+							(require-not (regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/[.]com[.]apple[.]"))
+							(require-entitlement "com.apple.security.system-group-containers")
+							(require-not (regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/[.]com[.]apple[.]")))))))))
+(deny file-unmount)
+(deny file-write*
+	(regex #"^/private/var/containers/Data/System/[^/]+/[.]com[.]apple[.]")
+	(require-all
+		(require-not (extension "com.apple.security.exception.files.absolute-path.read-write"))
+		(require-not (extension "com.apple.security.exception.files.home-relative-path.read-write"))
+		(require-any
+			(literal "/private/etc/master.passwd")
+			(literal "/private/var")
+			(literal "/private/var/root")
+			(require-all
+				(require-not (regex #"^/private/var/mobile" #"^/private/var/euser[0-9]+"))
+				(require-not (subpath "/private/var/tmp"))
+				(require-not (literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-shm"))
+				(require-not (literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-wal"))
+				(require-not (literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb"))
+				(require-not (literal-prefix "${HOME}/Media/iTunes_Control/iTunes"))
+				(require-not (literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-journal"))
+				(require-any
+					(require-not (literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal"))
+					(vnode-type BLOCK-DEVICE)
+					(vnode-type CHARACTER-DEVICE)
+					(require-not (require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(extension "com.apple.sandbox.system-container")
+						(require-entitlement "com.apple.security.system-container"))
+					(require-all
+						(extension "com.apple.sandbox.system-group")
+						(require-any
+							(require-entitlement "com.apple.security.system-groups")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/[.]com[.]apple[.]")
+							(require-entitlement "com.apple.security.system-group-containers")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/[.]com[.]apple[.]"))))))))
+(deny file-write-create
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+(deny file-write-data
+	(require-all
+		(require-not (literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb"))
+		(require-not (literal "/dev/ptmx"))
+		(require-not (literal "/dev/aes_0"))
+		(require-any
+			(literal "/dev/random")
+			(literal "/dev/urandom"))))
+(deny job-creation)
+(deny network-outbound
+	(regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/AirTraffic.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/AirTraffic.sb.xml
new file mode 100644
index 00000000..04fe0dbd
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/AirTraffic.sb.xml
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="allow" />
+	<operation name="file-mount" action="deny" />
+	<operation name="file-mount-update" action="deny" />
+	<operation name="file-unmount" action="deny" />
+	<operation name="job-creation" action="deny" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/BTServer.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/BTServer.sb
new file mode 100644
index 00000000..2af0a633
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/BTServer.sb
@@ -0,0 +1,654 @@
+(version 1)
+(deny default)
+(allow file-ioctl
+	(literal "/dev/uart.log")
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(literal "/dev/dtracehelper"))
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.sandbox.pty")
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-link
+	(require-not (subpath-prefix "${HOME}/Library/AddressBook")))
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.conference.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist")
+	(literal "/private/var/wireless/Library/CallHistory/call_history.db-journal")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.BTServer.plist")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(subpath "/private/var/wireless/Library/Logs/awd")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileBluetooth.debug.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileBluetooth.services.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileBluetooth.devices.plist")
+	(subpath-prefix "${HOME}/Library/Logs/Bluetooth")
+	(extension "com.apple.sandbox.executable")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileBluetooth.ledevices.plist")
+	(literal "/private/var/wireless/Library/CallHistory/call_history.db-wal")
+	(subpath "/System/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoRegistry.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+	(subpath "/private/var/db/timezone")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.support.plist")
+	(subpath "/Developer")
+	(subpath "/private/var/tmp")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(literal "/private/var/wireless/Library/CallHistory/call_history.db")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal "/private/var/wireless/Library/CallHistory/call_history.db-shm")
+	(literal "/private/var/wireless/Library/CallHistory")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+	(subpath-prefix "${HOME}/Library/MobileBluetooth")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.BTServer.airplane.plist")
+	(literal "/dev/uart.log")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.carrier.plist")
+	(subpath "/Library/Application Support/BTServer")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.TelephonyUtilities.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.pairedsync.plist")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ids.plist")
+	(require-all
+		(extension "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Caches/GeoServices/tguid.bin"))
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+			(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileAsset.plist")
+			(literal "/dev/random")
+			(subpath-prefix "${FRONT_USER_HOME}/Library/Caches/GeoServices")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreDuet.plist")
+			(literal "/dev/urandom")
+			(literal "/dev/ptmx")
+			(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+			(literal "/dev/aes_0")
+			(subpath "/private/var/containers/Data/System/com.apple.geod")
+			(literal "/dev/null")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AOSNotification.public.notbackedup.plist")
+			(literal "/dev/dtracehelper")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.postwipe.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+			(literal "/dev/zero")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataMigration.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.public.notbackedup.plist")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(subpath "/private/var/MobileAsset")
+				(extension "com.apple.assets.read"))
+			(require-all
+				(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+				(extension "com.apple.sandbox.pty"))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+				(subpath-prefix "${FRONT_USER_HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(vnode-type TTY)
+				(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+			(require-all
+				(vnode-type BLOCK-DEVICE)
+				(vnode-type CHARACTER-DEVICE)
+				(require-any
+					(literal "/private/etc/hosts")
+					(literal "/private/etc/group")
+					(literal "/private/etc/passwd")
+					(literal "/")
+					(literal "/private/etc/protocols")
+					(literal "/private/etc/services")
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+						(require-entitlement "com.apple.coreduetd.people"))))
+			(require-all
+				(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+				(extension "com.apple.tcc.kTCCServiceAddressBook"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/Assets")
+				(extension "com.apple.assets.read"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/AddressBook")
+				(extension "com.apple.tcc.kTCCServiceAddressBook"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode)))
+(allow file-read-data
+	(literal "/dev/btwake")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.radios.plist")
+	(subpath "/System")
+	(literal "/usr/sbin/BTServer")
+	(literal "/usr/sbin")
+	(literal "/private/var/preferences/SystemConfiguration/preferences.plist"))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal "/private/var/wireless")
+	(literal "/usr/sbin/BTServer")
+	(literal-prefix "${HOME}/Library/DeviceRegistry")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal "/usr/sbin")
+	(literal "/private/var")
+	(literal "/Library/Preferences")
+	(literal "/private/var/run/syslog")
+	(literal-prefix "${HOME}/Library/PPTDevice")
+	(literal "/private/var/wireless/Library")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}")))))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/Library/Application Support/BTServer/pincode_defaults.db-journal")
+	(subpath-prefix "${HOME}/Library/MobileBluetooth")
+	(literal "/Library/Application Support/BTServer")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileBluetooth.devices.plist")
+	(literal "/Library/Application Support/BTServer/pincode_defaults.db-shm")
+	(literal "/private/var/wireless/Library/CallHistory/call_history.db-journal")
+	(literal "/Library/Application Support/BTServer/pincode_defaults.db-wal")
+	(subpath-prefix "${HOME}/Library/Logs/Bluetooth")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.BTServer.plist")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/hci")
+	(literal "/private/var/wireless/Library/CallHistory/call_history.db-wal")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal "/private/var/wireless/Library/CallHistory")
+	(subpath "/private/var/wireless/Library/Logs/awd")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileBluetooth.services.plist")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileBluetooth.debug.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileBluetooth.ledevices.plist")
+	(literal "/private/var/wireless/Library/CallHistory/call_history.db")
+	(literal "/private/var/wireless/Library/CallHistory/call_history.db-shm")
+	(literal "/Library/Application Support/BTServer/pincode_defaults.db")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.BTServer.airplane.plist")
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal "/Library/Application Support/BTServer"))
+	(require-all
+		(extension "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Caches/GeoServices/tguid.bin"))
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+			(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(vnode-type BLOCK-DEVICE)
+				(vnode-type CHARACTER-DEVICE)
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+				(extension "com.apple.tcc.kTCCServiceAddressBook"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/AddressBook")
+				(extension "com.apple.tcc.kTCCServiceAddressBook"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal "/private/var/wireless/Library/CallHistory")))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/uart.log")
+	(literal "/Library/Application Support/BTServer/pincode_defaults.db")
+	(literal "/private/var/wireless/Library/CallHistory/call_history.db")
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open
+	(extension "com.apple.security.exception.iokit-user-client-class")
+	(iokit-user-client-class "AppleKeyStoreUserClient")
+	(iokit-user-client-class "AppleBasebandUserClient")
+	(iokit-user-client-class "RootDomainUserClient")
+	(iokit-user-client-class "IOHIDResourceDeviceUserClient")
+	(iokit-user-client-class "IOUserEthernetResourceUserClient")
+	(iokit-user-client-class "AppleMobileFileIntegrityUserClient"))
+(allow iokit-get-properties)
+(allow ipc-posix-shm*
+	(ipc-posix-name-regex #"^stack-logs")
+	(ipc-posix-name-regex #"^OA-")
+	(ipc-posix-name "shm_notif.tacl.R")
+	(ipc-posix-name "shm_pcm_audio_sco_write")
+	(ipc-posix-name-regex #"^..:..:..:..:..:..-tacl$")
+	(ipc-posix-name "shm_notif.tacl.W")
+	(ipc-posix-name "shm_notif.tsco.R")
+	(ipc-posix-name "shm_pcm_audio_sco_read")
+	(ipc-posix-name "shm_notif.tsco.W")
+	(ipc-posix-name-regex #"^/FSM-")
+	(ipc-posix-name "com.apple.BTServer.magnet.shm"))
+(allow ipc-posix-shm-read*
+	(ipc-posix-name-regex #"^gdt-[0-9A-Za-z]+-c$" #"^gdt-[0-9A-Za-z]+-s$")
+	(ipc-posix-name "apple.shm.notification_center")
+	(ipc-posix-name-regex #"^apple[.]shm[.]cfprefsd[.]"))
+(allow ipc-posix-shm-write-data
+	(ipc-posix-name-regex #"^gdt-[0-9A-Za-z]+-c$" #"^gdt-[0-9A-Za-z]+-s$"))
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.nano.nanoregistry.paireddeviceregistry")
+	(global-name "com.apple.BlueTool")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.mobileactivationd")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.coremedia.asset")
+	(global-name "com.apple.mobileassetd")
+	(global-name "com.apple.marco")
+	(global-name "com.apple.PowerManagement.control")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.spotlight.IndexAgent")
+	(global-name "com.apple.fig.movie")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.frontboard.systemappservices")
+	(global-name "com.apple.cmfsyncagent.embedded.auth")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.powerlog.plxpclogger.xpc")
+	(global-name "com.apple.ABDatabaseDoctor")
+	(global-name "com.apple.springboard.services")
+	(global-name "com.apple.BTServer.avrcp")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.BTServer.map")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.lsd.modifydb")
+	(global-name "com.apple.MobileInternetSharing")
+	(global-name "com.apple.telephonyutilities.callservicesdaemon.callcapabilities")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.ProgressReporting")
+	(global-name "com.apple.SBUserNotification")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.BTAudioHALPlugin.xpc")
+	(global-name "com.apple.usernotification.notificationregistrar")
+	(global-name "com.apple.identityservicesd.embedded.auth")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.springboard.processinvalidation")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.WirelessCoexManager")
+	(global-name "com.apple.springboard.backgroundappservices")
+	(global-name "com.apple.nanomaps.xpc.GeoServices")
+	(global-name "com.apple.carkit.service")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.wifi.manager")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.imagent.embedded.auth")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.geod")
+	(global-name "com.apple.awdd")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.mediaserverd")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.identityservicesd.idquery.embedded.auth")
+	(global-name "com.apple.BTServer.le")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.usernotification.notificationscheduler")
+	(global-name "com.apple.pairedsyncd.syncstate")
+	(global-name "com.apple.BTServer.pbap")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.lsd.xpc")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.audio.SystemSoundServer-iOS")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.telephonyutilities.callservicesdaemon.callstatecontroller")
+	(global-name "com.apple.xpcd")
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow network-inbound)
+(allow network-bind)
+(allow network-outbound
+	(require-not (regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.ids")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.demo-settings")
+	(preference-domain "com.apple.icloud.findmydeviced")
+	(preference-domain "com.apple.coreaudio")
+	(preference-domain "com.apple.icloud.findmydeviced.postwipe")
+	(preference-domain "com.apple.icloud.findmydeviced.public.notbackedup")
+	(preference-domain "com.apple.MobileBluetooth.debug")
+	(preference-domain "com.apple.assistant.support")
+	(preference-domain "com.apple.MobileBluetooth.ledevices")
+	(preference-domain "com.apple.pairedsync")
+	(preference-domain "com.apple.CoreDuet")
+	(preference-domain "com.apple.GEO")
+	(preference-domain "com.apple.TelephonyUtilities")
+	(preference-domain "com.apple.MobileAsset")
+	(preference-domain "com.apple.carrier")
+	(preference-domain "com.apple.BTServer.airplane")
+	(preference-domain "com.apple.coremedia")
+	(preference-domain "com.apple.BTServer")
+	(preference-domain "com.apple.DataMigration")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.NanoRegistry")
+	(preference-domain "com.apple.MobileBluetooth.devices")
+	(preference-domain "com.apple.marco")
+	(preference-domain "com.apple.logging")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.conference")
+	(preference-domain "com.apple.AOSNotification.public.notbackedup")
+	(preference-domain "com.apple.MobileBluetooth.services")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.BTServer.airplane")
+	(preference-domain "com.apple.MobileBluetooth.devices")
+	(preference-domain "com.apple.MobileBluetooth.ledevices")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.BTServer")
+	(preference-domain "com.apple.MobileBluetooth.debug")
+	(preference-domain "com.apple.MobileBluetooth.services"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/BTServer.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/BTServer.sb.xml
new file mode 100644
index 00000000..ab808c0e
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/BTServer.sb.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="network-inbound" action="allow" />
+	<operation name="network-bind" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/BlueTool.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/BlueTool.sb
new file mode 100644
index 00000000..bdae9659
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/BlueTool.sb
@@ -0,0 +1,399 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/System/Library")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal "/dev/dtracehelper")
+	(literal "/dev/zero")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(literal "/dev/random")
+	(literal "/dev/ptmx")
+	(literal "/usr/sbin")
+	(regex #"^/dev/bt$" #"^/dev/bt.+$")
+	(subpath "/private/var/db/timezone")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/dev/urandom")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(extension "com.apple.sandbox.executable")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/private/etc/bluetool")
+	(subpath "/AppleInternal")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal "/dev/aes_0")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-data
+	(literal "/dev/btreset")
+	(literal "/dev/btwake"))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/dev/bt$" #"^/dev/bt.+$")
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-write-create
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open
+	(extension "com.apple.security.exception.iokit-user-client-class")
+	(iokit-user-client-class "AppleKeyStoreUserClient")
+	(iokit-user-client-class "AppleMobileFileIntegrityUserClient")
+	(iokit-user-client-class "AppleBasebandUserClient"))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.lsd.mapdb")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "platform-application")))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "platform-application")))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/BlueTool.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/BlueTool.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/BlueTool.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/CFNetworkAgent.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/CFNetworkAgent.sb
new file mode 100644
index 00000000..c93080c3
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/CFNetworkAgent.sb
@@ -0,0 +1,173 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal "/dev/random")
+	(subpath "/Developer")
+	(literal "/dev/urandom")
+	(literal "/dev/ptmx")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/System/Library")
+	(literal "/dev/aes_0")
+	(literal "/dev/dtracehelper")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(extension "com.apple.sandbox.executable")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal "/dev/zero")
+	(subpath "/usr/lib")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(subpath "/usr/share")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(subpath "/private/var/db/timezone")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-read-metadata)
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people")))
+(allow file-write-create
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open
+	(extension "com.apple.security.exception.iokit-user-client-class")
+	(iokit-user-client-class "AppleKeyStoreUserClient")
+	(iokit-user-client-class "AppleMobileFileIntegrityUserClient"))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/CFNetworkAgent.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/CFNetworkAgent.sb.xml
new file mode 100644
index 00000000..e8f17749
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/CFNetworkAgent.sb.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="file-read-metadata" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/CVMServer.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/CVMServer.sb
new file mode 100644
index 00000000..9b1f6ff2
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/CVMServer.sb
@@ -0,0 +1,235 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/usr/bin/codesign_allocate")
+	(literal "/dev/random")
+	(subpath "/Developer")
+	(literal "/dev/urandom")
+	(literal "/dev/ptmx")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/System/Library")
+	(literal "/dev/aes_0")
+	(literal "/dev/dtracehelper")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.sandbox.executable")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(extension "com.apple.app-sandbox.read-write")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal "/dev/zero")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(subpath "/usr/share")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(subpath "/private/var/db/timezone")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(extension "com.apple.app-sandbox.read-write")
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people")))
+(allow file-write-create
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name-regex #"^com[.]apple[.]cvmsCompAgent")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.lsd.icons")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-exec*
+	(subpath "/System/Library/Frameworks/OpenGLES.framework")
+	(subpath "/usr/bin/codesign_allocate"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/CVMServer.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/CVMServer.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/CVMServer.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/CommCenter.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/CommCenter.sb
new file mode 100644
index 00000000..5131a445
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/CommCenter.sb
@@ -0,0 +1,436 @@
+(version 1)
+(deny default)
+(allow file-ioctl
+	(subpath "/private/var/wireless")
+	(regex #"^/dev/dlci[.]spi-baseband[.]")
+	(regex #"^/dev/bbcdc[.]")
+	(literal "/dev/uart.debug.log")
+	(literal "/dev/uart.umts")
+	(literal "/dev/cu.debug")
+	(literal "/dev/ptmx")
+	(literal "/dev/uart.debug")
+	(literal "/dev/mux.log")
+	(literal "/dev/mux.spi-baseband")
+	(literal "/dev/uart.log")
+	(literal "/dev/dtracehelper")
+	(literal "/dev/aes_0"))
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(subpath "/private/var/wireless/Library/Caches/com.apple.coretelephony")
+		(extension-class "com.apple.nsurlstorage.extension-cache"))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(subpath "/private/var/wireless/Library/Caches/CommCenterClassic")
+		(extension-class "com.apple.nsurlstorage.extension-cache"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/System/Library")
+	(literal "/dev/urandom")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileSMS.plist")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(subpath "/private/var/logs/WirelessLibraryLogs")
+	(subpath-prefix "${FRONT_USER_HOME}/Library/LASD")
+	(regex #"^/dev/bbcdc[.]")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.commcenter.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.carrier.plist")
+	(literal "/dev/mux.spi-baseband")
+	(literal "/dev/zero")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(regex #"^/dev/dlci[.]spi-baseband[.]")
+	(literal "/dev/uart.debug")
+	(literal-prefix "${FRONT_USER_HOME}/Library/SyncedPreferences/com.apple.coretelephony.plist")
+	(literal "/dev/ptmx")
+	(literal "/dev/cu.debug")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.apsalerts.plist")
+	(subpath "/private/var/db/timezone")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.operator.plist")
+	(literal "/dev/uart.debug.log")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.tethering_override.plist")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+	(literal "/dev/aes_0")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.persistentconnection.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.videoconference_override.plist")
+	(regex #"^/private/var/tmp/CSI[.]scratch")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(extension "com.apple.sandbox.executable")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.locationd.plist")
+	(literal "/private/var/preferences/AeneasCustomFlags.plist")
+	(subpath "/Developer")
+	(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+	(literal "/dev/uart.umts")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.cellulardataplan.plist")
+	(literal "/dev/mux.log")
+	(literal "/dev/uart.log")
+	(literal "/dev/dtracehelper")
+	(subpath-prefix "${FRONT_USER_HOME}/Library/Carrier Bundles")
+	(literal "/dev")
+	(literal "/dev/random")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iqagent.plist")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/CommCenter" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/CommCenter" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/CommCenter")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/CallHistory/call_history[.]db$" #"^/private/var/mobile/Library/Voicemail/voicemail[.]db$" #"^/private/var/euser[0-9]+/Library/(CallHistory/call_history|Voicemail/voicemail)[.]db$")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]coretelephony" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]coretelephony" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]coretelephony")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(require-not (vnode-type BLOCK-DEVICE))
+		(require-not (vnode-type CHARACTER-DEVICE))
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-not (regex #"^/private/var/mobile" #"^/private/var/euser[0-9]+"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-metadata)
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/private/var/preferences/SystemConfiguration/preferences.plist-lock")
+	(literal "/private/var/CommCenter/spool/loading")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal "/dev/uart.log")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+	(subpath "/private/var/logs/WirelessLibraryLogs")
+	(literal "/dev/mux.log")
+	(regex #"^/dev/bbcdc[.]")
+	(regex #"^/private/var/logs/CoreTelephonyTrace$" #"^/private/var/logs/CoreTelephonyTrace/log-bb-$" #"^/private/var/logs/CoreTelephonyTrace/log-bb-.+$")
+	(literal "/dev/cu.debug")
+	(regex #"^/private/var/tmp/CSI[.]scratch")
+	(literal "/private/var/logs/CoreTelephonyTraceScratch")
+	(regex #"^/private/var/preferences/csidata$" #"^/private/var/preferences/csidata[.]tmp$")
+	(literal "/private/var/logs/log-bb-live-stats.txt")
+	(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+	(literal "/private/var/preferences/AeneasCustomFlags.plist")
+	(literal "/dev/mux.spi-baseband")
+	(literal "/dev/uart.umts")
+	(literal "/dev/uart.debug.log")
+	(regex #"^/dev/dlci[.]spi-baseband[.]")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+	(subpath "/private/var/wireless")
+	(literal "/dev/uart.debug")
+	(regex #"^/private/var/preferences/SystemConfiguration/OSThermalStatus[.]plist$" #"^/private/var/preferences/SystemConfiguration/OSThermalStatus[.]plist-lock$" #"^/private/var/preferences/SystemConfiguration/OSThermalStatus[.]plist-new$")
+	(subpath "/private/var/tmp")
+	(regex #"^/private/var/logs/CrashReporter/Baseband/log-bb-$" #"^/private/var/logs/CrashReporter/Baseband/log-bb-.+$")
+	(subpath-prefix "${FRONT_USER_HOME}/Library/LASD")
+	(require-all
+		(regex #"^/private/var/mobile/Library/CallHistory/call_history[.]db$" #"^/private/var/mobile/Library/Voicemail/voicemail[.]db$" #"^/private/var/euser[0-9]+/Library/(CallHistory/call_history|Voicemail/voicemail)[.]db$")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(require-not (vnode-type BLOCK-DEVICE))
+		(require-not (vnode-type CHARACTER-DEVICE))
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/CommCenter" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/CommCenter" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/CommCenter")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]coretelephony" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]coretelephony" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]coretelephony")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-write-create
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type DIRECTORY)
+				(require-any
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.private.safe-move.send")))))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.commcenter.plist")
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-owner
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.commcenter.plist"))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open)
+(allow iokit-set-properties)
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup)
+(allow mach-register
+	(global-name "com.apple.CommCenter.lasd")
+	(global-name-regex #"^com[.]apple[.]CoreTelephony[.]LogChannel[.]$" #"^com[.]apple[.]CoreTelephony[.]LogChannel[.][-0-9A-F]+$")
+	(require-all
+		(extension "com.apple.security.exception.mach-register.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(extension "com.apple.security.exception.mach-register.global-name")
+		(global-name-regex #".+")))
+(allow network-inbound
+	(local ip "*:*")
+	(require-all
+		(socket-domain AF_SYSTEM)
+		(socket-protocol 1)))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.apsalerts")
+	(preference-domain "com.apple.persistentconnection")
+	(preference-domain "com.apple.locationd")
+	(preference-domain "com.apple.MobileSMS")
+	(preference-domain "com.apple.iqagent")
+	(preference-domain "com.apple.GEO")
+	(preference-domain "com.apple.operator")
+	(preference-domain "com.apple.tethering_override")
+	(preference-domain "com.apple.carrier")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.videoconference_override")
+	(preference-domain "com.apple.commcenter")
+	(preference-domain "com.apple.cellulardataplan")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
+(allow system-socket
+	(socket-domain AF_ROUTE)
+	(require-all
+		(socket-domain AF_SYSTEM)
+		(socket-protocol 2))
+	(require-all
+		(socket-domain AF_SYSTEM)
+		(socket-protocol 1)))
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/CommCenter.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/CommCenter.sb.xml
new file mode 100644
index 00000000..f81f602e
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/CommCenter.sb.xml
@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="file-read-metadata" action="allow" />
+	<operation name="iokit-open" action="allow" />
+	<operation name="iokit-set-properties" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="mach-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/DataActivation.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/DataActivation.sb
new file mode 100644
index 00000000..377d218a
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/DataActivation.sb
@@ -0,0 +1,860 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(extension-class "com.apple.quicklook.readonly")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Caches/com.apple.WebAppCache")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(subpath-prefix "${HOME}/Media/MediaAnalysis")
+		(require-any
+			(extension-class "com.apple.mediaserverd.read-write")
+			(extension-class "com.apple.mediaserverd.read")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(require-all
+				(subpath-prefix "${HOME}/Library/OnDemandResources/AssetPacks")
+				(extension "com.apple.odr-assets"))
+			(require-all
+				(subpath "/private/var/containers/Data/System/com.apple.ondemandd/Library/AssetPacks")
+				(extension "com.apple.odr-assets"))))
+	(require-all
+		(subpath "/private/var/MobileAsset")
+		(extension "com.apple.assets.read")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(subpath-prefix "${HOME}/Media/Photos")
+		(require-any
+			(extension-class "com.apple.mediaserverd.read-write")
+			(extension-class "com.apple.mediaserverd.read")))
+	(require-all
+		(subpath-prefix "${HOME}/Media/Debug")
+		(require-any
+			(extension-class "com.apple.mediaserverd.read-write")
+			(extension-class "com.apple.mediaserverd.read")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(subpath-prefix "${HOME}/Media/Photos")
+			(subpath-prefix "${HOME}/Media/PhotoData")
+			(subpath-prefix "${HOME}/Media/MediaAnalysis")
+			(subpath-prefix "${HOME}/Media/Debug")
+			(subpath-prefix "${HOME}/Media/Memories")
+			(subpath-prefix "${HOME}/Media/DCIM")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Media/PhotoStreamsData"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(subpath-prefix "${HOME}/Media/PhotoData")
+		(require-any
+			(extension-class "com.apple.mediaserverd.read-write")
+			(extension-class "com.apple.mediaserverd.read")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]DataActivation/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]DataActivation$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]DataActivation/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]DataActivation$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]DataActivation/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]DataActivation$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]DataActivation/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]DataActivation$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(subpath-prefix "${HOME}/Media"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(subpath-prefix "${HOME}/Media/PhotoStreamsData")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(require-all
+				(subpath-prefix "${HOME}/Library/OnDemandResources/AssetPacks")
+				(extension "com.apple.odr-assets"))
+			(require-all
+				(subpath "/private/var/containers/Data/System/com.apple.ondemandd/Library/AssetPacks")
+				(extension "com.apple.odr-assets"))))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(subpath-prefix "${HOME}/Media/Memories")
+		(require-any
+			(extension-class "com.apple.mediaserverd.read-write")
+			(extension-class "com.apple.mediaserverd.read")))
+	(require-all
+		(subpath "/private/var/tmp/MediaCache")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(subpath "/private/var/tmp")
+		(require-any
+			(extension-class "com.apple.app-sandbox.read")
+			(extension-class "com.apple.app-sandbox.read-write")
+			(extension-class "com.apple.mediaserverd.read-write")))
+	(require-all
+		(subpath-prefix "${HOME}/Media/DCIM")
+		(require-any
+			(extension-class "com.apple.mediaserverd.read-write")
+			(extension-class "com.apple.mediaserverd.read")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(subpath-prefix "${HOME}/Media/Photos")
+			(subpath-prefix "${HOME}/Media/PhotoData")
+			(subpath-prefix "${HOME}/Media/MediaAnalysis")
+			(subpath-prefix "${HOME}/Media/Debug")
+			(subpath-prefix "${HOME}/Media/Memories")
+			(subpath-prefix "${HOME}/Media/DCIM")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Assets")
+		(extension "com.apple.assets.read")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(extension "com.apple.librarian.ubiquity-container")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Caches/WebClips")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]DataActivation/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]DataActivation$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]DataActivation/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]DataActivation$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-link
+	(require-not (subpath-prefix "${HOME}/Media"))
+	(require-entitlement "platform-application"))
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(subpath-prefix "${HOME}/Media/MediaAnalysis")
+	(subpath "/System/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iokit.IOMobileGraphicsFamily.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist")
+	(literal-prefix "${HOME}/Media/Vibrations/UserGeneratedVibrationPatterns.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.youtube.dp.plist")
+	(subpath-prefix "${HOME}/Media/Debug")
+	(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/Ringtones.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+	(literal-prefix "${HOME}/Library/Preferences/com.apple.dataaccess.launchd")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.keyboard.plist")
+	(literal-prefix "${HOME}/Library/Preferences/.dat")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.accounts.exists.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Sharing.plist")
+	(subpath-prefix "${HOME}/Media/DCIM")
+	(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+	(subpath "/Library/Dictionaries")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.WebAppCache")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.VoiceOverTouch.plist")
+	(literal-prefix "${HOME}/Library/Caches/Checkpoint.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebKit.plist")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.IconsCache")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AOSNotification.public.notbackedup.plist")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.keyboards")
+	(subpath-prefix "${HOME}/Media/Purchases")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+	(subpath "/AppleInternal/Library/Safari")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.preferences.sounds.plist")
+	(literal-prefix "${HOME}/Media/com.apple.itdbprep.postprocess.lock")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Accessibility.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.SpeakSelection.plist")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.linkedin.plist")
+	(literal-prefix "${HOME}/Library/Caches/Snapshots/com.apple.webapp-")
+	(subpath-prefix "${HOME}/Library/Fonts")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataActivation.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Preferences.plist")
+	(literal-prefix "${HOME}/Library/Caches/DateFormats.plist")
+	(extension "com.apple.sandbox.executable")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobilecal.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoRegistry.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.twitter.plist")
+	(subpath-prefix "${HOME}/Library/Assets/com_apple_MobileAsset_VoiceServicesVocalizerVoice")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.camera.plist")
+	(literal "/com.apple.xpc.launchd.bootstrap.plist")
+	(subpath "/private/var/db/timezone")
+	(subpath-prefix "${HOME}/Media/iTunes_Control/Ringtones")
+	(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MapKit.internal.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreMotion.plist")
+	(subpath-prefix "${HOME}/Library/WebClips")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.pairedsync.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.UIKit.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.youtubeframework.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.support.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mt.plist")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.facebook.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.EmojiPreferences.plist")
+	(subpath "/AppleInternal/Library/Frameworks/RadarCompose.framework")
+	(subpath-prefix "${HOME}/Media/Photos")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreanimation.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.da.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.itunesstored/url-resolution.plist")
+	(subpath-prefix "${HOME}/Media/PhotoData")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(extension "com.apple.app-sandbox.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.nanoprefsyncd.plist")
+	(subpath-prefix "${HOME}/Library/VoiceServices/Assets")
+	(subpath-prefix "${HOME}/Library/Dictionaries")
+	(subpath-prefix "${HOME}/Library/Caches/Safari")
+	(literal-prefix-regex "${HOME}/Library/Preferences/com[.]apple[.]DataActivation.plist")
+	(subpath "/Applications/DataActivation.app")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iapd.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.telephonyutilities.dialassist.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobilesafari.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.voiceservices.plist")
+	(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+	(subpath-prefix "${HOME}/Library/Caches/Snapshots/com.apple.webapp")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataAccess.BehaviorOptions.plist")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+	(subpath-prefix "${HOME}/Media/Memories")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.videos.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileAsset.plist")
+	(subpath "/Developer")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.UIStatusBar")
+	(subpath "/Library/Ringtones")
+	(subpath-prefix "${HOME}/Library/Safari")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.public.plist")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.radios.plist")
+	(subpath "/Applications/MobileSafari.app")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileslideshow.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.InputModePreferences.plist")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.aggregated.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.springboard.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebUI.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaremote.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath-prefix "${HOME}/Media/PhotoStreamsData")
+	(subpath "/usr/share")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.mobilegestalt.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+	(subpath-prefix "${HOME}/Library/WebKit")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.sinaweibo.plist")
+	(literal-prefix "${HOME}/Library/Keyboard/LocalDictionary")
+	(subpath-prefix "${HOME}/Media/Safari")
+	(extension "com.apple.app-sandbox.read")
+	(require-all
+		(regex #"^/private/var/mobile/Documents/com[.]apple[.]DataActivation[.]settings$" #"^/private/var/mobile/Documents/com[.]apple[.]DataActivation[.]settings/" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.]DataActivation[.]settings$" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.]DataActivation[.]settings/")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Application Support/CloudDocs/session/r")
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.clouddocs.version"))
+	(require-all
+		(subpath "/private/var/MobileAsset")
+		(extension "com.apple.assets.read"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]DataActivation-" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]DataActivation/" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]DataActivation$" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]DataActivation-" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]DataActivation/" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]DataActivation$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]DataActivation/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]DataActivation$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]DataActivation/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]DataActivation$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Assets")
+		(extension "com.apple.assets.read"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Application Support/Ubiquity/genstore")
+		(extension "com.apple.librarian.ubiquity-revision"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/SyncedPreferences/com[.]apple[.]DataActivation[.]plist" #"^/private/var/mobile/Library/SyncedPreferences/com[.]apple[.]DataActivation-.+[.]plist" #"^/private/var/euser[0-9]+/Library/SyncedPreferences/com[.]apple[.]DataActivation-.*[.]plist")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+		(extension "com.apple.revisiond.revision"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle$" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/Info[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/Info[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[.]lproj$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[.]lproj$" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[^/]+[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[^/]+[.]lproj$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[^/]+[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[^/]+[.]lproj$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]bundle$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]bundle/Info[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/((.*[.]bundle/|[.]bundle/[^/]+)|.+[.]bundle/[^/]+)[.]lproj/" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/((.*[.]bundle/|[.]bundle/[^/]+)|.+[.]bundle/[^/]+)[.]lproj$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath "/private/var/containers/Data/System/com.apple.ondemandd/Library/AssetPacks")
+		(extension "com.apple.odr-assets"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]DataActivation/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]DataActivation$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]DataActivation/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]DataActivation$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]ToneLibrary$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]ToneLibrary$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]DataActivation[.]savedState/" #"^/private/var/euser[0-9]+/Library/Saved Application State/com[.]apple[.]DataActivation[.]savedState/")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type SYMLINK)
+		(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+		(extension "com.apple.revisiond.revision"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/OnDemandResources/AssetPacks")
+		(extension "com.apple.odr-assets"))
+	(require-all
+		(require-not (subpath-prefix "${HOME}/Library/FairPlay"))
+		(require-not (literal "/usr/sbin/fairplayd"))
+		(require-not (subpath-prefix "${HOME}/Media"))
+		(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.mobilemail.plist"))
+		(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.OTASyncAgent.plist"))
+		(require-any
+			(literal "/dev/random")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+			(literal "/dev/urandom")
+			(literal "/dev/ptmx")
+			(literal "/dev/aes_0")
+			(literal "/dev/dtracehelper")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+			(require-all
+				(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(vnode-type TTY)
+				(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+			(require-all
+				(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+				(extension "com.apple.sandbox.pty"))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(vnode-type BLOCK-DEVICE)
+				(vnode-type CHARACTER-DEVICE)
+				(require-any
+					(literal "/private/etc/hosts")
+					(literal "/private/etc/group")
+					(literal "/private/etc/passwd")
+					(literal "/")
+					(literal "/private/etc/protocols")
+					(literal "/private/etc/services")
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+						(require-entitlement "com.apple.coreduetd.people"))))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+			(require-all
+				(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+				(subpath-prefix "${FRONT_USER_HOME}"))))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/[.]GlobalPreferences$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/[.]GlobalPreferences$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+		(extension "com.apple.revisiond.revision"))
+	(require-all
+		(vnode-type SYMLINK)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]DataActivation/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]DataActivation$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]DataActivation/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]DataActivation$")
+		(subpath-prefix "${HOME}")))
+(allow file-read-metadata)
+(allow file-read-xattr
+	(literal-prefix "${HOME}/Library/Caches"))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath-prefix "${HOME}/Library/WebKit")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(subpath-prefix "${HOME}/Library/Safari")
+	(literal-prefix "${HOME}/Library/Caches/Snapshots/com.apple.webapp-")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobilesafari.plist")
+	(literal-prefix "${HOME}/Library/Preferences/.dat")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.youtubeframework.plist")
+	(literal-prefix "${HOME}/Media/com.apple.itdbprep.postprocess.lock")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.youtube.dp.plist")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.WebAppCache")
+	(subpath-prefix "${HOME}/Library/Caches/Safari")
+	(subpath "/private/var/tmp/MediaCache")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataActivation.plist")
+	(subpath-prefix "${HOME}/Library/Caches/Snapshots/com.apple.webapp")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(subpath-prefix "${HOME}/Library/WebClips")
+	(subpath-prefix "${HOME}/Media/Safari")
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.springboard.plist"))
+		(require-not (literal-prefix "${HOME}/Library/Caches/DateFormats.plist"))
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.EmojiPreferences.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Preferences.plist")
+			(subpath-prefix "${HOME}/Media/MediaAnalysis")
+			(subpath-prefix "${HOME}/Media/Memories")
+			(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+			(subpath-prefix "${HOME}/Media/Debug")
+			(subpath-prefix "${HOME}/Media/Photos")
+			(literal-prefix "${HOME}/Library/Preferences/com.apple.dataaccess.launchd")
+			(subpath-prefix "${HOME}/Media/PhotoData")
+			(extension "com.apple.app-sandbox.read-write")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.public.plist")
+			(literal-prefix-regex "${HOME}/Library/Preferences/com[.]apple[.]DataActivation.plist")
+			(subpath-prefix "${HOME}/Media/DCIM")
+			(subpath-prefix "${HOME}/Library/Caches/com.apple.keyboards")
+			(subpath "/private/var/tmp")
+			(literal-prefix "${HOME}/Library/Keyboard/LocalDictionary")
+			(require-all
+				(require-not (subpath-prefix "${HOME}/Media"))
+				(require-not (literal-prefix "${HOME}/Library/Mail/AutoFetchEnabled"))
+				(require-any
+					(require-all
+						(extension "com.apple.sandbox.system-container")
+						(require-entitlement "com.apple.security.system-container"))
+					(require-all
+						(extension "com.apple.sandbox.system-group")
+						(require-any
+							(require-entitlement "com.apple.security.system-groups")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+							(require-entitlement "com.apple.security.system-group-containers")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+					(require-all
+						(vnode-type BLOCK-DEVICE)
+						(vnode-type CHARACTER-DEVICE)
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+						(require-entitlement "com.apple.coreduetd.people"))))
+			(require-all
+				(subpath-prefix "${HOME}/Library/Mobile Documents")
+				(require-any
+					(extension "com.apple.librarian.ubiquity-container")
+					(require-entitlement "com.apple.private.librarian.container-proxy")))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]DataActivation-" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]DataActivation/" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]DataActivation$" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]DataActivation-" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]DataActivation/" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]DataActivation$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]DataActivation/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]DataActivation$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]DataActivation/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]DataActivation$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]DataActivation[.]savedState/" #"^/private/var/euser[0-9]+/Library/Saved Application State/com[.]apple[.]DataActivation[.]savedState/")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(vnode-type SYMLINK)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]DataActivation/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]DataActivation$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]DataActivation/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]DataActivation$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Documents/com[.]apple[.]DataActivation[.]settings$" #"^/private/var/mobile/Documents/com[.]apple[.]DataActivation[.]settings/" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.]DataActivation[.]settings$" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.]DataActivation[.]settings/")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]DataActivation/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]DataActivation$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]DataActivation/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]DataActivation$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging")))))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.Accessibility.plist"))
+				(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.UIKit.plist"))
+				(require-any
+					(require-all
+						(vnode-type DIRECTORY)
+						(literal-prefix "${HOME}/Library/Caches/Snapshots"))
+					(require-all
+						(vnode-type REGULAR-FILE)
+						(extension "com.apple.private.safe-move.send"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(require-any
+							(literal-prefix "${HOME}/Media/MediaAnalysis")
+							(literal-prefix "${HOME}/Media/Memories")))
+					(require-all
+						(vnode-type DIRECTORY)
+						(literal-prefix "${HOME}/Library/Saved Application State"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(literal-prefix "${HOME}/Library/Caches"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(regex #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]DataActivation[.]savedState" #"^/private/var/euser[0-9]+/Library/Saved Application State/com[.]apple[.]DataActivation[.]savedState")
+						(subpath-prefix "${HOME}"))))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches/com.apple.DictionaryServices")))))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open
+	(extension "com.apple.security.exception.iokit-user-client-class")
+	(iokit-user-client-class "AppleKeyStoreUserClient")
+	(iokit-user-client-class "IOAccelSharedUserClient2")
+	(iokit-user-client-class "IOSurfaceSendRight")
+	(iokit-user-client-class "IOAccelSharedUserClient")
+	(iokit-user-client-class "IOAccelDevice2")
+	(iokit-user-client-class "IOSurfaceAcceleratorClient")
+	(iokit-user-client-class "IOAccelDevice")
+	(iokit-user-client-class "IOMobileFramebufferUserClient")
+	(iokit-user-client-class "IOSurfaceRootUserClient")
+	(iokit-user-client-class "IOAccelSubmitter2")
+	(iokit-user-client-class "AppleJPEGDriverUserClient")
+	(iokit-user-client-class "IOAccelContext2")
+	(iokit-user-client-class "IOAccelContext")
+	(iokit-user-client-class "AppleMobileFileIntegrityUserClient"))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup)
+(allow network-outbound
+	(require-all
+		(require-not (regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
+		(require-any
+			(literal "/private/var/run/asl_input")
+			(remote tcp "*:*")
+			(literal "/private/var/run/lockdown.sock")
+			(literal "/private/var/run/mDNSResponder")
+			(control-name "com.apple.netsrc")
+			(literal "/private/var/run/printd")
+			(control-name "com.apple.network.statistics")
+			(literal "/private/var/run/syslog"))))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(preference-domain "com.apple.NanoRegistry")
+	(preference-domain "com.apple.demo-settings")
+	(preference-domain "com.apple.DataActivation")
+	(preference-domain "com.apple.UIKit")
+	(preference-domain "com.apple.mobileipod")
+	(preference-domain "com.apple.avfoundation")
+	(preference-domain "com.apple.mobilesafari")
+	(preference-domain "com.apple.coreaudio")
+	(preference-domain "com.apple.youtube.dp")
+	(preference-domain "com.apple.keyboard")
+	(preference-domain "com.apple.mt")
+	(preference-domain "com.apple.aggregated")
+	(preference-domain "com.apple.Sharing")
+	(preference-domain "com.apple.corevideo")
+	(preference-domain "com.apple.MapKit.internal")
+	(preference-domain "com.apple.voiceservices")
+	(preference-domain "com.apple.logging")
+	(preference-domain "com.apple.WebKit")
+	(preference-domain "com.apple.mediaaccessibility")
+	(preference-domain "com.apple.telephonyutilities.dialassist")
+	(preference-domain "com.apple.mediaremote")
+	(preference-domain "com.apple.SpeakSelection")
+	(preference-domain "com.apple.youtubeframework")
+	(preference-domain ".GlobalPreferences")
+	(preference-domain "com.apple.CoreMotion")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "com.apple.mobilecal")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.coreanimation")
+	(preference-domain "com.apple.iapd")
+	(preference-domain "com.apple.da")
+	(preference-domain "com.apple.pairedsync")
+	(preference-domain "com.apple.iokit.IOMobileGraphicsFamily")
+	(preference-domain "com.apple.MobileAsset")
+	(preference-domain "com.apple.WebUI")
+	(preference-domain "com.apple.carrier")
+	(preference-domain "com.apple.springboard")
+	(preference-domain "com.apple.DataAccess.BehaviorOptions")
+	(preference-domain "com.apple.assistant.support")
+	(preference-domain "com.apple.assistant")
+	(preference-domain "com.apple.coremedia")
+	(preference-domain "com.apple.InputModePreferences")
+	(preference-domain "com.apple.mobileslideshow")
+	(preference-domain "com.apple.preferences.sounds")
+	(preference-domain "com.apple.mediaaccessibility.public")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.videos")
+	(preference-domain "com.apple.AOSNotification.public.notbackedup")
+	(preference-domain "com.apple.camera")
+	(preference-domain "com.apple.marco")
+	(preference-domain "com.apple.nanoprefsyncd")
+	(preference-domain "com.apple.itunesstored")
+	(preference-domain "com.apple.EmojiPreferences")
+	(preference-domain "com.apple.VoiceOverTouch")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.Preferences")
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.Accessibility")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.DataActivation")
+	(preference-domain "com.apple.Preferences")
+	(preference-domain "com.apple.youtube.dp")
+	(preference-domain "com.apple.mobilesafari")
+	(preference-domain "com.apple.youtubeframework")
+	(preference-domain "com.apple.EmojiPreferences")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "com.apple.mediaaccessibility.public"))
+(allow process-exec*
+	(literal "/Applications/MobileSafari.app/MobileSafari")
+	(literal "/Applications/DataActivation.app/DataActivation"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/DataActivation.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/DataActivation.sb.xml
new file mode 100644
index 00000000..31b4e67c
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/DataActivation.sb.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="file-read-metadata" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="mach-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/EscrowSecurityAlert.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/EscrowSecurityAlert.sb
new file mode 100644
index 00000000..2e35458f
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/EscrowSecurityAlert.sb
@@ -0,0 +1,238 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal "/dev/random")
+	(subpath "/Developer")
+	(literal "/dev/urandom")
+	(literal "/dev/ptmx")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/System/Library")
+	(literal "/dev/aes_0")
+	(literal "/dev/dtracehelper")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.sandbox.executable")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal "/dev/zero")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(subpath "/usr/share")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(subpath "/private/var/db/timezone")
+	(subpath-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/CloudServices")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal "/private/var/run/syslog")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/CloudServices")
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.SBUserNotification")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.lsd.icons")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/EscrowSecurityAlert.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/EscrowSecurityAlert.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/EscrowSecurityAlert.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/IDSCredentialsAgent.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/IDSCredentialsAgent.sb
new file mode 100644
index 00000000..973cfd18
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/IDSCredentialsAgent.sb
@@ -0,0 +1,305 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/System/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.conference.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal "/dev/dtracehelper")
+	(literal "/dev/zero")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal "/dev/random")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ids.plist")
+	(subpath "/private/var/db/timezone")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ids.IDSCredentialsAgent.plist")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/dev/urandom")
+	(literal "/dev/aes_0")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(extension "com.apple.sandbox.executable")
+	(literal "/dev/ptmx")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(vnode-type DIRECTORY)
+	(literal-prefix "${HOME}/Library/PPTDevice")
+	(vnode-type SYMLINK)
+	(literal "/private/var/run/syslog")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ids.IDSCredentialsAgent.plist")
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-write-create
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.marco")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.wifi.manager")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.identityservicesd.embedded.auth")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.lsd.mapdb")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "platform-application")))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "platform-application")))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private")))
+(allow network-outbound
+	(require-all
+		(require-not (regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
+		(require-any
+			(remote tcp "*:*")
+			(literal "/private/var/run/mDNSResponder")
+			(control-name "com.apple.netsrc")
+			(control-name "com.apple.network.statistics")
+			(literal "/private/var/run/syslog"))))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.ids")
+	(preference-domain "com.apple.conference")
+	(preference-domain "com.apple.ids.IDSCredentialsAgent")
+	(preference-domain "com.apple.marco")
+	(preference-domain "com.apple.logging")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.ids.IDSCredentialsAgent"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/IDSCredentialsAgent.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/IDSCredentialsAgent.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/IDSCredentialsAgent.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/IDSRemoteURLConnectionAgent.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/IDSRemoteURLConnectionAgent.sb
new file mode 100644
index 00000000..237fc874
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/IDSRemoteURLConnectionAgent.sb
@@ -0,0 +1,495 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.conference.plist")
+	(subpath "/System/Library")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal "/dev/dtracehelper")
+	(literal "/dev/zero")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.facetime.bag.plist")
+	(literal "/dev/random")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(subpath "/private/var/db/timezone")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/dev/urandom")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal "/dev/aes_0")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.imessage.bag.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.persistentconnection.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(extension "com.apple.sandbox.executable")
+	(literal "/dev/ptmx")
+	(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.idsfoundation.IDSRemoteURLConnectionAgent.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal "/private/var")
+	(subpath "/usr/lib")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ids.plist")
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${HOME}/Library/PPTDevice")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal "/private/var/run/syslog")
+	(literal-prefix "${HOME}/Library/Caches")
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.idsfoundation.IDSRemoteURLConnectionAgent.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.facetime.bag.plist")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.imessage.bag.plist")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]idsfoundation[.]IDSRemoteURLConnectionAgent$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-write-create
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type DIRECTORY)
+				(require-any
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.private.safe-move.send"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches")))))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.marco")
+	(global-name "com.apple.powerlog.plxpclogger.xpc")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.apsd")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.wifi.manager")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.identityservicesd.embedded.auth")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.idsremoteurlconnectionagent.embedded.auth")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.lsd.mapdb")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "platform-application")))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "platform-application")))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.ids")
+	(preference-domain "com.apple.idsfoundation.IDSRemoteURLConnectionAgent")
+	(preference-domain "com.apple.conference")
+	(preference-domain "com.apple.persistentconnection")
+	(preference-domain "com.apple.marco")
+	(preference-domain "com.apple.logging")
+	(preference-domain "com.apple.facetime.bag")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.imessage.bag")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.facetime.bag")
+	(preference-domain "com.apple.idsfoundation.IDSRemoteURLConnectionAgent")
+	(preference-domain "com.apple.imessage.bag"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/IDSRemoteURLConnectionAgent.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/IDSRemoteURLConnectionAgent.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/IDSRemoteURLConnectionAgent.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/IMDPersistenceAgent.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/IMDPersistenceAgent.sb
new file mode 100644
index 00000000..f018d1e1
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/IMDPersistenceAgent.sb
@@ -0,0 +1,305 @@
+(version 1)
+(deny default)
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.conference.plist")
+	(subpath "/System/Library")
+	(literal "/dev/urandom")
+	(literal-prefix "${HOME}/Library/PPTDevice")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.public.notbackedup.plist")
+	(literal "/dev/zero")
+	(subpath "/usr/share")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal "/dev/random")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.imdsmsrecordstore.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.postwipe.plist")
+	(subpath "/private/var/db/timezone")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath-prefix "${HOME}/Library/Logs/SMSMigrator")
+	(literal "/dev/aes_0")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AOSNotification.public.notbackedup.plist")
+	(extension "com.apple.sandbox.executable")
+	(literal "/dev/ptmx")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/private/var/tmp")
+	(subpath-prefix "${HOME}/Library/SMS")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.message.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreDuet.plist")
+	(literal "/dev/dtracehelper")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.MobileSMS")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(subpath-prefix "${HOME}/Library/AddressBook")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataMigration.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ids.plist")
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(subpath-prefix "${HOME}/Library/AddressBook")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath-prefix "${HOME}/Library/Logs/SMSMigrator")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.MobileSMS")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.imdsmsrecordstore.plist")
+	(subpath "/private/var/tmp")
+	(subpath-prefix "${HOME}/Library/AddressBook")
+	(subpath-prefix "${HOME}/Library/SMS")
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/AddressBook")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people")))
+(allow file-write-create
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open
+	(extension "com.apple.security.exception.iokit-user-client-class")
+	(iokit-user-client-class "RootDomainUserClient")
+	(iokit-user-client-class "AppleMobileFileIntegrityUserClient")
+	(iokit-user-client-class "AppleKeyStoreUserClient"))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.search.appindexer")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.powerlog.plxpclogger.xpc")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.ABDatabaseDoctor")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.searchd")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.marco")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.telephonyutilities.callservicesdaemon.callcapabilities")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.PowerManagement.control")
+	(global-name "com.apple.identityservicesd.idquery.embedded.auth")
+	(global-name "com.apple.spotlight.IndexAgent")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.corerecents.recentsd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.cmfsyncagent.embedded.auth")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.lsd.icons")
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.conference")
+	(preference-domain "com.apple.imdsmsrecordstore")
+	(preference-domain "com.apple.message")
+	(preference-domain "com.apple.ids")
+	(preference-domain "com.apple.logging")
+	(preference-domain "com.apple.icloud.findmydeviced.public.notbackedup")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.CoreDuet")
+	(preference-domain "com.apple.icloud.findmydeviced.postwipe")
+	(preference-domain "com.apple.AOSNotification.public.notbackedup")
+	(preference-domain "com.apple.DataMigration")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.imdsmsrecordstore")
+	(preference-domain "com.apple.PeoplePicker"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/IMDPersistenceAgent.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/IMDPersistenceAgent.sb.xml
new file mode 100644
index 00000000..c9d99090
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/IMDPersistenceAgent.sb.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/IMRemoteURLConnectionAgent.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/IMRemoteURLConnectionAgent.sb
new file mode 100644
index 00000000..8f38c475
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/IMRemoteURLConnectionAgent.sb
@@ -0,0 +1,493 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.conference.plist")
+	(literal-prefix "${HOME}/Library/Logs/awd/awd-IMRemoteURLConnectionAgent.log")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal "/dev/dtracehelper")
+	(literal "/dev/zero")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(literal "/dev/random")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ids.plist")
+	(subpath "/System/Library")
+	(subpath "/private/var/db/timezone")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/dev/urandom")
+	(literal "/dev/aes_0")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.persistentconnection.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(extension "com.apple.sandbox.executable")
+	(literal "/dev/ptmx")
+	(subpath "/Developer")
+	(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.imfoundation.IMRemoteURLConnectionAgent.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/IMRemoteURLConnectionAgent" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/IMRemoteURLConnectionAgent" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/IMRemoteURLConnectionAgent")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${HOME}/Library/PPTDevice")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")
+	(vnode-type SYMLINK)
+	(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(literal-prefix "${HOME}/Library/Caches")
+	(literal-prefix "${HOME}/Library/Logs/awd")
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/awd"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection"))))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.imfoundation.IMRemoteURLConnectionAgent.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+	(literal-prefix "${HOME}/Library/Logs/awd/awd-IMRemoteURLConnectionAgent.log")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/IMRemoteURLConnectionAgent" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/IMRemoteURLConnectionAgent" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/IMRemoteURLConnectionAgent")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]imfoundation[.]IMRemoteURLConnectionAgent$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-write-create
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Logs/awd"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.private.safe-move.send"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(require-any
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches")))))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.marco")
+	(global-name "com.apple.powerlog.plxpclogger.xpc")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.apsd")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.wifi.manager")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.identityservicesd.embedded.auth")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.lsd.mapdb")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.awdd")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "platform-application")))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "platform-application")))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.ids")
+	(preference-domain "com.apple.logging")
+	(preference-domain "com.apple.persistentconnection")
+	(preference-domain "com.apple.marco")
+	(preference-domain "com.apple.imfoundation.IMRemoteURLConnectionAgent")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.conference")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.imfoundation.IMRemoteURLConnectionAgent"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/IMRemoteURLConnectionAgent.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/IMRemoteURLConnectionAgent.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/IMRemoteURLConnectionAgent.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/IMTranscoderAgent.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/IMTranscoderAgent.sb
new file mode 100644
index 00000000..b1c4ca76
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/IMTranscoderAgent.sb
@@ -0,0 +1,617 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(subpath "/private/var/tmp")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(subpath-prefix "${HOME}/Media")
+		(extension "com.apple.avasset.read-only")
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-only")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-only")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write"))))
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/System/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Accessibility.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileSMS.plist")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+	(literal-prefix "${HOME}/Library/Caches/Checkpoint.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+	(subpath "/private/var/db/timezone")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.imtranscoding.IMTranscoderAgent.plist")
+	(literal "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/EffectiveUserSettings.plist")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(extension "com.apple.sandbox.executable")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mms_override.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileslideshow.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/usr/share")
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(subpath-prefix "${HOME}/Media/PhotoData/Thumbnails")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(subpath-prefix "${HOME}/Media")
+		(extension "com.apple.avasset.read-only")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/EffectiveUserSettings.plist$" #"^/private/var/mobile/Library/UserConfigurationProfiles/EffectiveUserSettings.plist$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/EffectiveUserSettings.plist$")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(subpath-prefix "${HOME}/Media/PhotoData/Metadata")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(subpath-prefix "${HOME}/Media/PhotoData/Sync/FaceAlbumThumbnails")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite-journal")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite-shm")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(require-not (subpath-prefix "${HOME}/Library/FairPlay"))
+		(require-not (literal "/usr/sbin/fairplayd"))
+		(require-not (subpath-prefix "${HOME}/Media"))
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+			(literal "/dev/random")
+			(literal "/dev/urandom")
+			(literal "/dev/ptmx")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iokit.IOMobileGraphicsFamily.plist")
+			(literal "/dev/aes_0")
+			(literal "/dev/dtracehelper")
+			(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+			(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+			(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+			(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+			(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+			(require-all
+				(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+				(extension "com.apple.sandbox.pty"))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+				(subpath-prefix "${FRONT_USER_HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle$" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/Info[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/Info[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[.]lproj$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[.]lproj$" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[^/]+[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[^/]+[.]lproj$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[^/]+[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[^/]+[.]lproj$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]bundle$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]bundle/Info[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/((.*[.]bundle/|[.]bundle/[^/]+)|.+[.]bundle/[^/]+)[.]lproj/" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/((.*[.]bundle/|[.]bundle/[^/]+)|.+[.]bundle/[^/]+)[.]lproj$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type TTY)
+				(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type BLOCK-DEVICE)
+				(vnode-type CHARACTER-DEVICE)
+				(require-any
+					(literal "/private/etc/hosts")
+					(literal "/private/etc/group")
+					(literal "/private/etc/passwd")
+					(literal "/")
+					(literal "/private/etc/protocols")
+					(literal "/private/etc/services")
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+						(require-entitlement "com.apple.coreduetd.people"))))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(literal-prefix "${HOME}/Media/PhotoData/syncInfo.plist")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite-wal")
+		(extension "com.apple.tcc.kTCCServicePhotos")))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles")
+	(literal-prefix "${HOME}/Library/PPTDevice")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal "/private/var/run/syslog")
+	(literal-prefix "${HOME}/Media")
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}/Media/PhotoData")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}/Media/PhotoData/Thumbnails")
+		(extension "com.apple.tcc.kTCCServicePhotos")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.imtranscoding.IMTranscoderAgent.plist")
+	(require-all
+		(subpath-prefix "${HOME}/Media")
+		(require-any
+			(require-all
+				(vnode-type BLOCK-DEVICE)
+				(vnode-type CHARACTER-DEVICE)
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))))
+(allow file-write-create
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open
+	(extension "com.apple.security.exception.iokit-user-client-class")
+	(iokit-user-client-class "AppleJPEGDriverUserClient")
+	(iokit-user-client-class "IOSurfaceRootUserClient")
+	(iokit-user-client-class "IOSurfaceAcceleratorClient")
+	(iokit-user-client-class "AppleKeyStoreUserClient")
+	(iokit-user-client-class "IOMobileFramebufferUserClient")
+	(iokit-user-client-class "AppleMobileFileIntegrityUserClient"))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.itunescloudd.xpc")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.mediaserverd")
+	(global-name "com.apple.coremedia.capturesource")
+	(global-name "com.apple.audio.AudioSession")
+	(global-name "com.apple.pegasus")
+	(global-name "com.apple.springboard.backgroundappservices")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.CARenderServer")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.coremedia.admin")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.coremedia.asset")
+	(global-name "com.apple.coremedia.assetimagegenerator")
+	(global-name "com.apple.marco")
+	(global-name "com.apple.itunesstored.xpc")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.coremedia.videocompositor")
+	(global-name "com.apple.coremedia.capturesession")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.coremedia.recorder")
+	(global-name "com.apple.PersistentURLTranslator.Gatekeeper")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.coremedia.endpoint.xpc")
+	(global-name "com.apple.fig.movie")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.assetsd.changehub")
+	(global-name "com.apple.coremedia.remaker")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.ctkd.token-client")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.coremedia.sandboxserver")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.coremedia.mutablecomposition")
+	(global-name "com.apple.mobilecheckpoint.checkpointd")
+	(require-all
+		(global-name "com.apple.coremedia.videocompositor")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.remaker")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.mediaserverd")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.asset")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.endpoint.xpc")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(global-name "com.apple.itunescloudd.xpc")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.recorder")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.fig.movie")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.sandboxserver")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.springboard.backgroundappservices")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.pegasus")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.audio.AudioSession")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.coremedia.capturesession")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.capturesource")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.assetimagegenerator")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.admin")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.avfoundation")
+	(preference-domain "com.apple.mobileslideshow")
+	(preference-domain "com.apple.iokit.IOMobileGraphicsFamily")
+	(preference-domain "com.apple.corevideo")
+	(preference-domain "com.apple.logging")
+	(preference-domain "com.apple.mobileipod")
+	(preference-domain "com.apple.MobileSMS")
+	(preference-domain "com.apple.coreaudio")
+	(preference-domain "com.apple.itunesstored")
+	(preference-domain "com.apple.carrier")
+	(preference-domain "com.apple.mms_override")
+	(preference-domain "com.apple.imtranscoding.IMTranscoderAgent")
+	(preference-domain "com.apple.coremedia")
+	(preference-domain "com.apple.marco")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.Accessibility")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(preference-domain "com.apple.mobileipod")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.avfoundation")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.coremedia")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.coreaudio")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.itunesstored")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.corevideo")
+		(extension "com.apple.tcc.kTCCServicePhotos")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.imtranscoding.IMTranscoderAgent"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/IMTranscoderAgent.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/IMTranscoderAgent.sb.xml
new file mode 100644
index 00000000..c9d99090
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/IMTranscoderAgent.sb.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/Lowtide.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/Lowtide.sb
new file mode 100644
index 00000000..d4b30c58
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/Lowtide.sb
@@ -0,0 +1,1260 @@
+(version 1)
+(deny default)
+(allow file-ioctl
+	(literal "/dev/random")
+	(literal "/dev/urandom")
+	(literal "/dev/dtracehelper")
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0"))
+(allow file-issue-extension
+	(extension-class "com.apple.quicklook.readonly")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(subpath-prefix "${HOME}/Media/MediaAnalysis")
+		(require-any
+			(extension-class "com.apple.mediaserverd.read-write")
+			(extension-class "com.apple.mediaserverd.read")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(subpath-prefix "${HOME}/Media/Debug")
+		(require-any
+			(extension-class "com.apple.mediaserverd.read-write")
+			(extension-class "com.apple.mediaserverd.read")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(subpath "/private/var/MobileAsset")
+		(extension "com.apple.assets.read")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(subpath-prefix "${HOME}/Media/Photos")
+		(require-any
+			(extension-class "com.apple.mediaserverd.read-write")
+			(extension-class "com.apple.mediaserverd.read")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Media/PhotoStreamsData"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(require-all
+				(subpath-prefix "${HOME}/Library/OnDemandResources/AssetPacks")
+				(extension "com.apple.odr-assets"))
+			(require-all
+				(subpath "/private/var/containers/Data/System/com.apple.ondemandd/Library/AssetPacks")
+				(extension "com.apple.odr-assets"))))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(require-all
+				(subpath-prefix "${HOME}/Library/OnDemandResources/AssetPacks")
+				(extension "com.apple.odr-assets"))
+			(require-all
+				(subpath "/private/var/containers/Data/System/com.apple.ondemandd/Library/AssetPacks")
+				(extension "com.apple.odr-assets"))))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(subpath-prefix "${HOME}/Media"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(subpath-prefix "${HOME}/Media/PhotoStreamsData")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Caches/AppleTV"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(subpath-prefix "${HOME}/Media/PhotoData")
+		(require-any
+			(extension-class "com.apple.mediaserverd.read-write")
+			(extension-class "com.apple.mediaserverd.read")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(subpath-prefix "${HOME}/Media/Memories")
+		(require-any
+			(extension-class "com.apple.mediaserverd.read-write")
+			(extension-class "com.apple.mediaserverd.read")))
+	(require-all
+		(subpath-prefix "${HOME}/Media/DCIM")
+		(require-any
+			(extension-class "com.apple.mediaserverd.read-write")
+			(extension-class "com.apple.mediaserverd.read")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]lowtide/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]lowtide$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]lowtide/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]lowtide$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath "/private/var/tmp")
+		(require-any
+			(extension-class "com.apple.app-sandbox.read")
+			(extension-class "com.apple.app-sandbox.read-write")
+			(extension-class "com.apple.mediaserverd.read-write")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Assets")
+		(extension "com.apple.assets.read")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(subpath-prefix "${HOME}/Media/Photos")
+			(subpath-prefix "${HOME}/Media/PhotoData")
+			(subpath-prefix "${HOME}/Media/MediaAnalysis")
+			(subpath-prefix "${HOME}/Media/Debug")
+			(subpath-prefix "${HOME}/Media/Memories")
+			(subpath-prefix "${HOME}/Media/DCIM")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(extension "com.apple.librarian.ubiquity-container")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(subpath-prefix "${HOME}/Media/Photos")
+			(subpath-prefix "${HOME}/Media/PhotoData")
+			(subpath-prefix "${HOME}/Media/MediaAnalysis")
+			(subpath-prefix "${HOME}/Media/Debug")
+			(subpath-prefix "${HOME}/Media/Memories")
+			(subpath-prefix "${HOME}/Media/DCIM")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]lowtide/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]lowtide$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]lowtide/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]lowtide$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Caches/AppleTV")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]lowtide/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]lowtide$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]lowtide/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]lowtide$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(subpath-prefix "${HOME}/Media/MediaAnalysis")
+	(subpath "/Applications")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.iTunesStore/network-constraints.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.locationd.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileAsset.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.persistentconnection.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.IconsCache")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+	(literal-prefix "${HOME}/Library/Preferences/com.apple.apsd.launchd")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.accounts.exists.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.storebookkeeper.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Sharing.plist")
+	(subpath-prefix "${HOME}/Library/MediaStream")
+	(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+	(subpath-prefix "${HOME}/Media/PhotoData")
+	(subpath "/Library/Dictionaries")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.celestial.plist")
+	(extension "com.apple.app-sandbox.read-write")
+	(literal-prefix "${HOME}/Library/Caches/Checkpoint.plist")
+	(literal-prefix "${HOME}/Library/Logs")
+	(subpath-prefix "${HOME}/Library/Application Support/Front Row")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Accessibility.plist")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath-prefix "${HOME}/Updates")
+	(subpath "/usr/share")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.keyboards")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CrashReporter.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.preferences.sounds.plist")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.twitter.plist")
+	(literal-prefix "${HOME}/Library/Logs/ADDataStore.sqlitedb-shm")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.medialibrary.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.InputModePreferences.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.appletvservices.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.SpeakSelection.plist")
+	(subpath-prefix "${HOME}/Media/Radio")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.linkedin.plist")
+	(subpath-prefix "${HOME}/Media/Debug")
+	(literal-prefix "${HOME}/Library/Logs/ADDataStore.sqlitedb-journal")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.preferences-sounds.plist")
+	(subpath-prefix "${HOME}/Library/Fonts")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.accountsd.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Preferences.plist")
+	(literal-prefix "${HOME}/Library/Caches/DateFormats.plist")
+	(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.soundpref.plist")
+	(extension "com.apple.sandbox.executable")
+	(subpath "/System/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoRegistry.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+	(subpath-prefix "${HOME}/Library/Assets/com_apple_MobileAsset_VoiceServicesVocalizerVoice")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+	(literal "/com.apple.xpc.launchd.bootstrap.plist")
+	(subpath "/private/var/db/timezone")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iokit.IOMobileGraphicsFamily.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MapKit.internal.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreMotion.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.pairedsync.plist")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.Radio")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.UIKit.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AdLib.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.support.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mt.plist")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.facebook.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.EmojiPreferences.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iqagent.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.airplay.plist")
+	(subpath-prefix "${HOME}/Media/Photos")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreanimation.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.da.plist")
+	(subpath-prefix "${HOME}/Library/Logs/CrashReporter")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(subpath-prefix "${HOME}/Documents/var/nrd")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.itunesstored/url-resolution.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.homesharing.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(literal "/")
+	(literal "/private/var/preferences/SystemConfiguration/preferences.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.nanoprefsyncd.plist")
+	(subpath-prefix "${HOME}/Library/VoiceServices/Assets")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(subpath-prefix "${HOME}/Library/Logs/Ubiquity")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.preferences.datetime.plist")
+	(subpath "/private/var/logs/CrashReporter")
+	(subpath-prefix "${HOME}/Library/Dictionaries")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.pep.configuration.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iapd.plist")
+	(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(subpath-prefix "${HOME}/Media/DCIM")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataAccess.BehaviorOptions.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.appleaccount.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.telephonyutilities.dialassist.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.voiceservices.plist")
+	(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+	(literal-prefix "${HOME}/Library/Logs/ADDataStore.sqlitedb")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.keyboard.plist")
+	(literal-prefix "${HOME}/Library/Preferences/com.apple.frontrow.")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+	(subpath-prefix "${HOME}/Media/Memories")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.plist")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+	(subpath "/Developer")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.youtubeframework.plist")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.UIStatusBar")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mmcs.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.LaunchServices.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.public.plist")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.radios.plist")
+	(literal-prefix "${HOME}/Library/Logs/awd/awd-AppleTV.log")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.aggregated.plist")
+	(subpath "/AppleInternal")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebUI.plist")
+	(subpath-prefix "${HOME}/Library/Caches/AppleTV")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaremote.plist")
+	(literal-prefix "${HOME}/Library/Logs/ADDataStore.sqlitedb-wal")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath-prefix "${HOME}/Media/PhotoStreamsData")
+	(subpath-prefix "${HOME}/Media/iTunes_Control")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.sinaweibo.plist")
+	(literal-prefix-regex "${HOME}/Library/Preferences/com[.]apple[.]lowtide.plist")
+	(subpath "/private/var/MobileSoftwareUpdate")
+	(literal-prefix "${HOME}/Library/Keyboard/LocalDictionary")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.VoiceOverTouch.plist")
+	(extension "com.apple.app-sandbox.read")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ConfigServer.plist")
+	(require-all
+		(subpath "/private/var/containers/Data/System/com.apple.ondemandd/Library/AssetPacks")
+		(extension "com.apple.odr-assets"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Application Support/CloudDocs/session/r")
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.clouddocs.version"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]lowtide-" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]lowtide/" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]lowtide$" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]lowtide-" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]lowtide/" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]lowtide$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath "/private/var/MobileAsset")
+		(extension "com.apple.assets.read"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/SyncedPreferences/com[.]apple[.]lowtide[.]plist" #"^/private/var/mobile/Library/SyncedPreferences/com[.]apple[.]lowtide-.+[.]plist" #"^/private/var/euser[0-9]+/Library/SyncedPreferences/com[.]apple[.]lowtide-.*[.]plist")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Assets")
+		(extension "com.apple.assets.read"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Application Support/Ubiquity/genstore")
+		(extension "com.apple.librarian.ubiquity-revision"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]lowtide/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]lowtide$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]lowtide/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]lowtide$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com.apple.iTunesStore/ISURLBag/com[.]apple[.]lowtide$" #"^/private/var/mobile/Library/Caches/com.apple.iTunesStore/ISURLBag/com[.]apple[.]lowtide/$" #"^/private/var/mobile/Library/Caches/com.apple.iTunesStore/ISURLBag/com[.]apple[.]lowtide/.+$" #"^/private/var/euser[0-9]+/Library/Caches/com.apple.iTunesStore/ISURLBag/com[.]apple[.]lowtide/(?|.+)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles$" #"^/private/var/mobile/Library/ConfigurationProfiles/" #"^/private/var/mobile/Library/UserConfigurationProfiles$" #"^/private/var/mobile/Library/UserConfigurationProfiles/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]lowtide/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]lowtide$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]lowtide/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]lowtide$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+		(extension "com.apple.revisiond.revision"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]lowtide" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]lowtide" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]lowtide")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]lowtide/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]lowtide$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]lowtide/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]lowtide$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]lowtide[.]savedState/" #"^/private/var/euser[0-9]+/Library/Saved Application State/com[.]apple[.]lowtide[.]savedState/")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(regex #"^/private/var/mobile/Documents/com[.]apple[.]lowtide[.]settings$" #"^/private/var/mobile/Documents/com[.]apple[.]lowtide[.]settings/" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.]lowtide[.]settings$" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.]lowtide[.]settings/")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type SYMLINK)
+		(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+		(extension "com.apple.revisiond.revision"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/OnDemandResources/AssetPacks")
+		(extension "com.apple.odr-assets"))
+	(require-all
+		(require-not (subpath-prefix "${HOME}/Library/FairPlay"))
+		(require-not (literal "/usr/sbin/fairplayd"))
+		(require-not (subpath-prefix "${HOME}/Media"))
+		(require-any
+			(literal "/dev/random")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+			(literal "/dev/urandom")
+			(literal "/dev/ptmx")
+			(literal "/dev/aes_0")
+			(literal "/dev/dtracehelper")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+			(require-all
+				(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(vnode-type TTY)
+				(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+			(require-all
+				(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+				(extension "com.apple.sandbox.pty"))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(vnode-type BLOCK-DEVICE)
+				(vnode-type CHARACTER-DEVICE)
+				(require-any
+					(literal "/private/etc/hosts")
+					(literal "/private/etc/group")
+					(literal "/private/etc/passwd")
+					(literal "/")
+					(literal "/private/etc/protocols")
+					(literal "/private/etc/services")
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+						(require-entitlement "com.apple.coreduetd.people"))))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+			(require-all
+				(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+				(subpath-prefix "${FRONT_USER_HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/[.]GlobalPreferences$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/[.]GlobalPreferences$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+		(extension "com.apple.revisiond.revision"))
+	(require-all
+		(vnode-type SYMLINK)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging")))
+(allow file-read-metadata)
+(allow file-write*
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.Radio")
+	(subpath-prefix "${HOME}/Media/Radio")
+	(literal "/private/var/db/timezone/localtime")
+	(literal-prefix "${HOME}/Library/Preferences/com.apple.apsd.launchd")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles")
+	(subpath-prefix "${HOME}/Library/MediaStream")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+	(literal "/private/var/tmp/MediaControlServer.log")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.preferences.datetime.plist")
+	(literal-prefix "${HOME}/Library/Logs")
+	(subpath "/private/var/tmp/AirTunes")
+	(subpath-prefix "${HOME}/Library/Application Support/Front Row")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.storebookkeeper.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.airplay.plist")
+	(literal-prefix "${HOME}/Library/Logs/ADDataStore.sqlitedb-shm")
+	(subpath-prefix "${HOME}/Library/Logs/Ubiquity")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.appletvservices.plist")
+	(literal-prefix "${HOME}/Library/Logs/ADDataStore.sqlitedb-journal")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.aggregated.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.preferences-sounds.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mmcs.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.soundpref.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iqagent.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath-prefix "${HOME}/Library/Logs/CrashReporter")
+	(subpath-prefix "${HOME}/Documents/var/nrd")
+	(literal-prefix "${HOME}/Library/Application Support")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.celestial.plist")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.pep.configuration.plist")
+	(literal "/Library/Application Support/Front Row")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+	(literal-prefix "${HOME}/Library/Logs/ADDataStore.sqlitedb")
+	(literal-prefix "${HOME}/Library/Preferences/com.apple.frontrow.")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.plist")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.iLifeSlideshow")
+	(literal-prefix "${HOME}/Library/Logs/ADDataStore.sqlitedb-wal")
+	(literal-prefix "${HOME}/Library/Logs/awd/awd-AppleTV.log")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/kCFPreferencesAnyApplication.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AdLib.plist")
+	(subpath-prefix "${HOME}/Library/Caches/AppleTV")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileAsset.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CrashReporter.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.voiceservices.plist")
+	(subpath-prefix "${HOME}/Media/iTunes_Control")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.youtubeframework.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+	(subpath "/private/var/MobileSoftwareUpdate")
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.springboard.plist"))
+		(require-not (literal-prefix "${HOME}/Library/Caches/DateFormats.plist"))
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.EmojiPreferences.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Preferences.plist")
+			(literal-prefix "${HOME}/Library/Cookies")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+			(subpath-prefix "${HOME}/Media/Memories")
+			(subpath-prefix "${HOME}/Media/Debug")
+			(subpath-prefix "${HOME}/Media/Photos")
+			(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb")
+			(literal-prefix "${HOME}/Library/Caches/com.apple.iTunesStore/network-constraints.plist")
+			(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+			(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb-shm")
+			(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-wal")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+			(subpath-prefix "${HOME}/Media/MediaAnalysis")
+			(subpath-prefix "${HOME}/Media/PhotoData")
+			(extension "com.apple.app-sandbox.read-write")
+			(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.public.plist")
+			(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb-journal")
+			(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb")
+			(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+			(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-shm")
+			(subpath-prefix "${HOME}/Media/DCIM")
+			(literal-prefix "${HOME}/Media/iTunes_Control/iTunes")
+			(subpath-prefix "${HOME}/Library/Caches/com.apple.keyboards")
+			(literal-prefix-regex "${HOME}/Library/Preferences/com[.]apple[.]lowtide.plist")
+			(subpath "/private/var/tmp")
+			(literal-prefix "${HOME}/Library/Keyboard/LocalDictionary")
+			(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb-wal")
+			(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-journal")
+			(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com.apple.iTunesStore/ISURLBag/com[.]apple[.]lowtide$" #"^/private/var/mobile/Library/Caches/com.apple.iTunesStore/ISURLBag/com[.]apple[.]lowtide/$" #"^/private/var/mobile/Library/Caches/com.apple.iTunesStore/ISURLBag/com[.]apple[.]lowtide/.+$" #"^/private/var/euser[0-9]+/Library/Caches/com.apple.iTunesStore/ISURLBag/com[.]apple[.]lowtide/(?|.+)$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]lowtide" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]lowtide" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]lowtide")
+				(subpath-prefix "${FRONT_USER_HOME}"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]lowtide/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]lowtide$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]lowtide/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]lowtide$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(subpath-prefix "${HOME}/Media")
+				(require-any
+					(require-all
+						(extension "com.apple.sandbox.system-group")
+						(require-any
+							(require-entitlement "com.apple.security.system-groups")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+							(require-entitlement "com.apple.security.system-group-containers")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+					(require-all
+						(vnode-type BLOCK-DEVICE)
+						(vnode-type CHARACTER-DEVICE)
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(extension "com.apple.sandbox.system-container")
+						(require-entitlement "com.apple.security.system-container"))))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]lowtide/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]lowtide$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]lowtide/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]lowtide$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]lowtide[.]savedState/" #"^/private/var/euser[0-9]+/Library/Saved Application State/com[.]apple[.]lowtide[.]savedState/")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Media/iTunes_Control/iTunes"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/Mobile Documents")
+				(require-any
+					(extension "com.apple.librarian.ubiquity-container")
+					(require-entitlement "com.apple.private.librarian.container-proxy")))
+			(require-all
+				(regex #"^/private/var/mobile/Documents/com[.]apple[.]lowtide[.]settings$" #"^/private/var/mobile/Documents/com[.]apple[.]lowtide[.]settings/" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.]lowtide[.]settings$" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.]lowtide[.]settings/")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]lowtide/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]lowtide$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]lowtide/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]lowtide$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]lowtide-" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]lowtide/" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]lowtide$" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]lowtide-" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]lowtide/" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]lowtide$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type SYMLINK)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Cookies"))))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles$" #"^/private/var/mobile/Library/ConfigurationProfiles/" #"^/private/var/mobile/Library/UserConfigurationProfiles$" #"^/private/var/mobile/Library/UserConfigurationProfiles/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Media/iTunes_Control/iTunes"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs")))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(literal-prefix "${HOME}/Documents")
+			(literal-prefix "${HOME}/Documents/var")
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Logs/awd"))
+			(require-all
+				(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.Accessibility.plist"))
+				(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.UIKit.plist"))
+				(require-any
+					(require-all
+						(vnode-type DIRECTORY)
+						(require-any
+							(literal-prefix "${HOME}/Media/MediaAnalysis")
+							(literal-prefix "${HOME}/Media/Memories")))
+					(require-all
+						(vnode-type DIRECTORY)
+						(literal-prefix "${HOME}/Library/Saved Application State"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(require-any
+							(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+							(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")))
+					(require-all
+						(vnode-type DIRECTORY)
+						(literal-prefix "${HOME}/Library/Caches"))
+					(require-all
+						(vnode-type REGULAR-FILE)
+						(extension "com.apple.private.safe-move.send"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(regex #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]lowtide[.]savedState" #"^/private/var/euser[0-9]+/Library/Saved Application State/com[.]apple[.]lowtide[.]savedState")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(literal-prefix "${HOME}/Library/Caches/Snapshots"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(require-any
+							(literal-prefix "${HOME}/Library/Caches/com.apple.iTunesStore")
+							(literal-prefix "${HOME}/Library/Caches/com.apple.iTunesStore/ISURLBag")))
+					(require-all
+						(vnode-type DIRECTORY)
+						(require-any
+							(literal-prefix "${HOME}/Library/com.apple.iTunesStore")
+							(literal-prefix "${HOME}/Library/com.apple.iTunesStore/LocalStorage")))))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Media"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches/com.apple.DictionaryServices")))))
+(allow file-write-data
+	(literal-prefix "${HOME}/Library/Logs/ADDataStore.sqlitedb")
+	(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb")
+	(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb")
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-flags
+	(literal-prefix "${HOME}/Media"))
+(allow file-write-mode
+	(literal-prefix "${HOME}/Media")
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(subpath-prefix "${HOME}/Updates")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open
+	(extension "com.apple.security.exception.iokit-user-client-class")
+	(iokit-user-client-class "AppleKeyStoreUserClient")
+	(iokit-user-client-class "IOAVAudioInterfaceUserClient")
+	(iokit-user-client-class "AppleJPEGDriverUserClient")
+	(iokit-user-client-class "IOAccelDevice")
+	(iokit-user-client-class "IODPDisplayInterfaceUserClient")
+	(iokit-user-client-class "com_apple_driver_FairPlayIOKitUserClient")
+	(iokit-user-client-class "IOAccelDevice2")
+	(iokit-user-client-class "IOMobileFramebufferUserClient")
+	(iokit-user-client-class "IOAccelContext2")
+	(iokit-user-client-class "IOAVControllerUserClient")
+	(iokit-user-client-class "AppleMobileFileIntegrityUserClient")
+	(iokit-user-client-class "IODPDeviceUserClient")
+	(iokit-user-client-class "IOAVServiceUserClient")
+	(iokit-user-client-class "IOSurfaceAcceleratorClient")
+	(iokit-user-client-class "IODPAudioInterfaceUserClient")
+	(iokit-user-client-class "ASPUserClient")
+	(iokit-user-client-class "RootDomainUserClient")
+	(iokit-user-client-class "IOAccelContext")
+	(iokit-user-client-class "IOAVDeviceUserClient")
+	(iokit-user-client-class "IOAccelSharedUserClient")
+	(iokit-user-client-class "IOSurfaceRootUserClient")
+	(iokit-user-client-class "IODPServiceUserClient")
+	(iokit-user-client-class "IOAccelSubmitter2")
+	(iokit-user-client-class "IOSurfaceSendRight")
+	(iokit-user-client-class "IOAVVideoInterfaceUserClient")
+	(iokit-user-client-class "IOAccelSharedUserClient2")
+	(iokit-user-client-class "IODPControllerUserClient")
+	(iokit-user-client-class "AppleNANDFTLUserClient"))
+(allow iokit-set-properties)
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.pairedsyncd.syncstate")
+	(global-name "com.apple.nano.nanoregistry.paireddeviceregistry")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.absinthed")
+	(global-name "com.apple.UIKit.KeyboardManagement")
+	(global-name "com.apple.springboard.backgroundappservices")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.audio.AudioSession")
+	(global-name "PurpleSystemEventPort")
+	(global-name "com.apple.medialibraryd.xpc")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.server.bluetooth.le.pipe.xpc")
+	(global-name "com.apple.TextInput.shortcuts")
+	(global-name "com.apple.fairplayd.versioned")
+	(global-name "com.apple.mediaserverd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.frontboard.workspace")
+	(global-name "com.apple.mobileactivationd")
+	(global-name "com.apple.UIKit.statusbarserver")
+	(global-name-regex #"^com[.]apple[.]uikit[.]viewservice[.].+")
+	(global-name "com.apple.iTunesStore.daemon.deatchwatch")
+	(global-name "com.apple.FileProvider")
+	(global-name "com.apple.backboard.animation-fence-arbiter")
+	(global-name "com.apple.coremedia.asset")
+	(global-name "com.apple.coremedia.formatreaderloader")
+	(global-name "com.apple.atvitunescloudd.xpc")
+	(global-name "ScripterServer")
+	(global-name "com.apple.absd")
+	(global-name "com.apple.backboard.checkin")
+	(global-name "com.apple.iTunesStore.daemon-notifications")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.coremedia.wirelessdisplay")
+	(global-name "com.apple.librariand")
+	(global-name "com.apple.PowerManagement.control")
+	(global-name "PurplePPTServer")
+	(global-name "PurpleSystemAppPort")
+	(global-name "com.apple.mobile.obliteration")
+	(global-name "com.apple.UIKit.KeyboardManagement.hosted")
+	(global-name "com.apple.iTunesStore.daemon")
+	(global-name "com.apple.fig.movie")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "UIASTNotificationCenter")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.assetsd.changehub")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.coremedia.formatreader")
+	(global-name "com.apple.TextInput.rdt")
+	(global-name "com.apple.uikit.GestureServer")
+	(local-name "com.apple.coremedia.customurlhandler")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.itunesstored.xpc")
+	(global-name "com.apple.frontrow.tracerouteix")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.server.bluetooth.le.att.xpc")
+	(global-name "com.apple.managedconfiguration.profiled")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.coremedia.assetimagegenerator")
+	(global-name "com.apple.coremedia.videoqueue")
+	(local-name-regex #"^com[.]apple[.]assistant[.]contextprovider[.]")
+	(global-name "com.apple.CrashCopy.OTA")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.locationd.registration")
+	(global-name "com.apple.nanoprefsync")
+	(global-name "com.apple.mediaremoted.xpc")
+	(global-name "com.apple.springboard.services")
+	(global-name "com.apple.TextInput.lexicon-server")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.MediaRemote.nowplayingserver")
+	(global-name "com.apple.airplaydiagnostics.server")
+	(global-name "com.apple.gpumemd.source")
+	(global-name "com.apple.iohideventsystem")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.lsd.modifydb")
+	(global-name "com.apple.coremedia.capturesession")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.backboard.workspaceserverconnection")
+	(global-name "com.apple.mobilecheckpoint.checkpointd")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.coresymbolicationd")
+	(global-name "com.apple.TextInput")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.mobileassetd")
+	(global-name "com.apple.usernotification.notificationregistrar")
+	(global-name "com.apple.quicklook.ThumbnailsAgent")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.coremedia.sandboxserver")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.apsd")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.itunescloudd.xpc")
+	(global-name "com.apple.locationd.synchronous")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.coremedia.capturesource")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.mobile.installd")
+	(global-name "com.apple.CARenderServer")
+	(global-name "com.apple.fairplayd")
+	(global-name "com.apple.coremedia.admin")
+	(global-name "com.apple.wirelessproxd")
+	(global-name "com.apple.PersistentURLTranslator.Gatekeeper")
+	(global-name "com.apple.wifi.manager")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.adid")
+	(global-name "com.apple.MediaRemote.isrunning")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.bird.token")
+	(global-name "com.apple.MediaRemote.daemon")
+	(global-name "com.apple.backboard.hid.services")
+	(global-name "com.apple.backboard.system-app-server")
+	(global-name "com.apple.coremedia.videocompositor")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.revisiond")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.accessibility.gax.backboard")
+	(global-name "com.apple.coremedia.endpoint.xpc")
+	(global-name "com.apple.backboard.TouchDeliveryPolicyServer")
+	(global-name "com.apple.dictationd.recognition")
+	(global-name "com.apple.tzlink")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.coremedia.cpe")
+	(global-name "com.apple.ondemandd.client")
+	(global-name "com.apple.voiceservices.keepalive")
+	(global-name "com.apple.cvmsServ")
+	(global-name "com.apple.backboard.applicationdatastore.service")
+	(global-name "com.apple.locationd.spi")
+	(global-name "com.apple.audio.AudioQueueServer")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.bird")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.server.bluetooth")
+	(global-name "com.apple.voiceservices.tts")
+	(global-name "com.apple.assistant.settings")
+	(global-name "com.apple.pegasus")
+	(global-name "com.apple.assertiond.expiration")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.frontboard.systemappservices")
+	(global-name "com.apple.webinspector")
+	(global-name "com.apple.FileCoordination")
+	(global-name "com.apple.aggregated.addaily")
+	(global-name "com.apple.timed.xpc")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.coremedia.recorder")
+	(global-name "com.apple.pluginkit.pkd")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.audio.AURemoteIOServer")
+	(global-name "com.apple.accessibility.AXBackBoardServer")
+	(global-name "com.apple.usernotification.notificationscheduler")
+	(global-name "com.apple.backboard.display.services")
+	(global-name "com.apple.powerlog.plxpclogger.xpc")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.sharingd.nsxpc")
+	(global-name "com.apple.mobile.softwareupdated")
+	(global-name "com.apple.coreservices.appleid.authentication")
+	(global-name "com.apple.lsd.xpc")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.audio.SystemSoundServer-iOS")
+	(global-name "com.apple.marco")
+	(global-name "com.apple.iphone.axserver-systemwide")
+	(global-name "com.apple.springboard.processinvalidation")
+	(global-name "com.apple.awdd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.corercd")
+	(global-name "com.apple.assertiond.processinfoservice")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.coremedia.remaker")
+	(global-name "com.apple.assistant.dictation")
+	(global-name "com.apple.sharingd")
+	(global-name "com.apple.UIKit.pasteboardd")
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.springboard.statusbarservices")
+		(require-entitlement "com.apple.springboard.statusbarstyleoverrides"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow mach-register
+	(global-name "com.apple.SBUserNotification")
+	(local-name "com.apple.accessibility.gax.client")
+	(global-name "com.apple.airplay.xpc")
+	(global-name "com.apple.frontboard.watchdogserver")
+	(global-name "PurpleSystemAppPort")
+	(local-name-regex #"^com[.]apple[.]assistant[.]contextprovider[.]")
+	(global-name-regex #"^com[.]apple[.]appletv$" #"^com[.]apple[.]appletv[.]" #"^com[.]apple[.]lowtide$" #"^com[.]apple[.]lowtide[.]")
+	(local-name "com.apple.iphone.axserver")
+	(require-all
+		(extension "com.apple.security.exception.mach-register.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(extension "com.apple.security.exception.mach-register.global-name")
+		(global-name-regex #".+")))
+(allow mach-task-name)
+(allow network-inbound)
+(allow network-bind)
+(allow network-outbound
+	(require-all
+		(require-not (regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
+		(require-any
+			(literal "/private/var/tmp/hidmonitordsocket")
+			(literal "/private/var/run/lockdown.sock")
+			(literal "/private/var/run/syslog")
+			(remote udp "*:*")
+			(literal "/private/var/run/mDNSResponder")
+			(remote tcp "*:*")
+			(control-name "com.apple.netsrc")
+			(control-name "com.apple.network.statistics"))))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(preference-domain "com.apple.NanoRegistry")
+	(preference-domain "com.apple.demo-settings")
+	(preference-domain "com.apple.Preferences")
+	(preference-domain "com.apple.UIKit")
+	(preference-domain "com.apple.homesharing")
+	(preference-domain "com.apple.locationd")
+	(preference-domain "com.apple.avfoundation")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.EmojiPreferences")
+	(preference-domain "com.apple.AdLib")
+	(preference-domain "com.apple.coreaudio")
+	(preference-domain "com.apple.medialibrary")
+	(preference-domain "com.apple.keyboard")
+	(preference-domain "com.apple.soundpref")
+	(preference-domain "com.apple.mmcs")
+	(preference-domain "com.apple.mt")
+	(preference-domain "com.apple.aggregated")
+	(preference-domain "com.apple.Sharing")
+	(preference-domain "com.apple.corevideo")
+	(preference-domain "com.apple.MapKit.internal")
+	(preference-domain "com.apple.logging")
+	(preference-domain "com.apple.assistant.support")
+	(preference-domain "com.apple.mediaaccessibility")
+	(preference-domain "com.apple.telephonyutilities.dialassist")
+	(preference-domain "com.apple.mediaremote")
+	(preference-domain "com.apple.appleaccount")
+	(preference-domain "com.apple.SpeakSelection")
+	(preference-domain "com.apple.youtubeframework")
+	(preference-domain "com.apple.appletvservices")
+	(preference-domain ".GlobalPreferences")
+	(preference-domain "com.apple.CoreMotion")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "com.apple.pairedsync")
+	(preference-domain "com.apple.celestial")
+	(preference-domain "com.apple.voiceservices")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.coreanimation")
+	(preference-domain "com.apple.GEO")
+	(preference-domain "com.apple.iapd")
+	(preference-domain "com.apple.da")
+	(preference-domain "com.apple.CrashReporter")
+	(preference-domain "com.apple.iokit.IOMobileGraphicsFamily")
+	(preference-domain "com.apple.preferences.datetime")
+	(preference-domain "com.apple.preferences-sounds")
+	(preference-domain "com.apple.DataAccess.BehaviorOptions")
+	(preference-domain "com.apple.assistant")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.coremedia")
+	(preference-domain "com.apple.InputModePreferences")
+	(preference-domain "com.apple.persistentconnection")
+	(preference-domain "com.apple.storebookkeeper")
+	(preference-domain "com.apple.LaunchServices")
+	(preference-domain "com.apple.mediaaccessibility.public")
+	(preference-domain "com.apple.preferences.sounds")
+	(preference-domain "com.apple.WebUI")
+	(preference-domain "com.apple.ConfigServer")
+	(preference-domain "com.apple.mobileipod")
+	(preference-domain "com.apple.carrier")
+	(preference-domain "com.apple.iqagent")
+	(preference-domain "com.apple.airplay")
+	(preference-domain "com.apple.accountsd")
+	(preference-domain "com.apple.marco")
+	(preference-domain "com.apple.nanoprefsyncd")
+	(preference-domain "com.apple.itunesstored")
+	(preference-domain "com.apple.VoiceOverTouch")
+	(preference-domain "com.apple.MobileAsset")
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.Accessibility")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.mmcs")
+	(preference-domain "com.apple.demo-settings")
+	(preference-domain "com.apple.EmojiPreferences")
+	(preference-domain "com.apple.AdLib")
+	(preference-domain "com.apple.soundpref")
+	(preference-domain "com.apple.aggregated")
+	(preference-domain "com.apple.mediaaccessibility")
+	(preference-domain "com.apple.youtubeframework")
+	(preference-domain "com.apple.appletvservices")
+	(preference-domain "com.apple.celestial")
+	(preference-domain "com.apple.voiceservices")
+	(preference-domain "com.apple.preferences-sounds")
+	(preference-domain "com.apple.MobileAsset")
+	(preference-domain "com.apple.preferences.datetime")
+	(preference-domain "com.apple.coremedia")
+	(preference-domain "com.apple.storebookkeeper")
+	(preference-domain "com.apple.mediaaccessibility.public")
+	(preference-domain "com.apple.mobileipod")
+	(preference-domain "com.apple.CrashReporter")
+	(preference-domain "com.apple.Preferences")
+	(preference-domain "com.apple.iqagent")
+	(preference-domain "com.apple.airplay")
+	(preference-domain "com.apple.itunesstored")
+	(preference-domain "kCFPreferencesAnyApplication"))
+(allow process-exec*
+	(subpath "/Applications/AppleTV.app"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-fsctl)
+(allow system-info
+	(info-type "hw.uuid"))
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/Lowtide.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/Lowtide.sb.xml
new file mode 100644
index 00000000..c27b7817
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/Lowtide.sb.xml
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="file-read-metadata" action="allow" />
+	<operation name="iokit-set-properties" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="mach-task-name" action="allow" />
+	<operation name="network-inbound" action="allow" />
+	<operation name="network-bind" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-fsctl" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MTLCompilerService.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MTLCompilerService.sb
new file mode 100644
index 00000000..671670c6
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MTLCompilerService.sb
@@ -0,0 +1,186 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal "/dev/random")
+	(subpath "/Developer")
+	(literal "/dev/urandom")
+	(literal "/dev/ptmx")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/System/Library")
+	(literal "/dev/aes_0")
+	(literal "/dev/dtracehelper")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/dev/null")
+	(extension "com.apple.sandbox.executable")
+	(literal "/private/etc/master.passwd")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(subpath-prefix "${FRONT_USER_HOME}/Library/Logs/Metal")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal "/dev/zero")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(subpath "/usr/share")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(subpath "/private/var/db/timezone")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath-prefix "${FRONT_USER_HOME}/Library/Logs/Metal")
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-write-create
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MTLCompilerService.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MTLCompilerService.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MTLCompilerService.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MailCompositionService.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MailCompositionService.sb
new file mode 100644
index 00000000..3ca0de6a
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MailCompositionService.sb
@@ -0,0 +1,1171 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(extension-class "com.apple.quicklook.readonly")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(subpath "/private/var/MobileAsset")
+		(extension "com.apple.assets.read")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(require-all
+				(subpath-prefix "${HOME}/Library/OnDemandResources/AssetPacks")
+				(extension "com.apple.odr-assets"))
+			(require-all
+				(subpath "/private/var/containers/Data/System/com.apple.ondemandd/Library/AssetPacks")
+				(extension "com.apple.odr-assets"))))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(subpath-prefix "${HOME}/Media")
+		(extension "com.apple.avasset.read-only")
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(require-all
+				(subpath-prefix "${HOME}/Library/OnDemandResources/AssetPacks")
+				(extension "com.apple.odr-assets"))
+			(require-all
+				(subpath "/private/var/containers/Data/System/com.apple.ondemandd/Library/AssetPacks")
+				(extension "com.apple.odr-assets"))))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-only")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-only")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]MailCompositionService/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]MailCompositionService$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]MailCompositionService/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]MailCompositionService$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]MailCompositionService/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]MailCompositionService$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]MailCompositionService/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]MailCompositionService$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]MailCompositionService/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]MailCompositionService$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]MailCompositionService/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]MailCompositionService$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath "/private/var/tmp/MediaCache")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(subpath "/private/var/tmp")
+		(require-any
+			(extension-class "com.apple.app-sandbox.read")
+			(extension-class "com.apple.app-sandbox.read-write")
+			(extension-class "com.apple.mediaserverd.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(extension "com.apple.librarian.ubiquity-container")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Assets")
+		(extension "com.apple.assets.read")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write"))))
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(subpath "/System/Library")
+	(subpath-prefix "${HOME}/Library/WebKit")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.locationd.plist")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist")
+	(literal-prefix "${HOME}/Media/Vibrations/UserGeneratedVibrationPatterns.plist")
+	(literal-prefix-regex "${HOME}/Library/Preferences/com[.]apple[.]MailCompositionService.plist")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/Ringtones.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+	(literal-prefix "${HOME}/Library/Preferences/com.apple.dataaccess.launchd")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.keyboard.plist")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.accounts.exists.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Sharing.plist")
+	(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+	(subpath "/Library/Dictionaries")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.public.notbackedup.plist")
+	(extension "com.apple.app-sandbox.read-write")
+	(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+	(literal-prefix "${HOME}/Library/Caches/Checkpoint.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+	(subpath "/AppleInternal/Library/Frameworks")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Accessibility.plist")
+	(subpath-prefix "${HOME}/Media/Safari")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.IconsCache")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.itunesstored/url-resolution.plist")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.keyboards")
+	(subpath-prefix "${HOME}/Media/Purchases")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.preferences.sounds.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.SpeakSelection.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreDuet.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+	(subpath "/private/var/tmp")
+	(subpath-prefix "${HOME}/Media")
+	(subpath-prefix "${HOME}/Library/Fonts")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.accountsd.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.nanoprefsyncd.plist")
+	(literal-prefix "${HOME}/Library/Caches/DateFormats.plist")
+	(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+	(extension "com.apple.sandbox.executable")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoRegistry.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.twitter.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.postwipe.plist")
+	(subpath-prefix "${HOME}/Library/Assets/com_apple_MobileAsset_VoiceServicesVocalizerVoice")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebKit.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.camera.plist")
+	(literal "/com.apple.xpc.launchd.bootstrap.plist")
+	(subpath "/private/var/db/timezone")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iokit.IOMobileGraphicsFamily.plist")
+	(subpath-prefix "${HOME}/Media/iTunes_Control/Ringtones")
+	(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MapKit.internal.plist")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreMotion.plist")
+	(subpath-prefix "${HOME}/Library/WebClips")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.pairedsync.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.UIKit.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Preferences.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.support.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mt.plist")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.facebook.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.EmojiPreferences.plist")
+	(subpath "/AppleInternal/Library/Frameworks/RadarCompose.framework")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreanimation.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.da.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.itunesstored/url-resolution.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AOSNotification.public.notbackedup.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.aggregated.plist")
+	(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mail.composition.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.nanoprefsyncd.plist")
+	(subpath-prefix "${HOME}/Library/VoiceServices/Assets")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.suggestions.plist")
+	(subpath-prefix "${HOME}/Library/Dictionaries")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iapd.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.appleaccount.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.telephonyutilities.dialassist.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.voiceservices.plist")
+	(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataAccess.BehaviorOptions.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.public.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.message.plist")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaremote.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.videos.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileAsset.plist")
+	(subpath "/Developer")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.youtubeframework.plist")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.UIStatusBar")
+	(subpath "/Library/Ringtones")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.radios.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.InputModePreferences.plist")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.linkedin.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.springboard.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebUI.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataMigration.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileslideshow.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Preferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/usr/share")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.sinaweibo.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobilemail.plist")
+	(literal-prefix "${HOME}/Library/Keyboard/LocalDictionary")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.VoiceOverTouch.plist")
+	(extension "com.apple.app-sandbox.read")
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Application Support/CloudDocs/session/r")
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.clouddocs.version"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Assets")
+		(extension "com.apple.assets.read"))
+	(require-all
+		(subpath "/private/var/MobileAsset")
+		(extension "com.apple.assets.read"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]MailCompositionService[.]savedState/" #"^/private/var/euser[0-9]+/Library/Saved Application State/com[.]apple[.]MailCompositionService[.]savedState/")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(vnode-type SYMLINK)
+		(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+		(extension "com.apple.revisiond.revision"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Application Support/Ubiquity/genstore")
+		(extension "com.apple.librarian.ubiquity-revision"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(subpath-prefix "${HOME}/Media/PhotoData/Thumbnails")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+		(extension "com.apple.revisiond.revision"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite-shm")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]MailCompositionService/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]MailCompositionService$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]MailCompositionService/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]MailCompositionService$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Documents/com[.]apple[.]MailCompositionService[.]settings$" #"^/private/var/mobile/Documents/com[.]apple[.]MailCompositionService[.]settings/" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.]MailCompositionService[.]settings$" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.]MailCompositionService[.]settings/")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(subpath-prefix "${HOME}/Media/PhotoData/Metadata")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(subpath-prefix "${HOME}/Media/PhotoData/Sync/FaceAlbumThumbnails")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MailCompositionService/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MailCompositionService$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MailCompositionService/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MailCompositionService$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite-journal")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${HOME}/Media/PhotoData/syncInfo.plist")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath "/private/var/containers/Data/System/com.apple.ondemandd/Library/AssetPacks")
+		(extension "com.apple.odr-assets"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MailCompositionService/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MailCompositionService$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MailCompositionService/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MailCompositionService$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/SyncedPreferences/com[.]apple[.]MailCompositionService[.]plist" #"^/private/var/mobile/Library/SyncedPreferences/com[.]apple[.]MailCompositionService-.+[.]plist" #"^/private/var/euser[0-9]+/Library/SyncedPreferences/com[.]apple[.]MailCompositionService-.*[.]plist")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath-prefix "${HOME}/Media")
+		(extension "com.apple.avasset.read-only")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]ToneLibrary$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]ToneLibrary$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]MailCompositionService/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]MailCompositionService$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]MailCompositionService/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]MailCompositionService$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type SYMLINK)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/OnDemandResources/AssetPacks")
+		(extension "com.apple.odr-assets"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/AddressBook")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/[.]GlobalPreferences$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/[.]GlobalPreferences$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/FairPlay")
+		(literal "/usr/sbin/fairplayd")
+		(subpath-prefix "${HOME}/Media")
+		(require-any
+			(literal "/dev/random")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+			(literal "/dev/urandom")
+			(literal "/dev/ptmx")
+			(literal "/dev/aes_0")
+			(literal "/dev/dtracehelper")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(vnode-type TTY)
+				(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+			(require-all
+				(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+				(extension "com.apple.sandbox.pty"))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(vnode-type BLOCK-DEVICE)
+				(vnode-type CHARACTER-DEVICE)
+				(require-any
+					(literal "/private/etc/hosts")
+					(literal "/private/etc/group")
+					(literal "/private/etc/passwd")
+					(literal "/")
+					(literal "/private/etc/protocols")
+					(literal "/private/etc/services")
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+						(require-entitlement "com.apple.coreduetd.people"))))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+			(require-all
+				(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+				(subpath-prefix "${FRONT_USER_HOME}"))))
+	(require-all
+		(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MailCompositionService/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MailCompositionService$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MailCompositionService/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MailCompositionService$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MailCompositionService/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MailCompositionService$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MailCompositionService/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MailCompositionService$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite-wal")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]MailCompositionService-" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]MailCompositionService/" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]MailCompositionService$" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]MailCompositionService-" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]MailCompositionService/" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]MailCompositionService$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+		(extension "com.apple.revisiond.revision"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+		(subpath-prefix "${HOME}")))
+(allow file-read-metadata)
+(allow file-read-xattr
+	(literal-prefix "${HOME}/Library/Caches"))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mail.composition.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]MailCompositionService/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]MailCompositionService$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]MailCompositionService/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]MailCompositionService$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/AddressBook")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.springboard.plist"))
+		(require-not (literal-prefix "${HOME}/Library/Caches/DateFormats.plist"))
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.EmojiPreferences.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Preferences.plist")
+			(subpath-prefix "${HOME}/Library/Cookies")
+			(literal-prefix-regex "${HOME}/Library/Preferences/com[.]apple[.]MailCompositionService.plist")
+			(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+			(literal-prefix "${HOME}/Library/Preferences/com.apple.dataaccess.launchd")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.youtubeframework.plist")
+			(extension "com.apple.app-sandbox.read-write")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.public.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+			(subpath-prefix "${HOME}/Library/WebKit")
+			(subpath-prefix "${HOME}/Library/Caches/com.apple.keyboards")
+			(subpath-prefix "${HOME}/Library/WebClips")
+			(subpath "/private/var/tmp")
+			(literal-prefix "${HOME}/Library/Keyboard/LocalDictionary")
+			(subpath-prefix "${HOME}/Media/Safari")
+			(require-all
+				(vnode-type DIRECTORY)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(subpath-prefix "${HOME}/Media")
+				(require-any
+					(require-all
+						(extension "com.apple.sandbox.system-group")
+						(require-any
+							(require-entitlement "com.apple.security.system-groups")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+							(require-entitlement "com.apple.security.system-group-containers")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+					(require-all
+						(extension "com.apple.sandbox.system-container")
+						(require-entitlement "com.apple.security.system-container"))
+					(require-all
+						(vnode-type BLOCK-DEVICE)
+						(vnode-type CHARACTER-DEVICE)
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+						(require-entitlement "com.apple.coreduetd.people"))))
+			(require-all
+				(subpath-prefix "${HOME}/Library/Mobile Documents")
+				(require-any
+					(extension "com.apple.librarian.ubiquity-container")
+					(require-entitlement "com.apple.private.librarian.container-proxy")))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(regex #"^/private/var/mobile/Documents/com[.]apple[.]MailCompositionService[.]settings$" #"^/private/var/mobile/Documents/com[.]apple[.]MailCompositionService[.]settings/" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.]MailCompositionService[.]settings$" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.]MailCompositionService[.]settings/")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MailCompositionService/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MailCompositionService$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MailCompositionService/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MailCompositionService$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type SYMLINK)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MailCompositionService/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MailCompositionService$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MailCompositionService/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MailCompositionService$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/WebKit/LocalStorage"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]MailCompositionService/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]MailCompositionService$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]MailCompositionService/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]MailCompositionService$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]MailCompositionService[.]savedState/" #"^/private/var/euser[0-9]+/Library/Saved Application State/com[.]apple[.]MailCompositionService[.]savedState/")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]MailCompositionService-" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]MailCompositionService/" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]MailCompositionService$" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]MailCompositionService-" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]MailCompositionService/" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]MailCompositionService$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/WebKit/Databases"))))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MailCompositionService/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MailCompositionService$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MailCompositionService/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MailCompositionService$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MailCompositionService/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MailCompositionService$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MailCompositionService/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MailCompositionService$")
+		(subpath-prefix "${HOME}")))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches/com.apple.DictionaryServices"))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.Accessibility.plist"))
+		(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.UIKit.plist"))
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches/Snapshots"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.private.safe-move.send"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Saved Application State"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(regex #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]MailCompositionService[.]savedState" #"^/private/var/euser[0-9]+/Library/Saved Application State/com[.]apple[.]MailCompositionService[.]savedState")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches")))
+(allow file-write-data
+	(literal-prefix "${HOME}/Library/WebKit/Databases/Databases.db")
+	(literal-prefix "${HOME}/Library/WebKit/LocalStorage/StorageTracker.db")
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.pairedsyncd.syncstate")
+	(global-name "com.apple.nano.nanoregistry.paireddeviceregistry")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.mobileassetd")
+	(global-name "com.apple.UIKit.KeyboardManagement")
+	(global-name "com.apple.springboard.backgroundappservices")
+	(global-name "com.apple.audio.AudioSession")
+	(global-name "PurpleSystemEventPort")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.suggestd.suggestionmanager")
+	(global-name "com.apple.mediaserverd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.frontboard.workspace")
+	(global-name "com.apple.UIKit.statusbarserver")
+	(global-name-regex #"^com[.]apple[.]dataaccess[.]dataaccessd")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.FileProvider")
+	(global-name "com.apple.backboard.animation-fence-arbiter")
+	(global-name "com.apple.coremedia.asset")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.marco")
+	(global-name "com.apple.telephonyutilities.callservicesdaemon.callcapabilities")
+	(global-name "com.apple.imagent.embedded.auth")
+	(global-name "ScripterServer")
+	(global-name "com.apple.librariand")
+	(global-name "com.apple.PowerManagement.control")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "PurpleSystemAppPort")
+	(global-name "com.apple.spotlight.IndexAgent")
+	(global-name "com.apple.UIKit.KeyboardManagement.hosted")
+	(global-name "com.apple.fig.movie")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "UIASTNotificationCenter")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.mobilemail.services.xpc")
+	(global-name "com.apple.frontboard.systemappservices")
+	(global-name "com.apple.cmfsyncagent.embedded.auth")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.uikit.GestureServer")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.MediaRemote.isrunning")
+	(global-name "com.apple.webfilterd")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.itunescloudd.xpc")
+	(local-name-regex #"^com[.]apple[.]assistant[.]contextprovider[.]")
+	(global-name "com.apple.powerlog.plxpclogger.xpc")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.iphone.axserver-systemwide")
+	(global-name "com.apple.ABDatabaseDoctor")
+	(global-name "com.apple.locationd.registration")
+	(global-name "com.apple.nanoprefsync")
+	(global-name "com.apple.mediaremoted.xpc")
+	(global-name "com.apple.springboard.services")
+	(global-name "com.apple.TextInput.lexicon-server")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.MediaRemote.nowplayingserver")
+	(global-name "com.apple.airplaydiagnostics.server")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.accessibility.AXBackBoardServer")
+	(global-name "com.apple.webinspector")
+	(global-name "com.apple.coremedia.capturesession")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.itunesstored.xpc")
+	(global-name "com.apple.mobilecheckpoint.checkpointd")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.TextInput")
+	(global-name "com.apple.SBUserNotification")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.usernotification.notificationregistrar")
+	(global-name "com.apple.assetsd.changehub")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.TextInput.rdt")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.coremedia.sandboxserver")
+	(global-name "com.apple.ondemandd.client")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.locationd.synchronous")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.coremedia.capturesource")
+	(global-name "com.apple.springboard")
+	(global-name "com.apple.coremedia.recorder")
+	(global-name "com.apple.audio.AudioQueueServer")
+	(global-name "com.apple.coremedia.admin")
+	(global-name "com.apple.gpumemd.source")
+	(global-name "com.apple.PersistentURLTranslator.Gatekeeper")
+	(global-name "com.apple.wifi.manager")
+	(global-name "com.apple.TextInput.shortcuts")
+	(global-name-regex #"^com[.]apple[.]uikit[.]viewservice[.].+")
+	(global-name "com.apple.coremedia.assetimagegenerator")
+	(global-name "com.apple.coremedia.videocompositor")
+	(global-name "com.apple.bird.token")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.backboard.hid.services")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.coreduetd")
+	(global-name "com.apple.revisiond")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.accessibility.gax.backboard")
+	(global-name "com.apple.coremedia.endpoint.xpc")
+	(global-name "com.apple.backboard.TouchDeliveryPolicyServer")
+	(global-name "com.apple.dictationd.recognition")
+	(global-name "com.apple.cvmsServ")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.voiceservices.keepalive")
+	(local-name "com.apple.iphone.axserver")
+	(global-name "com.apple.locationd.spi")
+	(global-name "com.apple.mediastream.sharing")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.bird")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.safarifetcherd")
+	(global-name "com.apple.voiceservices.tts")
+	(global-name "com.apple.assistant.settings")
+	(global-name "com.apple.pegasus")
+	(global-name "com.apple.assertiond.expiration")
+	(global-name "com.apple.CARenderServer")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.iohideventsystem")
+	(global-name "com.apple.FileCoordination")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.identityservicesd.idquery.embedded.auth")
+	(global-name "com.apple.pluginkit.pkd")
+	(global-name "com.apple.mobile.keybagd.xpc")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.quicklook.ThumbnailsAgent")
+	(global-name "com.apple.usernotification.notificationscheduler")
+	(global-name "com.apple.backboard.display.services")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.sharingd.nsxpc")
+	(global-name "com.apple.bulletinboard.utilitiesconnection")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.MediaRemote.daemon")
+	(global-name "com.apple.assistant.dictation")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.vibrationmanagerd")
+	(global-name "com.apple.audio.SystemSoundServer-iOS")
+	(global-name "com.apple.corerecents.recentsd")
+	(global-name "com.apple.audio.AURemoteIOServer")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.assertiond.extension")
+	(global-name "com.apple.coremedia.remaker")
+	(global-name "com.apple.WebBookmarks.webbookmarksd")
+	(global-name "com.apple.sharingd")
+	(global-name "com.apple.UIKit.pasteboardd")
+	(require-all
+		(global-name "com.apple.coremedia.capturesession")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.capturesource")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.remaker")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.recorder")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.pegasus")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.fig.movie")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.admin")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.springboard.statusbarservices")
+		(require-entitlement "com.apple.springboard.statusbarstyleoverrides"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.coremedia.assetimagegenerator")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.itunescloudd.xpc")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.springboard.backgroundappservices")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(global-name "com.apple.coremedia.videocompositor")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.audio.AudioSession")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.mediaserverd")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(global-name "com.apple.coremedia.endpoint.xpc")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.sandboxserver")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.asset")
+		(extension "com.apple.tcc.kTCCServicePhotos")))
+(allow network-outbound
+	(require-all
+		(require-not (regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
+		(require-any
+			(literal "/private/var/run/mDNSResponder")
+			(control-name "com.apple.network.statistics")
+			(literal "/private/var/run/printd")
+			(remote tcp "*:*")
+			(literal "/private/var/run/lockdown.sock")
+			(control-name "com.apple.netsrc")
+			(literal "/private/var/run/syslog"))))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(preference-domain "com.apple.NanoRegistry")
+	(preference-domain "com.apple.demo-settings")
+	(preference-domain "com.apple.Preferences")
+	(preference-domain "com.apple.UIKit")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "com.apple.itunesstored")
+	(preference-domain "com.apple.icloud.findmydeviced.postwipe")
+	(preference-domain "com.apple.EmojiPreferences")
+	(preference-domain "com.apple.mobilemail")
+	(preference-domain "com.apple.coreanimation")
+	(preference-domain "com.apple.iokit.IOMobileGraphicsFamily")
+	(preference-domain "com.apple.icloud.findmydeviced.public.notbackedup")
+	(preference-domain "com.apple.mt")
+	(preference-domain "com.apple.avfoundation")
+	(preference-domain "com.apple.mail.composition")
+	(preference-domain "com.apple.MapKit.internal")
+	(preference-domain "com.apple.voiceservices")
+	(preference-domain "com.apple.nanoprefsyncd")
+	(preference-domain "com.apple.assistant.support")
+	(preference-domain "com.apple.mediaaccessibility")
+	(preference-domain "com.apple.telephonyutilities.dialassist")
+	(preference-domain "com.apple.suggestions")
+	(preference-domain "com.apple.appleaccount")
+	(preference-domain "com.apple.SpeakSelection")
+	(preference-domain "com.apple.youtubeframework")
+	(preference-domain "com.apple.mobileipod")
+	(preference-domain "com.apple.CoreMotion")
+	(preference-domain ".GlobalPreferences")
+	(preference-domain "com.apple.pairedsync")
+	(preference-domain "com.apple.CoreDuet")
+	(preference-domain "com.apple.mediaremote")
+	(preference-domain "com.apple.Sharing")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.keyboard")
+	(preference-domain "com.apple.message")
+	(preference-domain "com.apple.coreaudio")
+	(preference-domain "com.apple.iapd")
+	(preference-domain "com.apple.da")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.mobileslideshow")
+	(preference-domain "com.apple.MobileAsset")
+	(preference-domain "com.apple.WebUI")
+	(preference-domain "com.apple.carrier")
+	(preference-domain "com.apple.springboard")
+	(preference-domain "com.apple.GEO")
+	(preference-domain "com.apple.locationd")
+	(preference-domain "com.apple.assistant")
+	(preference-domain "com.apple.DataAccess.BehaviorOptions")
+	(preference-domain "com.apple.coremedia")
+	(preference-domain "com.apple.InputModePreferences")
+	(preference-domain "com.apple.mediaaccessibility.public")
+	(preference-domain "com.apple.preferences.sounds")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.bulletinboard")
+	(preference-domain "com.apple.WebKit")
+	(preference-domain "com.apple.videos")
+	(preference-domain "com.apple.DataMigration")
+	(preference-domain "com.apple.accountsd")
+	(preference-domain "com.apple.camera")
+	(preference-domain "com.apple.marco")
+	(preference-domain "com.apple.logging")
+	(preference-domain "com.apple.aggregated")
+	(preference-domain "com.apple.VoiceOverTouch")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.Accessibility")
+	(preference-domain "com.apple.AOSNotification.public.notbackedup")
+	(preference-domain "com.apple.corevideo")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(preference-domain "com.apple.coreaudio")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.coremedia")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.itunesstored")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.avfoundation")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.corevideo")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.mobileipod")
+		(extension "com.apple.tcc.kTCCServicePhotos")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.mail.composition")
+	(preference-domain "com.apple.mediaaccessibility.public")
+	(preference-domain "com.apple.Preferences")
+	(preference-domain "com.apple.EmojiPreferences")
+	(preference-domain "com.apple.youtubeframework")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "com.apple.PeoplePicker"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MailCompositionService.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MailCompositionService.sb.xml
new file mode 100644
index 00000000..c3c699a4
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MailCompositionService.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="file-read-metadata" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MobileBackup.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MobileBackup.sb
new file mode 100644
index 00000000..5d50517e
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MobileBackup.sb
@@ -0,0 +1,9 @@
+(version 1)
+(allow default)
+(deny file-read*
+	(subpath "/private/var/run/mobile_image_mounter"))
+(deny file-write-unlink
+	(literal "/private")
+	(literal "/private/var")
+	(literal "/private/var/run"))
+(deny job-creation)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MobileBackup.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MobileBackup.sb.xml
new file mode 100644
index 00000000..c2485d32
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MobileBackup.sb.xml
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="allow" />
+	<operation name="job-creation" action="deny" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MobileCal.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MobileCal.sb
new file mode 100644
index 00000000..41ba8802
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MobileCal.sb
@@ -0,0 +1,875 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(extension-class "com.apple.quicklook.readonly")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(subpath "/private/var/MobileAsset")
+		(extension "com.apple.assets.read")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(require-all
+				(subpath-prefix "${HOME}/Library/OnDemandResources/AssetPacks")
+				(extension "com.apple.odr-assets"))
+			(require-all
+				(subpath "/private/var/containers/Data/System/com.apple.ondemandd/Library/AssetPacks")
+				(extension "com.apple.odr-assets"))))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(subpath-prefix "${HOME}/Media")
+		(extension "com.apple.avasset.read-only")
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-only")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-only")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]mobilecal/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]mobilecal$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]mobilecal/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]mobilecal$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(subpath "/private/var/tmp")
+		(require-any
+			(extension-class "com.apple.app-sandbox.read")
+			(extension-class "com.apple.app-sandbox.read-write")
+			(extension-class "com.apple.mediaserverd.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]mobilecal/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]mobilecal$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]mobilecal/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]mobilecal$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(require-all
+				(subpath-prefix "${HOME}/Library/OnDemandResources/AssetPacks")
+				(extension "com.apple.odr-assets"))
+			(require-all
+				(subpath "/private/var/containers/Data/System/com.apple.ondemandd/Library/AssetPacks")
+				(extension "com.apple.odr-assets"))))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(extension "com.apple.librarian.ubiquity-container")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Assets")
+		(extension "com.apple.assets.read")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]mobilecal/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]mobilecal$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]mobilecal/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]mobilecal$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.app-sandbox.read-write")))
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(subpath "/System/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.TelephonyUtilities.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+	(subpath "/usr/share")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+	(extension "com.apple.sandbox.executable")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoRegistry.plist")
+	(subpath "/private/var/db/timezone")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.pairedsync.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaremote.plist")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Caches/GeoServices/tguid.bin"))
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.plist")
+			(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.nanoprefsyncd.plist")
+			(literal-prefix "${HOME}/Media/Vibrations/UserGeneratedVibrationPatterns.plist")
+			(subpath "/private/var/containers/Data/System/com.apple.geod")
+			(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/Ringtones.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+			(literal-prefix "${HOME}/Library/Preferences/com.apple.dataaccess.launchd")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AOSNotification.public.notbackedup.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.keyboard.plist")
+			(literal "/private/var/preferences/SystemConfiguration/com.apple.accounts.exists.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Sharing.plist")
+			(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+			(subpath "/Library/Dictionaries")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.UIKit.plist")
+			(literal-prefix "${HOME}/Library/Caches/Checkpoint.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+			(subpath "/AppleInternal/Library/Frameworks")
+			(literal "/private/var/preferences/com.apple.networkd.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Accessibility.plist")
+			(literal "/private/var/preferences/com.apple.security.plist")
+			(subpath-prefix "${HOME}/Library/Caches/com.apple.IconsCache")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AOSNotification.public.notbackedup.plist")
+			(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+			(subpath-prefix "${HOME}/Library/Caches/com.apple.keyboards")
+			(subpath-prefix "${HOME}/Media/Purchases")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.public.notbackedup.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.camera.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.preferences.sounds.plist")
+			(literal "/private/var/preferences/SystemConfiguration/com.apple.twitter.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.calendardiagnostics.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.SpeakSelection.plist")
+			(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.suggestions.plist")
+			(subpath-prefix "${HOME}/Library/Fonts")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobilecal.timezones.plist")
+			(subpath-prefix "${FRONT_USER_HOME}/Library/Caches/GeoServices")
+			(literal-prefix "${HOME}/Library/Caches/DateFormats.plist")
+			(subpath "/private/var/containers/Data/System/com.apple.geod")
+			(extension "com.apple.app-sandbox.read")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobilecal.plist")
+			(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+			(subpath-prefix "${HOME}/Library/Logs/Calendar")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.postwipe.plist")
+			(subpath-prefix "${HOME}/Library/Assets/com_apple_MobileAsset_VoiceServicesVocalizerVoice")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+			(literal "/com.apple.xpc.launchd.bootstrap.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iokit.IOMobileGraphicsFamily.plist")
+			(subpath-prefix "${HOME}/Media/iTunes_Control/Ringtones")
+			(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MapKit.internal.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreMotion.plist")
+			(subpath-prefix "${HOME}/Library/Calendar")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iapd.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.accountsd.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.eventkit.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.support.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mt.plist")
+			(literal "/private/var/preferences/SystemConfiguration/com.apple.facebook.plist")
+			(subpath-prefix "${HOME}/Library/Logs/Handoff")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.EmojiPreferences.plist")
+			(subpath "/AppleInternal/Library/Frameworks/RadarCompose.framework")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreanimation.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.da.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+			(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.backedup.plist")
+			(literal-prefix "${HOME}/Library/Caches/com.apple.itunesstored/url-resolution.plist")
+			(literal "/private/var/preferences/com.apple.networkd.plist")
+			(extension "com.apple.app-sandbox.read-write")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.nanoprefsyncd.plist")
+			(subpath-prefix "${HOME}/Library/VoiceServices/Assets")
+			(subpath-prefix "${FRONT_USER_HOME}/Library/Caches/GeoServices")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.locationd.plist")
+			(subpath-prefix "${HOME}/Library/Dictionaries")
+			(subpath "/private/var/tmp")
+			(literal-prefix-regex "${HOME}/Library/Preferences/com[.]apple[.]mobilecal.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.appleaccount.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.telephonyutilities.dialassist.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.voiceservices.plist")
+			(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+			(subpath-prefix "${HOME}/Library/Cookies")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataAccess.BehaviorOptions.plist")
+			(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.message.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileAsset.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreDuet.plist")
+			(subpath-prefix "${HOME}/Library/Caches/com.apple.UIStatusBar")
+			(subpath "/Library/Ringtones")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.public.plist")
+			(literal "/private/var/preferences/SystemConfiguration/com.apple.radios.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.InputModePreferences.plist")
+			(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+			(literal "/private/var/preferences/SystemConfiguration/com.apple.linkedin.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Preferences.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.springboard.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebUI.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileslideshow.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataMigration.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+			(literal "/private/var/preferences/SystemConfiguration/com.apple.sinaweibo.plist")
+			(literal-prefix "${HOME}/Library/Keyboard/LocalDictionary")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.VoiceOverTouch.plist")
+			(literal "/private/var/preferences/com.apple.security.plist")
+			(require-all
+				(subpath "/private/var/containers/Data/System/com.apple.ondemandd/Library/AssetPacks")
+				(extension "com.apple.odr-assets"))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/Application Support/CloudDocs/session/r")
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.clouddocs.version"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/Assets")
+				(extension "com.apple.assets.read"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]mobilecal-" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]mobilecal/" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]mobilecal$" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]mobilecal-" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]mobilecal/" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]mobilecal$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/Application Support/Ubiquity/genstore")
+				(extension "com.apple.librarian.ubiquity-revision"))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(subpath-prefix "${HOME}/Media/PhotoData/Thumbnails")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mobilecal/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mobilecal$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mobilecal/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mobilecal$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite-journal")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite-shm")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(regex #"^/private/var/mobile/Documents/com[.]apple[.]mobilecal[.]settings$" #"^/private/var/mobile/Documents/com[.]apple[.]mobilecal[.]settings/" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.]mobilecal[.]settings$" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.]mobilecal[.]settings/")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(subpath-prefix "${HOME}/Media/PhotoData/Sync/FaceAlbumThumbnails")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(subpath "/private/var/MobileAsset")
+				(extension "com.apple.assets.read"))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(literal-prefix "${HOME}/Media/PhotoData/syncInfo.plist")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+				(extension "com.apple.tcc.kTCCServiceAddressBook"))
+			(require-all
+				(subpath-prefix "${HOME}/Media")
+				(extension "com.apple.avasset.read-only")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/SyncedPreferences/com[.]apple[.]mobilecal[.]plist" #"^/private/var/mobile/Library/SyncedPreferences/com[.]apple[.]mobilecal-.+[.]plist" #"^/private/var/euser[0-9]+/Library/SyncedPreferences/com[.]apple[.]mobilecal-.*[.]plist")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+				(extension "com.apple.revisiond.revision"))
+			(require-all
+				(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]mobilecal[.]savedState/" #"^/private/var/euser[0-9]+/Library/Saved Application State/com[.]apple[.]mobilecal[.]savedState/")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+				(extension "com.apple.revisiond.revision"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]ToneLibrary$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]ToneLibrary$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/Mobile Documents")
+				(require-any
+					(extension "com.apple.librarian.ubiquity-container")
+					(require-entitlement "com.apple.private.librarian.container-proxy")))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]mobilecal/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]mobilecal$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]mobilecal/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]mobilecal$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type SYMLINK)
+				(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+				(extension "com.apple.revisiond.revision"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/OnDemandResources/AssetPacks")
+				(extension "com.apple.odr-assets"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/AddressBook")
+				(extension "com.apple.tcc.kTCCServiceAddressBook"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/FairPlay")
+				(literal "/usr/sbin/fairplayd")
+				(subpath-prefix "${HOME}/Media")
+				(require-any
+					(literal "/dev/random")
+					(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+					(literal "/dev/urandom")
+					(literal "/dev/ptmx")
+					(literal "/dev/aes_0")
+					(literal "/dev/dtracehelper")
+					(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+					(literal "/dev/null")
+					(literal "/dev/zero")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+					(require-all
+						(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+						(require-entitlement "com.apple.bulletinboard.dataprovider"))
+					(require-all
+						(vnode-type TTY)
+						(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+					(require-all
+						(extension "com.apple.sandbox.system-group")
+						(require-any
+							(require-entitlement "com.apple.security.system-group-containers")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+							(require-entitlement "com.apple.security.system-groups")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+					(require-all
+						(extension "com.apple.sandbox.system-container")
+						(require-entitlement "com.apple.security.system-container"))
+					(require-all
+						(extension "com.apple.sandbox.system-group")
+						(require-any
+							(require-entitlement "com.apple.security.system-group-containers")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+							(require-entitlement "com.apple.security.system-groups")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+					(require-all
+						(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+						(extension "com.apple.sandbox.pty"))
+					(require-all
+						(extension "com.apple.sandbox.system-container")
+						(require-entitlement "com.apple.security.system-container"))
+					(require-all
+						(vnode-type BLOCK-DEVICE)
+						(vnode-type CHARACTER-DEVICE)
+						(require-any
+							(literal "/private/etc/hosts")
+							(literal "/private/etc/group")
+							(literal "/private/etc/passwd")
+							(literal "/")
+							(literal "/private/etc/protocols")
+							(literal "/private/etc/services")
+							(require-all
+								(literal-prefix "${HOME}/Library/CoreDuet/People")
+								(require-entitlement "com.apple.coreduetd.people"))
+							(require-all
+								(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+								(require-entitlement "com.apple.coreduetd.people"))
+							(require-all
+								(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+								(require-entitlement "com.apple.coreduetd.people"))
+							(require-all
+								(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+								(require-entitlement "com.apple.coreduetd.people"))
+							(require-all
+								(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+								(require-entitlement "com.apple.coreduetd.people"))))
+					(require-all
+						(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+						(require-entitlement "com.apple.bulletinboard.dataprovider"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+						(subpath-prefix "${FRONT_USER_HOME}"))))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(subpath-prefix "${HOME}/Media/PhotoData/Metadata")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/[.]GlobalPreferences$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/[.]GlobalPreferences$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(vnode-type SYMLINK)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite-wal")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mobilecal/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mobilecal$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mobilecal/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mobilecal$")
+				(subpath-prefix "${HOME}")))))
+(allow file-read-metadata)
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Caches/GeoServices/tguid.bin"))
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobilecal.timezones.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobilecal.plist")
+			(subpath-prefix "${HOME}/Library/Logs/Handoff")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.calendardiagnostics.plist")
+			(subpath-prefix "${HOME}/Library/Logs/Calendar")
+			(subpath-prefix "${HOME}/Library/Cookies")
+			(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+			(subpath-prefix "${HOME}/Library/Calendar")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+			(require-all
+				(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+				(extension "com.apple.tcc.kTCCServiceAddressBook"))
+			(require-all
+				(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.springboard.plist"))
+				(require-not (literal-prefix "${HOME}/Library/Caches/DateFormats.plist"))
+				(require-any
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.EmojiPreferences.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Preferences.plist")
+					(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.public.plist")
+					(subpath-prefix "${HOME}/Library/Caches/com.apple.keyboards")
+					(literal-prefix "${HOME}/Library/Preferences/com.apple.dataaccess.launchd")
+					(literal-prefix "${HOME}/Library/Keyboard/LocalDictionary")
+					(subpath "/private/var/tmp")
+					(literal-prefix-regex "${HOME}/Library/Preferences/com[.]apple[.]mobilecal.plist")
+					(extension "com.apple.app-sandbox.read-write")
+					(require-all
+						(regex #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]mobilecal[.]savedState/" #"^/private/var/euser[0-9]+/Library/Saved Application State/com[.]apple[.]mobilecal[.]savedState/")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mobilecal/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mobilecal$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mobilecal/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mobilecal$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(subpath-prefix "${HOME}/Media")
+						(require-any
+							(require-all
+								(extension "com.apple.sandbox.system-container")
+								(require-entitlement "com.apple.security.system-container"))
+							(require-all
+								(vnode-type BLOCK-DEVICE)
+								(vnode-type CHARACTER-DEVICE)
+								(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+								(require-entitlement "com.apple.coreduetd.people"))
+							(require-all
+								(extension "com.apple.sandbox.system-group")
+								(require-any
+									(require-entitlement "com.apple.security.system-group-containers")
+									(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+									(require-entitlement "com.apple.security.system-groups")
+									(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))))
+					(require-all
+						(subpath-prefix "${HOME}/Library/Mobile Documents")
+						(require-any
+							(extension "com.apple.librarian.ubiquity-container")
+							(require-entitlement "com.apple.private.librarian.container-proxy")))
+					(require-all
+						(regex #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]mobilecal-" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]mobilecal/" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]mobilecal$" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]mobilecal-" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]mobilecal/" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]mobilecal$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(vnode-type REGULAR-FILE)
+						(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mobilecal/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mobilecal$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mobilecal/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mobilecal$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(vnode-type SYMLINK)
+						(subpath "/private/var/.DocumentRevisions-V100/staging")
+						(extension "com.apple.revisiond.staging"))
+					(require-all
+						(regex #"^/private/var/mobile/Documents/com[.]apple[.]mobilecal[.]settings$" #"^/private/var/mobile/Documents/com[.]apple[.]mobilecal[.]settings/" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.]mobilecal[.]settings$" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.]mobilecal[.]settings/")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(subpath "/private/var/.DocumentRevisions-V100/staging")
+						(extension "com.apple.revisiond.staging"))
+					(require-all
+						(vnode-type REGULAR-FILE)
+						(subpath "/private/var/.DocumentRevisions-V100/staging")
+						(extension "com.apple.revisiond.staging"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]mobilecal/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]mobilecal$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]mobilecal/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]mobilecal$")
+						(subpath-prefix "${HOME}"))))
+			(require-all
+				(subpath-prefix "${HOME}/Library/AddressBook")
+				(extension "com.apple.tcc.kTCCServiceAddressBook")))))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.Accessibility.plist"))
+				(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.UIKit.plist"))
+				(require-any
+					(require-all
+						(vnode-type REGULAR-FILE)
+						(extension "com.apple.private.safe-move.send"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(literal-prefix "${HOME}/Library/Caches"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(literal-prefix "${HOME}/Library/Saved Application State"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(literal-prefix "${HOME}/Library/Caches/Snapshots"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(regex #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]mobilecal[.]savedState" #"^/private/var/euser[0-9]+/Library/Saved Application State/com[.]apple[.]mobilecal[.]savedState")
+						(subpath-prefix "${HOME}"))))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches/com.apple.DictionaryServices")))))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup)
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(preference-domain "com.apple.NanoRegistry")
+	(preference-domain "com.apple.demo-settings")
+	(preference-domain "com.apple.Preferences")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.UIKit")
+	(preference-domain "com.apple.mobileipod")
+	(preference-domain "com.apple.locationd")
+	(preference-domain "com.apple.avfoundation")
+	(preference-domain "com.apple.EmojiPreferences")
+	(preference-domain "com.apple.coreanimation")
+	(preference-domain "com.apple.mobilecal.timezones")
+	(preference-domain "com.apple.calendardiagnostics")
+	(preference-domain "com.apple.suggestions")
+	(preference-domain "com.apple.mt")
+	(preference-domain "com.apple.Sharing")
+	(preference-domain "com.apple.corevideo")
+	(preference-domain "com.apple.marco")
+	(preference-domain "com.apple.MapKit.internal")
+	(preference-domain "com.apple.voiceservices")
+	(preference-domain "com.apple.assistant.support")
+	(preference-domain "com.apple.mediaaccessibility")
+	(preference-domain "com.apple.itunesstored")
+	(preference-domain "com.apple.eventkit")
+	(preference-domain "com.apple.message")
+	(preference-domain "com.apple.mediaremote")
+	(preference-domain "com.apple.appleaccount")
+	(preference-domain "com.apple.SpeakSelection")
+	(preference-domain ".GlobalPreferences")
+	(preference-domain "com.apple.CoreMotion")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "com.apple.telephonyutilities.dialassist")
+	(preference-domain "com.apple.pairedsync")
+	(preference-domain "com.apple.CoreDuet")
+	(preference-domain "com.apple.mobilecal")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.keyboard")
+	(preference-domain "com.apple.GEO")
+	(preference-domain "com.apple.coreaudio")
+	(preference-domain "com.apple.iapd")
+	(preference-domain "com.apple.da")
+	(preference-domain "com.apple.assistant.backedup")
+	(preference-domain "com.apple.iokit.IOMobileGraphicsFamily")
+	(preference-domain "com.apple.TelephonyUtilities")
+	(preference-domain "com.apple.MobileAsset")
+	(preference-domain "com.apple.WebUI")
+	(preference-domain "com.apple.carrier")
+	(preference-domain "com.apple.springboard")
+	(preference-domain "com.apple.icloud.findmydeviced.public.notbackedup")
+	(preference-domain "com.apple.DataAccess.BehaviorOptions")
+	(preference-domain "com.apple.coremedia")
+	(preference-domain "com.apple.InputModePreferences")
+	(preference-domain "com.apple.mobileslideshow")
+	(preference-domain "com.apple.mediaaccessibility.public")
+	(preference-domain "com.apple.preferences.sounds")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.icloud.findmydeviced.postwipe")
+	(preference-domain "com.apple.assistant")
+	(preference-domain "com.apple.DataMigration")
+	(preference-domain "com.apple.accountsd")
+	(preference-domain "com.apple.camera")
+	(preference-domain "com.apple.nanoprefsyncd")
+	(preference-domain "com.apple.logging")
+	(preference-domain "com.apple.VoiceOverTouch")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.Accessibility")
+	(preference-domain "com.apple.AOSNotification.public.notbackedup")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(preference-domain "com.apple.avfoundation")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.coreaudio")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.coremedia")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.mobileipod")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.itunesstored")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.corevideo")
+		(extension "com.apple.tcc.kTCCServicePhotos")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.calendardiagnostics")
+	(preference-domain "com.apple.Preferences")
+	(preference-domain "com.apple.mobilecal.timezones")
+	(preference-domain "com.apple.EmojiPreferences")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.mobilecal")
+	(preference-domain "com.apple.mediaaccessibility.public"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MobileCal.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MobileCal.sb.xml
new file mode 100644
index 00000000..31b4e67c
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MobileCal.sb.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="file-read-metadata" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="mach-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MobileMaps.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MobileMaps.sb
new file mode 100644
index 00000000..9551d3a9
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MobileMaps.sb
@@ -0,0 +1,970 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(extension-class "com.apple.quicklook.readonly")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-only")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-only")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(subpath "/private/var/MobileAsset")
+		(extension "com.apple.assets.read")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(require-all
+				(subpath-prefix "${HOME}/Library/OnDemandResources/AssetPacks")
+				(extension "com.apple.odr-assets"))
+			(require-all
+				(subpath "/private/var/containers/Data/System/com.apple.ondemandd/Library/AssetPacks")
+				(extension "com.apple.odr-assets"))))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(subpath-prefix "${HOME}/Media")
+		(extension "com.apple.avasset.read-only")
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]Maps/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]Maps$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]Maps/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]Maps$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(subpath "/private/var/tmp")
+		(require-any
+			(extension-class "com.apple.app-sandbox.read")
+			(extension-class "com.apple.app-sandbox.read-write")
+			(extension-class "com.apple.mediaserverd.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]Maps/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]Maps$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]Maps/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]Maps$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(require-all
+				(subpath-prefix "${HOME}/Library/OnDemandResources/AssetPacks")
+				(extension "com.apple.odr-assets"))
+			(require-all
+				(subpath "/private/var/containers/Data/System/com.apple.ondemandd/Library/AssetPacks")
+				(extension "com.apple.odr-assets"))))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(extension "com.apple.librarian.ubiquity-container")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Assets")
+		(extension "com.apple.assets.read")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]Maps/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]Maps$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]Maps/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]Maps$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.app-sandbox.read-write")))
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(subpath "/System/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.locationd.plist")
+	(subpath-prefix "${HOME}/Library/Maps")
+	(subpath-prefix "${HOME}/Library/Caches/Maps")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GMM.plist")
+	(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.conference.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Maps.plist")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AOSNotification.public.notbackedup.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.weather.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.public.notbackedup.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MapsSupport.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreDuet.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.accountsd.plist")
+	(extension "com.apple.sandbox.executable")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoRegistry.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.postwipe.plist")
+	(subpath "/private/var/db/timezone")
+	(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.wifi.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.pairedsync.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.internal.Voltaire.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.persistentconnection.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.backedup.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.appleaccount.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.voiceservices.plist")
+	(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+	(subpath-prefix "${HOME}/Library/SMS")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+	(subpath "/Developer")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mms_override.plist")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(subpath "/AppleInternal")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.skyhookwireless.wps.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(regex #"^/private/var/containers/Bundle/[^/]+/[-0-9A-Z]+/GeoJSON")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataMigration.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ids.plist")
+	(subpath "/Applications/Maps.app")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Caches/GeoServices/tguid.bin"))
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.plist")
+			(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileAsset.plist")
+			(literal-prefix "${HOME}/Media/Vibrations/UserGeneratedVibrationPatterns.plist")
+			(subpath "/private/var/containers/Data/System/com.apple.geod")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+			(subpath "/AppleInternal/Library/Frameworks/RadarCompose.framework")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.keyboard.plist")
+			(literal "/private/var/preferences/SystemConfiguration/com.apple.accounts.exists.plist")
+			(literal-prefix "${HOME}/Library/Keyboard/LocalDictionary")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Sharing.plist")
+			(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-wal")
+			(subpath "/Library/Dictionaries")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.UIKit.plist")
+			(literal-prefix "${HOME}/Library/Caches/Checkpoint.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Accessibility.plist")
+			(literal "/private/var/preferences/com.apple.security.plist")
+			(subpath-prefix "${HOME}/Library/Caches/com.apple.IconsCache")
+			(subpath-prefix "${HOME}/Library/Caches/com.apple.keyboards")
+			(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb-journal")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.camera.plist")
+			(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-journal")
+			(literal "/private/var/preferences/SystemConfiguration/com.apple.twitter.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.medialibrary.plist")
+			(subpath-prefix "${FRONT_USER_HOME}/Library/Caches/GeoServices")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.SpeakSelection.plist")
+			(literal-prefix "${HOME}/Library/Caches/com.apple.iTunesStore/network-constraints.plist")
+			(subpath-prefix "${HOME}/Library/Fonts")
+			(literal-prefix "${HOME}/Library/Caches/DateFormats.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.preferences.sounds.plist")
+			(extension "com.apple.app-sandbox.read")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+			(subpath-prefix "${HOME}/Library/Assets/com_apple_MobileAsset_VoiceServicesVocalizerVoice")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+			(literal "/com.apple.xpc.launchd.bootstrap.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iokit.IOMobileGraphicsFamily.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MapKit.internal.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreMotion.plist")
+			(literal-prefix-regex "${HOME}/Library/Preferences/com[.]apple[.]Maps.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iapd.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Preferences.plist")
+			(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mt.plist")
+			(literal "/private/var/preferences/SystemConfiguration/com.apple.facebook.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.EmojiPreferences.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreanimation.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.da.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+			(literal-prefix "${HOME}/Library/Cookies")
+			(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+			(literal-prefix "${HOME}/Library/Caches/com.apple.itunesstored/url-resolution.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.homesharing.plist")
+			(literal "/private/var/preferences/com.apple.networkd.plist")
+			(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb-shm")
+			(extension "com.apple.app-sandbox.read-write")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.nanoprefsyncd.plist")
+			(subpath-prefix "${HOME}/Library/VoiceServices/Assets")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.support.plist")
+			(subpath-prefix "${HOME}/Library/Dictionaries")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.telephonyutilities.dialassist.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.voiceservices.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataAccess.BehaviorOptions.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.public.plist")
+			(subpath "/private/var/tmp")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.plist")
+			(subpath-prefix "${HOME}/Library/Caches/com.apple.UIStatusBar")
+			(subpath "/Library/Ringtones")
+			(literal "/private/var/preferences/SystemConfiguration/com.apple.radios.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.InputModePreferences.plist")
+			(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+			(literal "/private/var/preferences/SystemConfiguration/com.apple.linkedin.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebUI.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileslideshow.plist")
+			(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb")
+			(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb-wal")
+			(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-shm")
+			(literal-prefix "${HOME}/Media/iTunes_Control/iTunes")
+			(literal "/private/var/preferences/SystemConfiguration/com.apple.sinaweibo.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.VoiceOverTouch.plist")
+			(require-all
+				(subpath "/private/var/containers/Data/System/com.apple.ondemandd/Library/AssetPacks")
+				(extension "com.apple.odr-assets"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/SyncedPreferences/com[.]apple[.]Maps[.]plist" #"^/private/var/mobile/Library/SyncedPreferences/com[.]apple[.]Maps-.+[.]plist" #"^/private/var/euser[0-9]+/Library/SyncedPreferences/com[.]apple[.]Maps-.*[.]plist")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/Application Support/CloudDocs/session/r")
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.clouddocs.version"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/Assets")
+				(extension "com.apple.assets.read"))
+			(require-all
+				(subpath "/private/var/MobileAsset")
+				(extension "com.apple.assets.read"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]Maps[.]savedState/" #"^/private/var/euser[0-9]+/Library/Saved Application State/com[.]apple[.]Maps[.]savedState/")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite-wal")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/Application Support/Ubiquity/genstore")
+				(extension "com.apple.librarian.ubiquity-revision"))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(subpath-prefix "${HOME}/Media/PhotoData/Thumbnails")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(subpath-prefix "${HOME}/Media")
+				(extension "com.apple.avasset.read-only")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]Maps/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]Maps$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]Maps/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]Maps$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+				(extension "com.apple.revisiond.revision"))
+			(require-all
+				(subpath-prefix "${HOME}/Media/PhotoData/Metadata")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]Maps-" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]Maps/" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]Maps$" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]Maps-" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]Maps/" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]Maps$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(subpath-prefix "${HOME}/Media/PhotoData/Sync/FaceAlbumThumbnails")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(literal-prefix "${HOME}/Media/PhotoData/syncInfo.plist")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com.apple.iTunesStore/ISURLBag/com[.]apple[.]Maps$" #"^/private/var/mobile/Library/Caches/com.apple.iTunesStore/ISURLBag/com[.]apple[.]Maps/$" #"^/private/var/mobile/Library/Caches/com.apple.iTunesStore/ISURLBag/com[.]apple[.]Maps/.+$" #"^/private/var/euser[0-9]+/Library/Caches/com.apple.iTunesStore/ISURLBag/com[.]apple[.]Maps/(?|.+)$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite-journal")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite-shm")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(regex #"^/private/var/mobile/Documents/com[.]apple[.]Maps[.]settings$" #"^/private/var/mobile/Documents/com[.]apple[.]Maps[.]settings/" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.]Maps[.]settings$" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.]Maps[.]settings/")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+				(extension "com.apple.revisiond.revision"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]ToneLibrary$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]ToneLibrary$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/Mobile Documents")
+				(require-any
+					(extension "com.apple.librarian.ubiquity-container")
+					(require-entitlement "com.apple.private.librarian.container-proxy")))
+			(require-all
+				(vnode-type SYMLINK)
+				(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+				(extension "com.apple.revisiond.revision"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/OnDemandResources/AssetPacks")
+				(extension "com.apple.odr-assets"))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(require-not (subpath-prefix "${HOME}/Library/FairPlay"))
+				(require-not (literal "/usr/sbin/fairplayd"))
+				(require-not (subpath-prefix "${HOME}/Media"))
+				(require-any
+					(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+					(literal "/dev/random")
+					(literal "/dev/urandom")
+					(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+					(literal "/dev/aes_0")
+					(literal "/dev/dtracehelper")
+					(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+					(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+					(literal "/dev/ptmx")
+					(literal "/dev/null")
+					(literal "/dev/zero")
+					(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+					(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+					(require-all
+						(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+						(require-entitlement "com.apple.bulletinboard.dataprovider"))
+					(require-all
+						(vnode-type TTY)
+						(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+					(require-all
+						(extension "com.apple.sandbox.system-group")
+						(require-any
+							(require-entitlement "com.apple.security.system-group-containers")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+							(require-entitlement "com.apple.security.system-groups")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+					(require-all
+						(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle$" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/Info[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/Info[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[.]lproj$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[.]lproj$" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[^/]+[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[^/]+[.]lproj$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[^/]+[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[^/]+[.]lproj$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]bundle$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]bundle/Info[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/((.*[.]bundle/|[.]bundle/[^/]+)|.+[.]bundle/[^/]+)[.]lproj/" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/((.*[.]bundle/|[.]bundle/[^/]+)|.+[.]bundle/[^/]+)[.]lproj$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(extension "com.apple.sandbox.system-group")
+						(require-any
+							(require-entitlement "com.apple.security.system-group-containers")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+							(require-entitlement "com.apple.security.system-groups")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+					(require-all
+						(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+						(extension "com.apple.sandbox.pty"))
+					(require-all
+						(extension "com.apple.sandbox.system-container")
+						(require-entitlement "com.apple.security.system-container"))
+					(require-all
+						(extension "com.apple.sandbox.system-container")
+						(require-entitlement "com.apple.security.system-container"))
+					(require-all
+						(vnode-type BLOCK-DEVICE)
+						(vnode-type CHARACTER-DEVICE)
+						(require-any
+							(literal "/private/etc/hosts")
+							(literal "/private/etc/group")
+							(literal "/private/etc/passwd")
+							(literal "/")
+							(literal "/private/etc/protocols")
+							(literal "/private/etc/services")
+							(require-all
+								(literal-prefix "${HOME}/Library/CoreDuet/People")
+								(require-entitlement "com.apple.coreduetd.people"))
+							(require-all
+								(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+								(require-entitlement "com.apple.coreduetd.people"))
+							(require-all
+								(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+								(require-entitlement "com.apple.coreduetd.people"))
+							(require-all
+								(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+								(require-entitlement "com.apple.coreduetd.people"))
+							(require-all
+								(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+								(require-entitlement "com.apple.coreduetd.people"))))
+					(require-all
+						(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+						(require-entitlement "com.apple.bulletinboard.dataprovider"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+						(subpath-prefix "${FRONT_USER_HOME}"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+						(subpath-prefix "${HOME}"))))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]Maps/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]Maps$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]Maps/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]Maps$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/[.]GlobalPreferences$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/[.]GlobalPreferences$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(vnode-type SYMLINK)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]Maps/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]Maps$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]Maps/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]Maps$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]Maps" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]Maps" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]Maps")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/AddressBook")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+		(subpath-prefix "${HOME}")))
+(allow file-read-data
+	(require-all
+		(regex #"^/private/var/mobile/Library/ExternalAccessory/ea[.0-9]+$" #"^/private/var/euser[0-9]+/Library/ExternalAccessory/ea[.0-9]+$")
+		(subpath-prefix "${FRONT_USER_HOME}")))
+(allow file-read-metadata)
+(allow file-write*
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GMM.plist")
+	(subpath-prefix "${HOME}/Library/Maps")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.internal.Voltaire.plist")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.skyhookwireless.wps.plist")
+	(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.backedup.plist")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+	(subpath-prefix "${HOME}/Library/SMS")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Maps.plist")
+	(subpath-prefix "${HOME}/Library/Caches/Maps")
+	(regex #"^/private/var/containers/Bundle/[^/]+/[-0-9A-Z]+/GeoJSON")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.plist")
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.springboard.plist"))
+		(require-not (literal-prefix "${HOME}/Library/Caches/GeoServices/tguid.bin"))
+		(require-not (literal-prefix "${HOME}/Library/Caches/DateFormats.plist"))
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.EmojiPreferences.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Preferences.plist")
+			(literal-prefix "${HOME}/Library/Cookies")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+			(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb")
+			(literal-prefix "${HOME}/Library/Caches/com.apple.iTunesStore/network-constraints.plist")
+			(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+			(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb-shm")
+			(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-wal")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+			(extension "com.apple.app-sandbox.read-write")
+			(literal-prefix-regex "${HOME}/Library/Preferences/com[.]apple[.]Maps.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.public.plist")
+			(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb-journal")
+			(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb")
+			(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-shm")
+			(literal-prefix "${HOME}/Media/iTunes_Control/iTunes")
+			(subpath-prefix "${HOME}/Library/Caches/com.apple.keyboards")
+			(subpath "/private/var/tmp")
+			(literal-prefix "${HOME}/Library/Keyboard/LocalDictionary")
+			(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb-wal")
+			(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-journal")
+			(require-all
+				(regex #"^/private/var/mobile/Documents/com[.]apple[.]Maps[.]settings$" #"^/private/var/mobile/Documents/com[.]apple[.]Maps[.]settings/" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.]Maps[.]settings$" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.]Maps[.]settings/")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]Maps-" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]Maps/" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]Maps$" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]Maps-" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]Maps/" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]Maps$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(subpath-prefix "${HOME}/Media")
+				(require-any
+					(require-all
+						(extension "com.apple.sandbox.system-group")
+						(require-any
+							(require-entitlement "com.apple.security.system-groups")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+							(require-entitlement "com.apple.security.system-group-containers")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+					(require-all
+						(vnode-type BLOCK-DEVICE)
+						(vnode-type CHARACTER-DEVICE)
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(extension "com.apple.sandbox.system-container")
+						(require-entitlement "com.apple.security.system-container"))))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]Maps/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]Maps$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]Maps/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]Maps$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com.apple.iTunesStore/ISURLBag/com[.]apple[.]Maps$" #"^/private/var/mobile/Library/Caches/com.apple.iTunesStore/ISURLBag/com[.]apple[.]Maps/$" #"^/private/var/mobile/Library/Caches/com.apple.iTunesStore/ISURLBag/com[.]apple[.]Maps/.+$" #"^/private/var/euser[0-9]+/Library/Caches/com.apple.iTunesStore/ISURLBag/com[.]apple[.]Maps/(?|.+)$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Media/iTunes_Control/iTunes"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/Mobile Documents")
+				(require-any
+					(extension "com.apple.librarian.ubiquity-container")
+					(require-entitlement "com.apple.private.librarian.container-proxy")))
+			(require-all
+				(vnode-type DIRECTORY)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]Maps/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]Maps$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]Maps/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]Maps$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]Maps[.]savedState/" #"^/private/var/euser[0-9]+/Library/Saved Application State/com[.]apple[.]Maps[.]savedState/")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]Maps/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]Maps$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]Maps/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]Maps$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type SYMLINK)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Cookies"))))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]Maps" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]Maps" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]Maps")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/AddressBook")
+		(extension "com.apple.tcc.kTCCServiceAddressBook")))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type DIRECTORY)
+				(require-any
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")))
+			(require-all
+				(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.Accessibility.plist"))
+				(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.UIKit.plist"))
+				(require-any
+					(require-all
+						(vnode-type DIRECTORY)
+						(require-any
+							(literal-prefix "${HOME}/Library/Caches/com.apple.iTunesStore")
+							(literal-prefix "${HOME}/Library/Caches/com.apple.iTunesStore/ISURLBag")))
+					(require-all
+						(vnode-type REGULAR-FILE)
+						(extension "com.apple.private.safe-move.send"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(literal-prefix "${HOME}/Library/Caches"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(literal-prefix "${HOME}/Library/Saved Application State"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(literal-prefix "${HOME}/Library/Caches/Snapshots"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(regex #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]Maps[.]savedState" #"^/private/var/euser[0-9]+/Library/Saved Application State/com[.]apple[.]Maps[.]savedState")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(require-any
+							(literal-prefix "${HOME}/Library/com.apple.iTunesStore")
+							(literal-prefix "${HOME}/Library/com.apple.iTunesStore/LocalStorage")))))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches/com.apple.DictionaryServices")))))
+(allow file-write-data
+	(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb")
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb")
+	(require-all
+		(regex #"^/private/var/mobile/Library/ExternalAccessory/ea[.0-9]+$" #"^/private/var/euser[0-9]+/Library/ExternalAccessory/ea[.0-9]+$")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup)
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(preference-domain "com.apple.NanoRegistry")
+	(preference-domain "com.apple.demo-settings")
+	(preference-domain "com.apple.UIKit")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.internal.Voltaire")
+	(preference-domain "com.apple.ids")
+	(preference-domain "com.apple.locationd")
+	(preference-domain "com.apple.icloud.findmydeviced.postwipe")
+	(preference-domain "com.apple.EmojiPreferences")
+	(preference-domain "com.apple.MapsSupport")
+	(preference-domain "com.apple.coreanimation")
+	(preference-domain "com.apple.iokit.IOMobileGraphicsFamily")
+	(preference-domain "com.apple.weather")
+	(preference-domain "com.apple.mt")
+	(preference-domain "com.apple.avfoundation")
+	(preference-domain "com.apple.Sharing")
+	(preference-domain "com.apple.corevideo")
+	(preference-domain "com.apple.marco")
+	(preference-domain "com.apple.MapKit.internal")
+	(preference-domain "com.apple.logging")
+	(preference-domain "com.apple.assistant.support")
+	(preference-domain "com.apple.preferences.sounds")
+	(preference-domain "com.apple.mediaaccessibility")
+	(preference-domain "com.apple.telephonyutilities.dialassist")
+	(preference-domain "com.apple.iapd")
+	(preference-domain "com.apple.persistentconnection")
+	(preference-domain "com.apple.Preferences")
+	(preference-domain "com.apple.mobileipod")
+	(preference-domain ".GlobalPreferences")
+	(preference-domain "com.apple.CoreMotion")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "com.apple.pairedsync")
+	(preference-domain "com.apple.homesharing")
+	(preference-domain "com.apple.CoreDuet")
+	(preference-domain "com.apple.itunesstored")
+	(preference-domain "com.apple.voiceservices")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.keyboard")
+	(preference-domain "com.apple.GEO")
+	(preference-domain "com.apple.coreaudio")
+	(preference-domain "com.apple.da")
+	(preference-domain "com.apple.assistant.backedup")
+	(preference-domain "com.apple.mobileslideshow")
+	(preference-domain "com.apple.MobileAsset")
+	(preference-domain "com.apple.assistant")
+	(preference-domain "com.apple.carrier")
+	(preference-domain "com.apple.icloud.findmydeviced.public.notbackedup")
+	(preference-domain "com.apple.GMM")
+	(preference-domain "com.apple.medialibrary")
+	(preference-domain "com.apple.DataAccess.BehaviorOptions")
+	(preference-domain "com.apple.coremedia")
+	(preference-domain "com.apple.SpeakSelection")
+	(preference-domain "com.apple.InputModePreferences")
+	(preference-domain "com.apple.Accessibility")
+	(preference-domain "com.apple.mediaaccessibility.public")
+	(preference-domain "com.apple.DataMigration")
+	(preference-domain "com.apple.WebUI")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.mms_override")
+	(preference-domain "com.apple.appleaccount")
+	(preference-domain "com.apple.camera")
+	(preference-domain "com.apple.Maps")
+	(preference-domain "com.apple.nanoprefsyncd")
+	(preference-domain "com.apple.accountsd")
+	(preference-domain "com.apple.VoiceOverTouch")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.conference")
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.skyhookwireless.wps")
+	(preference-domain "com.apple.AOSNotification.public.notbackedup")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(preference-domain "com.apple.avfoundation")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.coreaudio")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.coremedia")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.itunesstored")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.mobileipod")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.corevideo")
+		(extension "com.apple.tcc.kTCCServicePhotos")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.Maps")
+	(preference-domain "com.apple.Preferences")
+	(preference-domain "com.apple.assistant.backedup")
+	(preference-domain "com.apple.assistant")
+	(preference-domain "com.apple.internal.Voltaire")
+	(preference-domain "com.apple.EmojiPreferences")
+	(preference-domain "com.apple.mobileipod")
+	(preference-domain "com.apple.GMM")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.skyhookwireless.wps")
+	(preference-domain "com.apple.mediaaccessibility.public")
+	(preference-domain "com.apple.itunesstored"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
+(allow system-socket
+	(socket-domain 39)
+	(socket-domain AF_ROUTE)
+	(require-all
+		(socket-domain AF_SYSTEM)
+		(socket-protocol 2)))
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MobileMaps.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MobileMaps.sb.xml
new file mode 100644
index 00000000..31b4e67c
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MobileMaps.sb.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="file-read-metadata" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="mach-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MobileSlideShow.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MobileSlideShow.sb
new file mode 100644
index 00000000..b21aeb1a
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MobileSlideShow.sb
@@ -0,0 +1,1154 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(extension-class "com.apple.quicklook.readonly")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(subpath-prefix "${HOME}/Media/MediaAnalysis")
+		(require-any
+			(extension-class "com.apple.mediaserverd.read-write")
+			(extension-class "com.apple.mediaserverd.read")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(subpath "/private/var/tmp"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(subpath "/private/var/tmp"))
+	(require-all
+		(subpath-prefix "${HOME}/Media/Debug")
+		(require-any
+			(extension-class "com.apple.mediaserverd.read-write")
+			(extension-class "com.apple.mediaserverd.read")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(require-all
+				(subpath-prefix "${HOME}/Library/OnDemandResources/AssetPacks")
+				(extension "com.apple.odr-assets"))
+			(require-all
+				(subpath "/private/var/containers/Data/System/com.apple.ondemandd/Library/AssetPacks")
+				(extension "com.apple.odr-assets"))))
+	(require-all
+		(subpath "/private/var/MobileAsset")
+		(extension "com.apple.assets.read")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(subpath-prefix "${HOME}/Media/Photos")
+		(require-any
+			(extension-class "com.apple.mediaserverd.read-write")
+			(extension-class "com.apple.mediaserverd.read")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(subpath-prefix "${HOME}/Media/DCIM")
+		(require-any
+			(extension-class "com.apple.mediaserverd.read-write")
+			(extension-class "com.apple.mediaserverd.read")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(subpath "/private/var/tmp")
+		(require-any
+			(extension-class "com.apple.app-sandbox.read")
+			(extension-class "com.apple.app-sandbox.read-write")
+			(extension-class "com.apple.mediaserverd.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-only")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-only")
+				(extension "com.apple.tcc.kTCCServicePhotos"))))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]mobileslideshow/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]mobileslideshow$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]camera/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]camera$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.](mobileslideshow|camera)/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.](mobileslideshow|camera)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(subpath-prefix "${HOME}/Media")
+		(extension "com.apple.avasset.read-only")
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Media/PhotoStreamsData"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(subpath-prefix "${HOME}/Media"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(subpath "/private/var/tmp/MediaCache")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(subpath-prefix "${HOME}/Media/Memories")
+		(require-any
+			(extension-class "com.apple.mediaserverd.read-write")
+			(extension-class "com.apple.mediaserverd.read")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(subpath-prefix "${HOME}/Media/Photos")
+			(subpath-prefix "${HOME}/Media/PhotoData")
+			(subpath-prefix "${HOME}/Media/MediaAnalysis")
+			(subpath-prefix "${HOME}/Media/Debug")
+			(subpath-prefix "${HOME}/Media/Memories")
+			(subpath-prefix "${HOME}/Media/DCIM")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(subpath-prefix "${HOME}/Media/PhotoData")
+		(require-any
+			(extension-class "com.apple.mediaserverd.read-write")
+			(extension-class "com.apple.mediaserverd.read")))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]mobileslideshow/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]mobileslideshow$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]camera/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]camera$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.](mobileslideshow|camera)/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.](mobileslideshow|camera)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(extension "com.apple.librarian.ubiquity-container")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Assets")
+		(extension "com.apple.assets.read")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(require-all
+				(subpath-prefix "${HOME}/Library/OnDemandResources/AssetPacks")
+				(extension "com.apple.odr-assets"))
+			(require-all
+				(subpath "/private/var/containers/Data/System/com.apple.ondemandd/Library/AssetPacks")
+				(extension "com.apple.odr-assets"))))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]mobileslideshow/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]mobileslideshow$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]camera/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]camera$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.](mobileslideshow|camera)/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.](mobileslideshow|camera)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(subpath-prefix "${HOME}/Media/Photos")
+			(subpath-prefix "${HOME}/Media/PhotoData")
+			(subpath-prefix "${HOME}/Media/MediaAnalysis")
+			(subpath-prefix "${HOME}/Media/Debug")
+			(subpath-prefix "${HOME}/Media/Memories")
+			(subpath-prefix "${HOME}/Media/DCIM")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(literal-prefix "${HOME}/Library/SpringBoard"))
+	(require-all
+		(subpath-prefix "${HOME}/Media/PhotoStreamsData")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos")))))
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.accountsd.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.legacycamera.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(literal-prefix "${HOME}/Library/Logs/MobileSlideShow.log")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ids.plist")
+	(subpath-prefix "${HOME}/Library/Application Support/MobileSlideShow")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.logging.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.act.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.airplay.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mmcs.plist")
+	(subpath-prefix "${HOME}/Library/Application Support/iLifePageLayout")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.pairedsync.plist")
+	(subpath "/usr/lib")
+	(literal "/AppleInternal/Library/Preferences/com.apple.airplay.dashboard.plist")
+	(subpath "/System/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.conference.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.nanocamera.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AOSNotification.public.notbackedup.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.public.notbackedup.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.medialibrary.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreDuet.plist")
+	(subpath-prefix "${HOME}/Media/iTunes_Control/iTunes")
+	(literal-prefix "${HOME}/Library/Logs/awd/awd-Camera.log")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoRegistry.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.postwipe.plist")
+	(subpath-prefix "${HOME}/Media/iTunes_Control/Artwork")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.locationd.plist")
+	(subpath "/Developer")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.pep.configuration.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ImageCaptureFramework.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.cloud.quota.plist")
+	(subpath-prefix "${HOME}/Library/SMS")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.videouploadplugins.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileSMS.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+	(subpath "/usr/share")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.camera.plist")
+	(subpath-prefix "${HOME}/Library/Siri")
+	(literal-prefix "${HOME}/Library/Logs/awd/awdComponent0x19.log")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(literal-prefix "${HOME}/Library/Logs/awd")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.imessage.bag.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobilemail.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.appleaccount.plist")
+	(subpath-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/Photos")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.youtubeframework.notbackedup.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(subpath "/private/var/db/timezone")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataMigration.plist")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.springboard.sharedimagecache/Wallpaper")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GMM.plist")
+	(literal-prefix "${HOME}/Library/SpringBoard")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaanalysis.plist")
+	(literal-prefix "${HOME}/Library/Logs/awd/awd-MobileSlideShow.log")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaremote.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.homesharing.plist")
+	(extension "com.apple.sandbox.executable")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileslideshow.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mms_override.plist")
+	(subpath-prefix "${HOME}/Library/Caches/Snapshots/com.apple.camera")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(subpath-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/CloudPhotoLibrary.aslgroup")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.compass.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.legacycamera")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ConfigServer.plist")
+	(require-all
+		(regex #"^/private/var/mobile/Library/SpringBoard/Lock.+" #"^/private/var/mobile/Library/SpringBoard/.+Lock.+" #"^/private/var/mobile/Library/SpringBoard/Home.+" #"^/private/var/mobile/Library/SpringBoard/.+Home.+" #"^/private/var/euser[0-9]+/Library/SpringBoard/((.*Lock|Home)|.+Home).+")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Caches/GeoServices/tguid.bin"))
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+			(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileAsset.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.UIKit.plist")
+			(subpath-prefix "${FRONT_USER_HOME}/Library/Caches/GeoServices")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.support.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.da.plist")
+			(subpath "/private/var/containers/Data/System/com.apple.geod")
+			(literal "/private/var/preferences/SystemConfiguration/com.apple.radios.plist")
+			(literal "/private/var/preferences/SystemConfiguration/com.apple.linkedin.plist")
+			(subpath-prefix "${HOME}/Library/VoiceServices/Assets")
+			(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreanimation.plist")
+			(extension "com.apple.app-sandbox.read")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.InputModePreferences.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mt.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+			(subpath-prefix "${HOME}/Library/Caches/com.apple.UIStatusBar")
+			(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+			(subpath-prefix "${HOME}/Library/Fonts")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+			(literal-prefix "${HOME}/Library/Caches/com.apple.itunesstored/url-resolution.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.VoiceOverTouch.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebUI.plist")
+			(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.keyboard.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Preferences.plist")
+			(literal "/private/var/preferences/com.apple.networkd.plist")
+			(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Sharing.plist")
+			(literal "/private/var/preferences/SystemConfiguration/com.apple.facebook.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.nanoprefsyncd.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.telephonyutilities.dialassist.plist")
+			(subpath "/Library/Dictionaries")
+			(extension "com.apple.app-sandbox.read-write")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+			(subpath-prefix "${HOME}/Library/Dictionaries")
+			(literal "/private/var/preferences/SystemConfiguration/com.apple.twitter.plist")
+			(subpath-prefix "${HOME}/Library/Assets/com_apple_MobileAsset_VoiceServicesVocalizerVoice")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iapd.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.EmojiPreferences.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.SpeakSelection.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Accessibility.plist")
+			(literal "/private/var/preferences/com.apple.security.plist")
+			(literal-prefix "${HOME}/Library/Preferences/com.apple.dataaccess.launchd")
+			(subpath-prefix "${HOME}/Library/Caches/com.apple.IconsCache")
+			(literal "/com.apple.xpc.launchd.bootstrap.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iokit.IOMobileGraphicsFamily.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AOSNotification.public.notbackedup.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.voiceservices.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MapKit.internal.plist")
+			(literal "/private/var/preferences/SystemConfiguration/com.apple.sinaweibo.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreMotion.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.public.plist")
+			(literal-prefix "${HOME}/Library/Caches/DateFormats.plist")
+			(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+			(literal-prefix "${HOME}/Library/Keyboard/LocalDictionary")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.preferences.sounds.plist")
+			(literal "/private/var/preferences/SystemConfiguration/com.apple.accounts.exists.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.plist")
+			(subpath-prefix "${HOME}/Library/Caches/com.apple.keyboards")
+			(require-all
+				(subpath-prefix "${HOME}/Library/Application Support/Ubiquity/genstore")
+				(extension "com.apple.librarian.ubiquity-revision"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/Mobile Documents")
+				(require-any
+					(extension "com.apple.librarian.ubiquity-container")
+					(require-entitlement "com.apple.private.librarian.container-proxy")))
+			(require-all
+				(subpath-prefix "${HOME}/Library/OnDemandResources/AssetPacks")
+				(extension "com.apple.odr-assets"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/[.]GlobalPreferences$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/[.]GlobalPreferences$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+				(extension "com.apple.revisiond.revision"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/Assets")
+				(extension "com.apple.assets.read"))
+			(require-all
+				(vnode-type SYMLINK)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/Application Support/CloudDocs/session/r")
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.clouddocs.version"))
+			(require-all
+				(subpath "/private/var/MobileAsset")
+				(extension "com.apple.assets.read"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+				(extension "com.apple.revisiond.revision"))
+			(require-all
+				(vnode-type SYMLINK)
+				(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+				(extension "com.apple.revisiond.revision"))
+			(require-all
+				(subpath "/private/var/containers/Data/System/com.apple.ondemandd/Library/AssetPacks")
+				(extension "com.apple.odr-assets"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(require-not (subpath "/System/Library/Carrier Bundles"))
+				(require-not (subpath-prefix "${HOME}/Library/Carrier Bundles"))
+				(require-any
+					(literal "/private/var/preferences/com.apple.security.plist")
+					(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+					(subpath-prefix "${HOME}/Media/MediaAnalysis")
+					(subpath-prefix "${HOME}/Media/PhotoStreamsData")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.youtubeframework.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+					(literal-prefix "${HOME}/Media/Vibrations/UserGeneratedVibrationPatterns.plist")
+					(subpath-prefix "${HOME}/Media/Debug")
+					(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/Ringtones.plist")
+					(subpath "/Library/Ringtones")
+					(subpath-prefix "${HOME}/Media/Photos")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+					(subpath "/AppleInternal/Library/Frameworks/RadarCompose.framework")
+					(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.aggregated.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+					(literal-prefix "${HOME}/Library/Caches/com.apple.itunesstored/url-resolution.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+					(subpath-prefix "${HOME}/Media/PhotoData")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Preferences.plist")
+					(literal "/private/var/preferences/com.apple.networkd.plist")
+					(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+					(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+					(subpath-prefix "${HOME}/Media/DCIM")
+					(literal-prefix-regex "${HOME}/Library/Preferences/com[.]apple[.](mobileslideshow|camera).plist")
+					(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.nanoprefsyncd.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaremote.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileslideshow.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+					(literal-prefix "${HOME}/Library/Caches/Checkpoint.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebKit.plist")
+					(subpath "/private/var/tmp")
+					(subpath-prefix "${HOME}/Media/Safari")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.camera.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+					(subpath-prefix "${HOME}/Media/Purchases")
+					(subpath-prefix "${HOME}/Media/iTunes_Control/Ringtones")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+					(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+					(subpath-prefix "${HOME}/Library/WebKit")
+					(subpath-prefix "${HOME}/Library/Cookies")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataAccess.BehaviorOptions.plist")
+					(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+					(subpath-prefix "${HOME}/Library/WebClips")
+					(subpath-prefix "${HOME}/Media/Memories")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.videos.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.springboard.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.locationd.plist")
+					(require-all
+						(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite-shm")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(literal-prefix "${HOME}/Media/PhotoData/syncInfo.plist")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite-journal")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(subpath-prefix "${HOME}/Media")
+						(extension "com.apple.avasset.read-only")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]ToneLibrary$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]ToneLibrary$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite-wal")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(subpath-prefix "${HOME}/Media/PhotoData/Sync/FaceAlbumThumbnails")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(vnode-type REGULAR-FILE)
+						(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mobileslideshow/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mobileslideshow$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]camera/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]camera$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.](mobileslideshow|camera)/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.](mobileslideshow|camera)$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(subpath-prefix "${HOME}/Media/PhotoData/Metadata")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(require-not (subpath-prefix "${HOME}/Library/FairPlay"))
+						(require-not (literal "/usr/sbin/fairplayd"))
+						(require-not (subpath-prefix "${HOME}/Media"))
+						(require-any
+							(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+							(literal "/dev/random")
+							(literal "/dev/urandom")
+							(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+							(literal "/dev/aes_0")
+							(literal "/dev/dtracehelper")
+							(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+							(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+							(literal "/dev/ptmx")
+							(literal "/dev/null")
+							(literal "/dev/zero")
+							(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+							(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+							(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+							(require-all
+								(extension "com.apple.sandbox.system-group")
+								(require-any
+									(require-entitlement "com.apple.security.system-group-containers")
+									(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+									(require-entitlement "com.apple.security.system-groups")
+									(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+							(require-all
+								(require-not (vnode-type BLOCK-DEVICE))
+								(require-not (vnode-type CHARACTER-DEVICE))
+								(require-any
+									(literal "/private/etc/hosts")
+									(literal "/private/etc/group")
+									(literal "/private/etc/passwd")
+									(literal "/")
+									(literal "/private/etc/protocols")
+									(literal "/private/etc/services")
+									(require-all
+										(literal-prefix "${HOME}/Library/CoreDuet/People")
+										(require-entitlement "com.apple.coreduetd.people"))
+									(require-all
+										(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+										(require-entitlement "com.apple.coreduetd.people"))
+									(require-all
+										(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+										(require-entitlement "com.apple.coreduetd.people"))
+									(require-all
+										(require-not (regex #"^/private/var/mobile/Containers/$" #"^/private/var/mobile/Containers/.+$" #"^/private/var/euser[0-9]+/Containers/.*$"))
+										(require-not (subpath "/private/var/containers"))
+										(require-not (regex #"^/private/var/mobile/Library/" #"^/private/var/euser[0-9]+/Library/")))
+									(require-all
+										(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+										(require-entitlement "com.apple.coreduetd.people"))
+									(require-all
+										(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+										(require-entitlement "com.apple.coreduetd.people"))))
+							(require-all
+								(extension "com.apple.sandbox.system-container")
+								(require-entitlement "com.apple.security.system-container"))
+							(require-all
+								(vnode-type TTY)
+								(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+							(require-all
+								(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+								(subpath-prefix "${HOME}"))
+							(require-all
+								(extension "com.apple.sandbox.system-container")
+								(require-entitlement "com.apple.security.system-container"))
+							(require-all
+								(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+								(extension "com.apple.sandbox.pty"))
+							(require-all
+								(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+								(subpath-prefix "${FRONT_USER_HOME}"))
+							(require-all
+								(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle$" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/Info[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/Info[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[.]lproj$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[.]lproj$" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[^/]+[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[^/]+[.]lproj$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[^/]+[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[^/]+[.]lproj$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]bundle$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]bundle/Info[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/((.*[.]bundle/|[.]bundle/[^/]+)|.+[.]bundle/[^/]+)[.]lproj/" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/((.*[.]bundle/|[.]bundle/[^/]+)|.+[.]bundle/[^/]+)[.]lproj$")
+								(subpath-prefix "${HOME}"))
+							(require-all
+								(extension "com.apple.sandbox.system-group")
+								(require-any
+									(require-entitlement "com.apple.security.system-groups")
+									(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+									(require-entitlement "com.apple.security.system-group-containers")
+									(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+							(require-all
+								(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+								(subpath-prefix "${HOME}"))
+							(require-all
+								(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+								(require-entitlement "com.apple.bulletinboard.dataprovider"))
+							(require-all
+								(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+								(require-entitlement "com.apple.bulletinboard.dataprovider"))))
+					(require-all
+						(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]mobileslideshow/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]mobileslideshow$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]camera/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]camera$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.](mobileslideshow|camera)/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.](mobileslideshow|camera)$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(subpath-prefix "${HOME}/Media/PhotoData/Thumbnails")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]mobileslideshow[.]savedState/" #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]camera[.]savedState/" #"^/private/var/euser[0-9]+/Library/Saved Application State/com[.]apple[.](mobileslideshow|camera)[.]savedState/")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(regex #"^/private/var/mobile/Documents/com[.]apple[.]mobileslideshow[.]settings$" #"^/private/var/mobile/Documents/com[.]apple[.]mobileslideshow[.]settings/" #"^/private/var/mobile/Documents/com[.]apple[.]camera[.]settings$" #"^/private/var/mobile/Documents/com[.]apple[.]camera[.]settings/" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.](mobileslideshow|camera)[.]settings$" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.](mobileslideshow|camera)[.]settings/")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]mobileslideshow-" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]mobileslideshow/" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]mobileslideshow$" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]camera-" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]camera/" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]camera$" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.](mobileslideshow|camera)-" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.](mobileslideshow|camera)/" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.](mobileslideshow|camera)$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/SyncedPreferences/com[.]apple[.]mobileslideshow[.]plist" #"^/private/var/mobile/Library/SyncedPreferences/com[.]apple[.]mobileslideshow-.+[.]plist" #"^/private/var/mobile/Library/SyncedPreferences/com[.]apple[.]camera-.*[.]plist" #"^/private/var/euser[0-9]+/Library/SyncedPreferences/com[.]apple[.](mobileslideshow|camera)-.*[.]plist")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mobileslideshow/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mobileslideshow$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]camera/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]camera$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.](mobileslideshow|camera)/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.](mobileslideshow|camera)$")
+						(subpath-prefix "${HOME}"))))))
+	(require-all
+		(debug-mode)
+		(regex #"^/private/var/mobile/Media/Pano_[0-9]" #"^/private/var/euser[0-9]+/Media/Pano_[0-9]")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/AddressBook")
+		(extension "com.apple.tcc.kTCCServiceAddressBook")))
+(allow file-read-metadata)
+(allow file-read-xattr
+	(literal-prefix "${HOME}/Library/Caches"))
+(allow file-write*
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath-prefix "${HOME}/Library/Application Support/MobileSlideShow")
+	(literal-prefix "${HOME}/Library/Logs/awd/awdComponent0x19.log")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+	(literal-prefix "${HOME}/Library/SpringBoard")
+	(literal-prefix "${HOME}/Library/Logs/MobileSlideShow.log")
+	(literal-prefix "${HOME}/Library/Logs/awd/awd-MobileSlideShow.log")
+	(subpath-prefix "${HOME}/Library/Siri")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(subpath-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/Photos")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(literal-prefix "${HOME}/Library/Logs/awd/awd-Camera.log")
+	(subpath-prefix "${HOME}/Library/Application Support/iLifePageLayout")
+	(subpath-prefix "${HOME}/Library/SMS")
+	(subpath-prefix "${HOME}/Library/Caches/Snapshots/com.apple.camera")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(subpath-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/CloudPhotoLibrary.aslgroup")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.legacycamera")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.springboard.sharedimagecache/Wallpaper")
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/SpringBoard/Lock.+" #"^/private/var/mobile/Library/SpringBoard/.+Lock.+" #"^/private/var/mobile/Library/SpringBoard/Home.+" #"^/private/var/mobile/Library/SpringBoard/.+Home.+" #"^/private/var/euser[0-9]+/Library/SpringBoard/((.*Lock|Home)|.+Home).+")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/CrashReporter/DiagnosticLogs/Camera-latest.log" #"^/private/var/euser[0-9]+/Library/Logs/CrashReporter/DiagnosticLogs/Camera-latest.log")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(debug-mode)
+		(regex #"^/private/var/mobile/Media/Pano_[0-9]" #"^/private/var/euser[0-9]+/Media/Pano_[0-9]")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(require-not (regex #"^/private/var/mobile/Library/Preferences/com.apple.mobileipod.plist" #"^/private/var/euser[0-9]+/Library/Preferences/com.apple.mobileipod.plist"))
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.nanocamera.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/kCFPreferencesAnyApplication.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.appleaccount.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.videouploadplugins.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileslideshow.plist")
+			(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-wal")
+			(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.legacycamera.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.camera.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.youtubeframework.notbackedup.plist")
+			(literal-prefix "${HOME}/Library/Caches/com.apple.pep.configuration.plist")
+			(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-shm")
+			(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-journal")
+			(literal-prefix "${HOME}/Media/iTunes_Control/iTunes")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.cloud.quota.plist")
+			(require-all
+				(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.springboard.plist"))
+				(require-not (literal-prefix "${HOME}/Library/Caches/GeoServices/tguid.bin"))
+				(require-not (literal-prefix "${HOME}/Library/Caches/DateFormats.plist"))
+				(require-any
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.EmojiPreferences.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Preferences.plist")
+					(subpath-prefix "${HOME}/Media/MediaAnalysis")
+					(subpath-prefix "${HOME}/Media/Memories")
+					(subpath-prefix "${HOME}/Library/Cookies")
+					(subpath-prefix "${HOME}/Media/Debug")
+					(subpath-prefix "${HOME}/Media/Photos")
+					(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+					(literal-prefix "${HOME}/Library/Preferences/com.apple.dataaccess.launchd")
+					(subpath-prefix "${HOME}/Media/PhotoData")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.youtubeframework.plist")
+					(extension "com.apple.app-sandbox.read-write")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.public.plist")
+					(subpath "/private/var/tmp")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+					(subpath-prefix "${HOME}/Media/DCIM")
+					(subpath-prefix "${HOME}/Library/WebKit")
+					(subpath-prefix "${HOME}/Library/Caches/com.apple.keyboards")
+					(subpath-prefix "${HOME}/Library/WebClips")
+					(literal-prefix-regex "${HOME}/Library/Preferences/com[.]apple[.](mobileslideshow|camera).plist")
+					(literal-prefix "${HOME}/Library/Keyboard/LocalDictionary")
+					(subpath-prefix "${HOME}/Media/Safari")
+					(require-all
+						(subpath-prefix "${HOME}/Media")
+						(require-any
+							(require-all
+								(extension "com.apple.sandbox.system-group")
+								(require-any
+									(require-entitlement "com.apple.security.system-groups")
+									(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+									(require-entitlement "com.apple.security.system-group-containers")
+									(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+							(require-all
+								(vnode-type BLOCK-DEVICE)
+								(vnode-type CHARACTER-DEVICE)
+								(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+								(require-entitlement "com.apple.coreduetd.people"))
+							(require-all
+								(extension "com.apple.sandbox.system-container")
+								(require-entitlement "com.apple.security.system-container"))))
+					(require-all
+						(vnode-type REGULAR-FILE)
+						(subpath "/private/var/.DocumentRevisions-V100/staging")
+						(extension "com.apple.revisiond.staging"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mobileslideshow/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mobileslideshow$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]camera/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]camera$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.](mobileslideshow|camera)/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.](mobileslideshow|camera)$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]mobileslideshow[.]savedState/" #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]camera[.]savedState/" #"^/private/var/euser[0-9]+/Library/Saved Application State/com[.]apple[.](mobileslideshow|camera)[.]savedState/")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(literal-prefix "${HOME}/Library/WebKit/LocalStorage"))
+					(require-all
+						(vnode-type REGULAR-FILE)
+						(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mobileslideshow/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mobileslideshow$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]camera/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]camera$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.](mobileslideshow|camera)/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.](mobileslideshow|camera)$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(regex #"^/private/var/mobile/Documents/com[.]apple[.]mobileslideshow[.]settings$" #"^/private/var/mobile/Documents/com[.]apple[.]mobileslideshow[.]settings/" #"^/private/var/mobile/Documents/com[.]apple[.]camera[.]settings$" #"^/private/var/mobile/Documents/com[.]apple[.]camera[.]settings/" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.](mobileslideshow|camera)[.]settings$" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.](mobileslideshow|camera)[.]settings/")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(subpath-prefix "${HOME}/Library/Mobile Documents")
+						(require-any
+							(extension "com.apple.librarian.ubiquity-container")
+							(require-entitlement "com.apple.private.librarian.container-proxy")))
+					(require-all
+						(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]mobileslideshow/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]mobileslideshow$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]camera/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]camera$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.](mobileslideshow|camera)/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.](mobileslideshow|camera)$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]mobileslideshow-" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]mobileslideshow/" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]mobileslideshow$" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]camera-" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]camera/" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]camera$" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.](mobileslideshow|camera)-" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.](mobileslideshow|camera)/" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.](mobileslideshow|camera)$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(literal-prefix "${HOME}/Library/WebKit/Databases"))
+					(require-all
+						(vnode-type SYMLINK)
+						(subpath "/private/var/.DocumentRevisions-V100/staging")
+						(extension "com.apple.revisiond.staging"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(subpath "/private/var/.DocumentRevisions-V100/staging")
+						(extension "com.apple.revisiond.staging"))))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Media/iTunes_Control/iTunes"))))
+	(require-all
+		(subpath-prefix "${HOME}/Library/AddressBook")
+		(extension "com.apple.tcc.kTCCServiceAddressBook")))
+(allow file-write-create
+	(literal-prefix "${HOME}/Library/Logs/awd")
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.Accessibility.plist"))
+				(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.UIKit.plist"))
+				(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+				(require-any
+					(require-all
+						(vnode-type DIRECTORY)
+						(require-any
+							(literal-prefix "${HOME}/Media/MediaAnalysis")
+							(literal-prefix "${HOME}/Media/Memories")))
+					(require-all
+						(vnode-type REGULAR-FILE)
+						(extension "com.apple.private.safe-move.send"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(regex #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]mobileslideshow[.]savedState" #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]camera[.]savedState" #"^/private/var/euser[0-9]+/Library/Saved Application State/com[.]apple[.](mobileslideshow|camera)[.]savedState")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(literal-prefix "${HOME}/Library/Caches"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(literal-prefix "${HOME}/Library/Saved Application State"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(literal-prefix "${HOME}/Library/Caches/Snapshots"))))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches/com.apple.DictionaryServices"))))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/CloudPhotoLibrary.aslgroup"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Siri"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/Logs/CrashReporter")
+			(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs"))))
+(allow file-write-data
+	(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb")
+	(literal-prefix "${HOME}/Library/WebKit/Databases/Databases.db")
+	(literal-prefix "${HOME}/Library/WebKit/LocalStorage/StorageTracker.db")
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(subpath "/private/var/mnt")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open)
+(allow iokit-set-properties)
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup)
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(preference-domain "com.apple.NanoRegistry")
+	(preference-domain "com.apple.demo-settings")
+	(preference-domain "com.apple.appleaccount")
+	(preference-domain "com.apple.homesharing")
+	(preference-domain "com.apple.mobileslideshow")
+	(preference-domain "com.apple.iokit.IOMobileGraphicsFamily")
+	(preference-domain "com.apple.mt")
+	(preference-domain "com.apple.aggregated")
+	(preference-domain "com.apple.ConfigServer")
+	(preference-domain "com.apple.telephonyutilities.dialassist")
+	(preference-domain "com.apple.VoiceOverTouch")
+	(preference-domain "com.apple.mediaremote")
+	(preference-domain "com.apple.MobileSMS")
+	(preference-domain "com.apple.da")
+	(preference-domain "com.apple.mobilemail")
+	(preference-domain "com.apple.assistant")
+	(preference-domain "com.apple.carrier")
+	(preference-domain "com.apple.InputModePreferences")
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.itunesstored")
+	(preference-domain "com.apple.MobileAsset")
+	(preference-domain "com.apple.Accessibility")
+	(preference-domain "com.apple.DataMigration")
+	(preference-domain "com.apple.Preferences")
+	(preference-domain "com.apple.videouploadplugins")
+	(preference-domain "com.apple.locationd")
+	(preference-domain "com.apple.avfoundation")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.keyboard")
+	(preference-domain "com.apple.assistant.support")
+	(preference-domain "com.apple.mediaaccessibility")
+	(preference-domain "com.apple.assistant.logging")
+	(preference-domain "com.apple.youtubeframework")
+	(preference-domain ".GlobalPreferences")
+	(preference-domain "com.apple.CoreDuet")
+	(preference-domain "com.apple.Sharing")
+	(preference-domain "com.apple.DataAccess.BehaviorOptions")
+	(preference-domain "com.apple.GEO")
+	(preference-domain "com.apple.coreaudio")
+	(preference-domain "com.apple.springboard")
+	(preference-domain "com.apple.mediaaccessibility.public")
+	(preference-domain "com.apple.act")
+	(preference-domain "com.apple.ids")
+	(preference-domain "com.apple.videos")
+	(preference-domain "com.apple.AOSNotification.public.notbackedup")
+	(preference-domain "com.apple.airplay")
+	(preference-domain "com.apple.marco")
+	(preference-domain "com.apple.accountsd")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.cloud.quota")
+	(preference-domain "com.apple.medialibrary")
+	(preference-domain "com.apple.coreanimation")
+	(preference-domain "com.apple.icloud.findmydeviced.public.notbackedup")
+	(preference-domain "com.apple.mmcs")
+	(preference-domain "com.apple.camera")
+	(preference-domain "com.apple.corevideo")
+	(preference-domain "com.apple.WebKit")
+	(preference-domain "com.apple.SpeakSelection")
+	(preference-domain "com.apple.GMM")
+	(preference-domain "com.apple.pairedsync")
+	(preference-domain "com.apple.voiceservices")
+	(preference-domain "com.apple.UIKit")
+	(preference-domain "com.apple.WebUI")
+	(preference-domain "com.apple.youtubeframework.notbackedup")
+	(preference-domain "com.apple.mobileipod")
+	(preference-domain "com.apple.nanoprefsyncd")
+	(preference-domain "com.apple.logging")
+	(preference-domain "com.apple.ImageCaptureFramework")
+	(preference-domain "com.apple.conference")
+	(preference-domain "com.apple.legacycamera")
+	(preference-domain "com.apple.EmojiPreferences")
+	(preference-domain "com.apple.imessage.bag")
+	(preference-domain "com.apple.MapKit.internal")
+	(preference-domain "com.apple.coremedia")
+	(preference-domain "com.apple.iapd")
+	(preference-domain "com.apple.compass")
+	(preference-domain "com.apple.CoreMotion")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.mediaanalysis")
+	(preference-domain "com.apple.icloud.findmydeviced.postwipe")
+	(preference-domain "com.apple.mms_override")
+	(preference-domain "com.apple.preferences.sounds")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.nanocamera")
+	(require-all
+		(preference-domain "com.apple.corevideo")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(preference-domain "com.apple.mobileipod")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.coremedia")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.itunesstored")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.coreaudio")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.avfoundation")
+		(extension "com.apple.tcc.kTCCServicePhotos")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.Preferences")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "com.apple.appleaccount")
+	(preference-domain "com.apple.legacycamera")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.EmojiPreferences")
+	(preference-domain "com.apple.videouploadplugins")
+	(preference-domain "com.apple.mobileslideshow")
+	(preference-domain "com.apple.youtubeframework")
+	(preference-domain "com.apple.nanocamera")
+	(preference-domain "com.apple.camera")
+	(preference-domain "com.apple.youtubeframework.notbackedup")
+	(preference-domain "com.apple.mediaaccessibility.public")
+	(preference-domain "com.apple.cloud.quota"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MobileSlideShow.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MobileSlideShow.sb.xml
new file mode 100644
index 00000000..5885e3b4
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/MobileSlideShow.sb.xml
@@ -0,0 +1,43 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="file-read-metadata" action="allow" />
+	<operation name="iokit-open" action="allow" />
+	<operation name="iokit-set-properties" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="mach-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/PasteBoard.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/PasteBoard.sb
new file mode 100644
index 00000000..4054433c
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/PasteBoard.sb
@@ -0,0 +1,178 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(require-not (literal "/dev/random"))
+	(subpath "/Developer")
+	(require-not (literal "/dev/urandom"))
+	(require-not (literal "/dev/ptmx"))
+	(require-not (regex #"^/private/var/containers/Data/System/[^/]+/"))
+	(subpath "/System/Library")
+	(require-not (literal "/dev/aes_0"))
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.UIKit.pboard")
+	(require-not (regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$"))
+	(extension "com.apple.sandbox.executable")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(require-not (literal "/dev/null"))
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(require-not (literal "/dev/zero"))
+	(subpath "/usr/lib")
+	(require-not (literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist"))
+	(require-not (subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library"))
+	(subpath "/usr/share")
+	(require-not (subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo"))
+	(subpath "/private/var/db/timezone")
+	(require-not (literal "/dev/dtracehelper"))
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(subpath "/private/var/tmp")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(require-not (regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))
+			(require-entitlement "com.apple.security.system-groups")
+			(require-not (regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(require-not (vnode-type BLOCK-DEVICE))
+		(require-not (vnode-type CHARACTER-DEVICE)))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(require-not (extension "com.apple.sandbox.pty")))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(require-not (regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))
+			(require-entitlement "com.apple.security.system-groups")
+			(require-not (regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(require-not (subpath-prefix "${FRONT_USER_HOME}")))
+	(require-all
+		(vnode-type TTY)
+		(require-not (regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.UIKit.pboard")
+	(subpath "/private/var/tmp")
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-write-create
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open)
+(allow iokit-set-properties)
+(allow iokit-get-properties)
+(allow ipc-posix-shm*)
+(allow ipc-posix-shm-read*)
+(allow ipc-posix-shm-read-data)
+(allow ipc-posix-shm-read-metadata)
+(allow ipc-posix-shm-write*)
+(allow ipc-posix-shm-write-create)
+(allow ipc-posix-shm-write-data)
+(allow ipc-posix-shm-write-unlink)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup)
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-exec*
+	(literal "/System/Library/Frameworks/UIKit.framework/Support/pasteboardd"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/PasteBoard.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/PasteBoard.sb.xml
new file mode 100644
index 00000000..4162129c
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/PasteBoard.sb.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-open" action="allow" />
+	<operation name="iokit-set-properties" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="ipc-posix-shm*" action="allow" />
+	<operation name="ipc-posix-shm-read*" action="allow" />
+	<operation name="ipc-posix-shm-read-data" action="allow" />
+	<operation name="ipc-posix-shm-read-metadata" action="allow" />
+	<operation name="ipc-posix-shm-write*" action="allow" />
+	<operation name="ipc-posix-shm-write-create" action="allow" />
+	<operation name="ipc-posix-shm-write-data" action="allow" />
+	<operation name="ipc-posix-shm-write-unlink" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="mach-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/SafariSafeBrowsing.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/SafariSafeBrowsing.sb
new file mode 100644
index 00000000..877e74ef
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/SafariSafeBrowsing.sb
@@ -0,0 +1,192 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/System/Library")
+	(literal "/dev/urandom")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal "/dev/dtracehelper")
+	(literal "/dev/zero")
+	(subpath "/usr/share")
+	(literal "/dev/random")
+	(subpath "/private/var/db/timezone")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(literal "/private/etc/master.passwd")
+	(extension "com.apple.sandbox.executable")
+	(literal "/dev/ptmx")
+	(literal "/private/var/db/icu")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal "/dev/aes_0")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(subpath-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.Safari.SafeBrowsing")
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(subpath "/System")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal "/private/var/run/syslog")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.Safari.SafeBrowsing")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-write-create
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/SafariSafeBrowsing.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/SafariSafeBrowsing.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/SafariSafeBrowsing.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/ScreenshotService.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/ScreenshotService.sb
new file mode 100644
index 00000000..b7c8ef3d
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/ScreenshotService.sb
@@ -0,0 +1,195 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal "/dev/random")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iokit.IOMobileGraphicsFamily.plist")
+	(literal "/dev/urandom")
+	(literal "/dev/ptmx")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/System/Library")
+	(literal "/dev/aes_0")
+	(literal "/dev/dtracehelper")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.sandbox.executable")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(subpath "/Developer")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal "/dev/zero")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(subpath "/usr/share")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(subpath "/private/var/db/timezone")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write-create
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow iokit-open
+	(extension "com.apple.security.exception.iokit-user-client-class")
+	(iokit-user-client-class "IOSurfaceRootUserClient")
+	(iokit-user-client-class "IOMobileFramebufferUserClient")
+	(iokit-user-client-class "IOSurfaceSendRight")
+	(iokit-user-client-class "AppleMobileFileIntegrityUserClient"))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.CARenderServer")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.frontboard.systemappservices")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.lsd.icons")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.iokit.IOMobileGraphicsFamily")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/ScreenshotService.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/ScreenshotService.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/ScreenshotService.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/StreamingUnzipService.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/StreamingUnzipService.sb
new file mode 100644
index 00000000..bfcb1089
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/StreamingUnzipService.sb
@@ -0,0 +1,201 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal "/dev/random")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.StreamingUnzipService.plist")
+	(literal "/dev/urandom")
+	(literal "/dev/ptmx")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/System/Library")
+	(literal "/dev/aes_0")
+	(literal "/dev/dtracehelper")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.sandbox.executable")
+	(literal "/private/etc/master.passwd")
+	(extension "com.apple.StreamingUnzipService")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(subpath "/Developer")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal "/dev/zero")
+	(subpath "/usr/lib")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(subpath "/usr/share")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(subpath "/private/var/db/timezone")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(subpath "/private/var/tmp")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(extension "com.apple.StreamingUnzipService")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.StreamingUnzipService.plist")
+	(subpath "/private/var/tmp")
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-write-create
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.StreamingUnzipService")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.StreamingUnzipService"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/StreamingUnzipService.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/StreamingUnzipService.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/StreamingUnzipService.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/WebSheet.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/WebSheet.sb
new file mode 100644
index 00000000..b27ec1b1
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/WebSheet.sb
@@ -0,0 +1,1118 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(extension-class "com.apple.quicklook.readonly")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(subpath "/private/var/MobileAsset")
+		(extension "com.apple.assets.read")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(require-all
+				(subpath-prefix "${HOME}/Library/OnDemandResources/AssetPacks")
+				(extension "com.apple.odr-assets"))
+			(require-all
+				(subpath "/private/var/containers/Data/System/com.apple.ondemandd/Library/AssetPacks")
+				(extension "com.apple.odr-assets"))))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(subpath-prefix "${HOME}/Media")
+		(extension "com.apple.avasset.read-only")
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-only")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-only")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]WebSheet/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]WebSheet$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]WebSheet/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]WebSheet$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(subpath "/private/var/tmp/MediaCache")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(subpath "/private/var/tmp")
+		(require-any
+			(extension-class "com.apple.app-sandbox.read")
+			(extension-class "com.apple.app-sandbox.read-write")
+			(extension-class "com.apple.mediaserverd.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]WebSheet/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]WebSheet$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]WebSheet/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]WebSheet$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(require-all
+				(subpath-prefix "${HOME}/Library/OnDemandResources/AssetPacks")
+				(extension "com.apple.odr-assets"))
+			(require-all
+				(subpath "/private/var/containers/Data/System/com.apple.ondemandd/Library/AssetPacks")
+				(extension "com.apple.odr-assets"))))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(extension "com.apple.librarian.ubiquity-container")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Assets")
+		(extension "com.apple.assets.read")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]WebSheet/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]WebSheet$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]WebSheet/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]WebSheet$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.app-sandbox.read-write")))
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(subpath "/System/Library")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.WebAppCache")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoRegistry.plist")
+	(subpath "/private/var/db/timezone")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.pairedsync.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(extension "com.apple.sandbox.executable")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/usr/share")
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(require-not (regex #"^/private/var/mobile/Library/Preferences/com.apple.mobilemail.plist$" #"^/private/var/euser[0-9]+/Library/Preferences/com.apple.mobilemail.plist$"))
+		(require-not (regex #"^/private/var/mobile/Library/Preferences/com.apple.accountsettings.plist$" #"^/private/var/euser[0-9]+/Library/Preferences/com.apple.accountsettings.plist$"))
+		(require-not (regex #"^/private/var/mobile/Library/Preferences/com.apple.OTASyncAgent.plist$" #"^/private/var/euser[0-9]+/Library/Preferences/com.apple.OTASyncAgent.plist$"))
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebSheet.plist")
+			(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileAsset.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.UIKit.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iokit.IOMobileGraphicsFamily.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.locationd.plist")
+			(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.da.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.public.plist")
+			(literal "/private/var/preferences/SystemConfiguration/com.apple.radios.plist")
+			(literal "/private/var/preferences/SystemConfiguration/com.apple.linkedin.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreanimation.plist")
+			(extension "com.apple.app-sandbox.read")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.InputModePreferences.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+			(subpath-prefix "${HOME}/Library/Caches/com.apple.UIStatusBar")
+			(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.support.plist")
+			(subpath-prefix "${HOME}/Library/Fonts")
+			(literal "/private/var/preferences/SystemConfiguration/com.apple.accounts.exists.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+			(literal-prefix "${HOME}/Library/Caches/com.apple.itunesstored/url-resolution.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.VoiceOverTouch.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebUI.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.keyboard.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Preferences.plist")
+			(literal "/private/var/preferences/com.apple.networkd.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Sharing.plist")
+			(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+			(literal "/private/var/preferences/SystemConfiguration/com.apple.facebook.plist")
+			(literal "/com.apple.xpc.launchd.bootstrap.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.nanoprefsyncd.plist")
+			(subpath-prefix "${HOME}/Library/VoiceServices/Assets")
+			(subpath "/Library/Dictionaries")
+			(extension "com.apple.app-sandbox.read-write")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+			(subpath-prefix "${HOME}/Library/Dictionaries")
+			(literal "/private/var/preferences/SystemConfiguration/com.apple.twitter.plist")
+			(subpath-prefix "${HOME}/Library/Assets/com_apple_MobileAsset_VoiceServicesVocalizerVoice")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iapd.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.EmojiPreferences.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.SpeakSelection.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Accessibility.plist")
+			(literal "/private/var/preferences/com.apple.security.plist")
+			(literal-prefix "${HOME}/Library/Preferences/com.apple.dataaccess.launchd")
+			(subpath-prefix "${HOME}/Library/Caches/com.apple.IconsCache")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.telephonyutilities.dialassist.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AOSNotification.public.notbackedup.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.voiceservices.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+			(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MapKit.internal.plist")
+			(literal "/private/var/preferences/SystemConfiguration/com.apple.sinaweibo.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreMotion.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mt.plist")
+			(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+			(literal-prefix "${HOME}/Library/Caches/DateFormats.plist")
+			(literal-prefix "${HOME}/Library/Keyboard/LocalDictionary")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.preferences.sounds.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.plist")
+			(subpath-prefix "${HOME}/Library/Caches/com.apple.keyboards")
+			(require-all
+				(subpath-prefix "${HOME}/Library/Assets")
+				(extension "com.apple.assets.read"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/Application Support/CloudDocs/session/r")
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.clouddocs.version"))
+			(require-all
+				(subpath "/private/var/MobileAsset")
+				(extension "com.apple.assets.read"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/Application Support/Ubiquity/genstore")
+				(extension "com.apple.librarian.ubiquity-revision"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(subpath "/private/var/containers/Data/System/com.apple.ondemandd/Library/AssetPacks")
+				(extension "com.apple.odr-assets"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+				(extension "com.apple.revisiond.revision"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/Mobile Documents")
+				(require-any
+					(extension "com.apple.librarian.ubiquity-container")
+					(require-entitlement "com.apple.private.librarian.container-proxy")))
+			(require-all
+				(require-not (subpath "/System/Library/Carrier Bundles"))
+				(require-not (subpath-prefix "${HOME}/Library/Carrier Bundles"))
+				(require-any
+					(literal "/private/var/preferences/com.apple.security.plist")
+					(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.youtubeframework.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+					(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+					(subpath "/Library/Ringtones")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.nanoprefsyncd.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+					(subpath "/AppleInternal/Library/Frameworks/RadarCompose.framework")
+					(literal-prefix-regex "${HOME}/Library/Preferences/com[.]apple[.]WebSheet.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.aggregated.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+					(literal-prefix "${HOME}/Library/Caches/com.apple.itunesstored/url-resolution.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Preferences.plist")
+					(literal "/private/var/preferences/com.apple.networkd.plist")
+					(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+					(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+					(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaremote.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileslideshow.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+					(literal-prefix "${HOME}/Library/Caches/Checkpoint.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebKit.plist")
+					(subpath "/private/var/tmp")
+					(literal-prefix "${HOME}/Media/Vibrations/UserGeneratedVibrationPatterns.plist")
+					(subpath-prefix "${HOME}/Media/Safari")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.camera.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+					(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+					(subpath-prefix "${HOME}/Library/WebKit")
+					(subpath-prefix "${HOME}/Library/Cookies")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataAccess.BehaviorOptions.plist")
+					(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+					(subpath-prefix "${HOME}/Library/WebClips")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.videos.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.locationd.plist")
+					(require-all
+						(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]WebSheet-" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]WebSheet/" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]WebSheet$" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]WebSheet-" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]WebSheet/" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]WebSheet$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(regex #"^/private/var/mobile/Documents/com[.]apple[.]WebSheet[.]settings$" #"^/private/var/mobile/Documents/com[.]apple[.]WebSheet[.]settings/" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.]WebSheet[.]settings$" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.]WebSheet[.]settings/")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(subpath-prefix "${HOME}/Media/PhotoData/Thumbnails")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(subpath-prefix "${HOME}/Media")
+						(extension "com.apple.avasset.read-only")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(vnode-type REGULAR-FILE)
+						(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]WebSheet/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]WebSheet$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]WebSheet/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]WebSheet$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite-shm")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]WebSheet/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]WebSheet$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]WebSheet/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]WebSheet$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(subpath-prefix "${HOME}/Media/PhotoData/Metadata")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(subpath-prefix "${HOME}/Media/PhotoData/Sync/FaceAlbumThumbnails")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite-journal")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/SyncedPreferences/com[.]apple[.]WebSheet[.]plist" #"^/private/var/mobile/Library/SyncedPreferences/com[.]apple[.]WebSheet-.+[.]plist" #"^/private/var/euser[0-9]+/Library/SyncedPreferences/com[.]apple[.]WebSheet-.*[.]plist")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(literal-prefix "${HOME}/Media/PhotoData/syncInfo.plist")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]WebSheet/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]WebSheet$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]WebSheet/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]WebSheet$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]ToneLibrary$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]ToneLibrary$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]WebSheet[.]savedState/" #"^/private/var/euser[0-9]+/Library/Saved Application State/com[.]apple[.]WebSheet[.]savedState/")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(subpath-prefix "${HOME}/Library/FairPlay")
+						(literal "/usr/sbin/fairplayd")
+						(subpath-prefix "${HOME}/Media")
+						(require-any
+							(literal "/dev/random")
+							(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+							(literal "/dev/urandom")
+							(literal "/dev/ptmx")
+							(literal "/dev/aes_0")
+							(literal "/dev/dtracehelper")
+							(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+							(literal "/dev/null")
+							(literal "/dev/zero")
+							(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+							(require-all
+								(vnode-type TTY)
+								(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+							(require-all
+								(extension "com.apple.sandbox.system-group")
+								(require-any
+									(require-entitlement "com.apple.security.system-groups")
+									(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+									(require-entitlement "com.apple.security.system-group-containers")
+									(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+							(require-all
+								(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+								(extension "com.apple.sandbox.pty"))
+							(require-all
+								(extension "com.apple.sandbox.system-container")
+								(require-entitlement "com.apple.security.system-container"))
+							(require-all
+								(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+								(require-entitlement "com.apple.bulletinboard.dataprovider"))
+							(require-all
+								(extension "com.apple.sandbox.system-container")
+								(require-entitlement "com.apple.security.system-container"))
+							(require-all
+								(vnode-type BLOCK-DEVICE)
+								(vnode-type CHARACTER-DEVICE)
+								(require-any
+									(literal "/private/etc/hosts")
+									(literal "/private/etc/group")
+									(literal "/private/etc/passwd")
+									(literal "/")
+									(literal "/private/etc/protocols")
+									(literal "/private/etc/services")
+									(require-all
+										(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+										(require-entitlement "com.apple.coreduetd.people"))
+									(require-all
+										(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+										(require-entitlement "com.apple.coreduetd.people"))
+									(require-all
+										(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+										(require-entitlement "com.apple.coreduetd.people"))
+									(require-all
+										(literal-prefix "${HOME}/Library/CoreDuet/People")
+										(require-entitlement "com.apple.coreduetd.people"))
+									(require-all
+										(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+										(require-entitlement "com.apple.coreduetd.people"))))
+							(require-all
+								(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+								(require-entitlement "com.apple.bulletinboard.dataprovider"))
+							(require-all
+								(extension "com.apple.sandbox.system-group")
+								(require-any
+									(require-entitlement "com.apple.security.system-group-containers")
+									(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+									(require-entitlement "com.apple.security.system-groups")
+									(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+							(require-all
+								(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+								(subpath-prefix "${FRONT_USER_HOME}"))))
+					(require-all
+						(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite-wal")
+						(extension "com.apple.tcc.kTCCServicePhotos"))))
+			(require-all
+				(vnode-type SYMLINK)
+				(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+				(extension "com.apple.revisiond.revision"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/OnDemandResources/AssetPacks")
+				(extension "com.apple.odr-assets"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/[.]GlobalPreferences$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/[.]GlobalPreferences$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+				(extension "com.apple.revisiond.revision"))
+			(require-all
+				(vnode-type SYMLINK)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+				(subpath-prefix "${HOME}")))))
+(allow file-read-metadata)
+(allow file-read-xattr
+	(literal-prefix "${HOME}/Library/Caches"))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.WebAppCache")
+	(require-all
+		(require-not (regex #"^/private/var/mobile/Library/Preferences/com.apple.accountsettings.plist$" #"^/private/var/euser[0-9]+/Library/Preferences/com.apple.accountsettings.plist$"))
+		(require-not (regex #"^/private/var/mobile/Library/Mail/AutoFetchEnabled$" #"^/private/var/euser[0-9]+/Library/Mail/AutoFetchEnabled$"))
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebSheet.plist")
+			(require-all
+				(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.springboard.plist"))
+				(require-not (literal-prefix "${HOME}/Library/Caches/DateFormats.plist"))
+				(require-any
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.EmojiPreferences.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Preferences.plist")
+					(subpath-prefix "${HOME}/Library/Cookies")
+					(literal-prefix-regex "${HOME}/Library/Preferences/com[.]apple[.]WebSheet.plist")
+					(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+					(literal-prefix "${HOME}/Library/Preferences/com.apple.dataaccess.launchd")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.youtubeframework.plist")
+					(extension "com.apple.app-sandbox.read-write")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.public.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+					(subpath-prefix "${HOME}/Library/WebKit")
+					(subpath-prefix "${HOME}/Library/Caches/com.apple.keyboards")
+					(subpath-prefix "${HOME}/Library/WebClips")
+					(subpath "/private/var/tmp")
+					(literal-prefix "${HOME}/Library/Keyboard/LocalDictionary")
+					(subpath-prefix "${HOME}/Media/Safari")
+					(require-all
+						(regex #"^/private/var/mobile/Documents/com[.]apple[.]WebSheet[.]settings$" #"^/private/var/mobile/Documents/com[.]apple[.]WebSheet[.]settings/" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.]WebSheet[.]settings$" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.]WebSheet[.]settings/")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(subpath-prefix "${HOME}/Library/Mobile Documents")
+						(require-any
+							(extension "com.apple.librarian.ubiquity-container")
+							(require-entitlement "com.apple.private.librarian.container-proxy")))
+					(require-all
+						(vnode-type DIRECTORY)
+						(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]WebSheet/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]WebSheet$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]WebSheet/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]WebSheet$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(subpath-prefix "${HOME}/Media")
+						(require-any
+							(require-all
+								(extension "com.apple.sandbox.system-group")
+								(require-any
+									(require-entitlement "com.apple.security.system-group-containers")
+									(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+									(require-entitlement "com.apple.security.system-groups")
+									(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+							(require-all
+								(extension "com.apple.sandbox.system-container")
+								(require-entitlement "com.apple.security.system-container"))
+							(require-all
+								(vnode-type BLOCK-DEVICE)
+								(vnode-type CHARACTER-DEVICE)
+								(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+								(require-entitlement "com.apple.coreduetd.people"))))
+					(require-all
+						(regex #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]WebSheet-" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]WebSheet/" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]WebSheet$" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]WebSheet-" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]WebSheet/" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]WebSheet$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(vnode-type REGULAR-FILE)
+						(subpath "/private/var/.DocumentRevisions-V100/staging")
+						(extension "com.apple.revisiond.staging"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(literal-prefix "${HOME}/Library/WebKit/Databases"))
+					(require-all
+						(vnode-type SYMLINK)
+						(subpath "/private/var/.DocumentRevisions-V100/staging")
+						(extension "com.apple.revisiond.staging"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]WebSheet/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]WebSheet$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]WebSheet/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]WebSheet$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]WebSheet[.]savedState/" #"^/private/var/euser[0-9]+/Library/Saved Application State/com[.]apple[.]WebSheet[.]savedState/")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(vnode-type REGULAR-FILE)
+						(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]WebSheet/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]WebSheet$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]WebSheet/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]WebSheet$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(literal-prefix "${HOME}/Library/WebKit/LocalStorage"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(subpath "/private/var/.DocumentRevisions-V100/staging")
+						(extension "com.apple.revisiond.staging")))))))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.Accessibility.plist"))
+		(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.UIKit.plist"))
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.private.safe-move.send"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches/Snapshots"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(regex #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]WebSheet[.]savedState" #"^/private/var/euser[0-9]+/Library/Saved Application State/com[.]apple[.]WebSheet[.]savedState")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Saved Application State"))))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches/com.apple.DictionaryServices")))
+(allow file-write-data
+	(literal-prefix "${HOME}/Library/WebKit/Databases/Databases.db")
+	(literal-prefix "${HOME}/Library/WebKit/LocalStorage/StorageTracker.db")
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open
+	(extension "com.apple.security.exception.iokit-user-client-class")
+	(iokit-user-client-class "IOAccelContext")
+	(iokit-user-client-class "IOAccelDevice")
+	(iokit-user-client-class "IOSurfaceSendRight")
+	(iokit-user-client-class "IOAccelSharedUserClient2")
+	(iokit-user-client-class "IOAccelSharedUserClient")
+	(iokit-user-client-class "IOAccelDevice2")
+	(iokit-user-client-class "IOSurfaceAcceleratorClient")
+	(iokit-user-client-class "IOAccelContext2")
+	(iokit-user-client-class "AppleKeyStoreUserClient")
+	(iokit-user-client-class "IOMobileFramebufferUserClient")
+	(iokit-user-client-class "IOSurfaceRootUserClient")
+	(iokit-user-client-class "IOAccelSubmitter2")
+	(iokit-user-client-class "AppleJPEGDriverUserClient")
+	(iokit-user-client-class "AppleMobileFileIntegrityUserClient"))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.pairedsyncd.syncstate")
+	(global-name "com.apple.nano.nanoregistry.paireddeviceregistry")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.mobileassetd")
+	(global-name "com.apple.UIKit.KeyboardManagement")
+	(global-name "com.apple.mobilemail")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.audio.AudioSession")
+	(global-name "PurpleSystemEventPort")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.mediaserverd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.frontboard.workspace")
+	(global-name "com.apple.UIKit.statusbarserver")
+	(global-name-regex #"^com[.]apple[.]uikit[.]viewservice[.].+")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.FileProvider")
+	(global-name "com.apple.backboard.animation-fence-arbiter")
+	(global-name "com.apple.coremedia.asset")
+	(global-name "com.apple.mobilesafari-settings")
+	(global-name "com.apple.marco")
+	(global-name "ScripterServer")
+	(global-name "com.apple.audio.AURemoteIOServer")
+	(global-name "com.apple.networking.captivenetworksupport")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "PurpleSystemAppPort")
+	(global-name "com.apple.UIKit.KeyboardManagement.hosted")
+	(global-name "com.apple.librariand")
+	(global-name "com.apple.fig.movie")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "UIASTNotificationCenter")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.assetsd.changehub")
+	(global-name "com.apple.frontboard.systemappservices")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.uikit.GestureServer")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.MediaRemote.isrunning")
+	(global-name "com.apple.webfilterd")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.managedconfiguration.profiled")
+	(local-name-regex #"^com[.]apple[.]assistant[.]contextprovider[.]")
+	(global-name "com.apple.powerlog.plxpclogger.xpc")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.iphone.axserver-systemwide")
+	(global-name "com.apple.nanoprefsync")
+	(global-name "com.apple.mediaremoted.xpc")
+	(global-name "com.apple.springboard.services")
+	(global-name "com.apple.TextInput.lexicon-server")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.MediaRemote.nowplayingserver")
+	(global-name "com.apple.accessibility.AXBackBoardServer")
+	(global-name "com.apple.airplaydiagnostics.server")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.mobilemail.services.xpc")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.locationd.registration")
+	(global-name "com.apple.webinspector")
+	(global-name "com.apple.coremedia.capturesession")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.locationd.synchronous")
+	(global-name "com.apple.PersistentURLTranslator.Gatekeeper")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.mobilecheckpoint.checkpointd")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.TextInput")
+	(global-name "com.apple.SBUserNotification")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.usernotification.notificationregistrar")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.TextInput.rdt")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.coremedia.sandboxserver")
+	(global-name "com.apple.certui.relay")
+	(global-name "com.apple.ondemandd.client")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.itunescloudd.xpc")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.coremedia.capturesource")
+	(global-name "com.apple.springboard.backgroundappservices")
+	(global-name "com.apple.audio.AudioQueueServer")
+	(global-name "com.apple.coremedia.admin")
+	(global-name "com.apple.gpumemd.source")
+	(global-name "com.apple.mobilemail.messageuiservices")
+	(global-name "com.apple.TextInput.shortcuts")
+	(global-name "com.apple.coremedia.assetimagegenerator")
+	(global-name "com.apple.coremedia.videocompositor")
+	(global-name "com.apple.bird.token")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.backboard.hid.services")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.dictationd.recognition")
+	(global-name "com.apple.eventpump")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.accessibility.gax.backboard")
+	(global-name "com.apple.coremedia.endpoint.xpc")
+	(global-name "com.apple.backboard.TouchDeliveryPolicyServer")
+	(global-name "com.apple.usernotification.notificationscheduler")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.voiceservices.keepalive")
+	(global-name "com.apple.locationd.spi")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.bird")
+	(global-name "com.apple.safarifetcherd")
+	(global-name "com.apple.revisiond")
+	(global-name "com.apple.voiceservices.tts")
+	(global-name "com.apple.assistant.settings")
+	(global-name "com.apple.pegasus")
+	(global-name "com.apple.assertiond.expiration")
+	(global-name "com.apple.CARenderServer")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.iohideventsystem")
+	(global-name "com.apple.FileCoordination")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.coremedia.recorder")
+	(global-name "com.apple.pluginkit.pkd")
+	(global-name "com.apple.mobile.keybagd.xpc")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.quicklook.ThumbnailsAgent")
+	(global-name "com.apple.itunesstored.xpc")
+	(global-name "com.apple.backboard.display.services")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.sharingd.nsxpc")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.MediaRemote.daemon")
+	(global-name "com.apple.assistant.dictation")
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.vibrationmanagerd")
+	(global-name "com.apple.cvmsServ")
+	(global-name "com.apple.audio.SystemSoundServer-iOS")
+	(global-name "com.apple.springboard.processinvalidation")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.assertiond.extension")
+	(global-name "com.apple.coremedia.remaker")
+	(global-name "com.apple.WebBookmarks.webbookmarksd")
+	(global-name "com.apple.sharingd")
+	(global-name "com.apple.UIKit.pasteboardd")
+	(require-all
+		(global-name "com.apple.coremedia.capturesession")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.itunescloudd.xpc")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.springboard.backgroundappservices")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "platform-application")))
+	(require-all
+		(global-name "com.apple.coremedia.capturesource")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(global-name "com.apple.coremedia.remaker")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.pegasus")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.fig.movie")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.admin")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.springboard.statusbarservices")
+		(require-entitlement "com.apple.springboard.statusbarstyleoverrides"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "platform-application")))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.coremedia.assetimagegenerator")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.recorder")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(global-name "com.apple.coremedia.videocompositor")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.audio.AudioSession")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.mediaserverd")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(global-name "com.apple.coremedia.endpoint.xpc")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.sandboxserver")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.asset")
+		(extension "com.apple.tcc.kTCCServicePhotos")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(preference-domain "com.apple.NanoRegistry")
+	(preference-domain "com.apple.demo-settings")
+	(preference-domain "com.apple.Preferences")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "com.apple.WebUI")
+	(preference-domain "com.apple.locationd")
+	(preference-domain "com.apple.avfoundation")
+	(preference-domain "com.apple.EmojiPreferences")
+	(preference-domain "com.apple.coreanimation")
+	(preference-domain "com.apple.iokit.IOMobileGraphicsFamily")
+	(preference-domain "com.apple.mt")
+	(preference-domain "com.apple.corevideo")
+	(preference-domain "com.apple.MapKit.internal")
+	(preference-domain "com.apple.voiceservices")
+	(preference-domain "com.apple.nanoprefsyncd")
+	(preference-domain "com.apple.assistant.support")
+	(preference-domain "com.apple.itunesstored")
+	(preference-domain "com.apple.WebSheet")
+	(preference-domain "com.apple.telephonyutilities.dialassist")
+	(preference-domain "com.apple.iapd")
+	(preference-domain "com.apple.mediaaccessibility")
+	(preference-domain "com.apple.SpeakSelection")
+	(preference-domain "com.apple.youtubeframework")
+	(preference-domain "com.apple.mobileipod")
+	(preference-domain "com.apple.CoreMotion")
+	(preference-domain ".GlobalPreferences")
+	(preference-domain "com.apple.pairedsync")
+	(preference-domain "com.apple.mediaremote")
+	(preference-domain "com.apple.Sharing")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.GEO")
+	(preference-domain "com.apple.coreaudio")
+	(preference-domain "com.apple.da")
+	(preference-domain "com.apple.UIKit")
+	(preference-domain "com.apple.mobileslideshow")
+	(preference-domain "com.apple.MobileAsset")
+	(preference-domain "com.apple.keyboard")
+	(preference-domain "com.apple.carrier")
+	(preference-domain "com.apple.DataAccess.BehaviorOptions")
+	(preference-domain "com.apple.assistant")
+	(preference-domain "com.apple.coremedia")
+	(preference-domain "com.apple.InputModePreferences")
+	(preference-domain "com.apple.preferences.sounds")
+	(preference-domain "com.apple.mediaaccessibility.public")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.WebKit")
+	(preference-domain "com.apple.videos")
+	(preference-domain "com.apple.AOSNotification.public.notbackedup")
+	(preference-domain "com.apple.camera")
+	(preference-domain "com.apple.marco")
+	(preference-domain "com.apple.logging")
+	(preference-domain "com.apple.aggregated")
+	(preference-domain "com.apple.VoiceOverTouch")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.Accessibility")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(preference-domain "com.apple.coreaudio")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.coremedia")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.itunesstored")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.avfoundation")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.mobileipod")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.corevideo")
+		(extension "com.apple.tcc.kTCCServicePhotos")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.WebSheet")
+	(preference-domain "com.apple.Preferences")
+	(preference-domain "com.apple.EmojiPreferences")
+	(preference-domain "com.apple.youtubeframework")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "com.apple.mediaaccessibility.public"))
+(allow process-exec*
+	(literal "/Applications/WebSheet.app/WebSheet"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/WebSheet.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/WebSheet.sb.xml
new file mode 100644
index 00000000..c3c699a4
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/WebSheet.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="file-read-metadata" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/accessoryd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/accessoryd.sb
new file mode 100644
index 00000000..122443c2
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/accessoryd.sb
@@ -0,0 +1,202 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal "/dev/random")
+	(subpath "/Developer")
+	(literal "/dev/urandom")
+	(literal "/dev/ptmx")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/System/Library")
+	(literal "/dev/aes_0")
+	(literal "/dev/dtracehelper")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.sandbox.executable")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal "/dev/zero")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(subpath "/usr/share")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(subpath "/private/var/db/timezone")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iapd.plist")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(regex #"^/private/var/mobile" #"^/private/var/euser[0-9]+")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iapd.plist")
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-write-create
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open)
+(allow iokit-set-properties)
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup)
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.iapd")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.iapd"))
+(allow process-exec*
+	(literal "/usr/sbin/accessoryd"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/accessoryd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/accessoryd.sb.xml
new file mode 100644
index 00000000..7f2c4ab6
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/accessoryd.sb.xml
@@ -0,0 +1,43 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-open" action="allow" />
+	<operation name="iokit-set-properties" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="mach-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/afcd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/afcd.sb
new file mode 100644
index 00000000..50b45630
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/afcd.sb
@@ -0,0 +1,416 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(extension "com.apple.afc.root")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]afc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]afc$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]afc/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]afc$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]afc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]afc$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]afc/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]afc$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]afc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]afc$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]afc/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]afc$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/System/Library")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(subpath "/private/var/db/timezone")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.sandbox.executable")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(require-all
+		(require-not (subpath "/usr/libexec/Contents"))
+		(require-any
+			(literal "/AFCDEBUG")
+			(literal "/usr/libexec")
+			(literal "/dev/random")
+			(literal "/dev/urandom")
+			(literal "/dev/ptmx")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+			(literal "/dev/aes_0")
+			(literal "/dev/dtracehelper")
+			(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+			(literal "/Library/Preferences/SystemConfiguration/com.apple.afc.DeviceInfo.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.afc.plist")
+			(literal "/usr/libexec/afcd")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+			(extension "com.apple.afc.root")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+				(subpath-prefix "${FRONT_USER_HOME}"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]afc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]afc$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]afc/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]afc$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+			(require-all
+				(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+				(extension "com.apple.sandbox.pty"))
+			(require-all
+				(vnode-type TTY)
+				(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]afc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]afc$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]afc/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]afc$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(vnode-type BLOCK-DEVICE)
+				(vnode-type CHARACTER-DEVICE)
+				(require-any
+					(literal "/private/etc/hosts")
+					(literal "/private/etc/group")
+					(literal "/private/etc/passwd")
+					(literal "/")
+					(literal "/private/etc/protocols")
+					(literal "/private/etc/services")
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+						(require-entitlement "com.apple.coreduetd.people"))))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]afc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]afc$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]afc/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]afc$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode)))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal "/Library/Preferences")
+	(literal "/Library/Preferences/SystemConfiguration")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(literal-prefix "${HOME}/Library/Caches")
+	(vnode-type SYMLINK)
+	(literal "/private/var")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal "/private")
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(extension "com.apple.afc.root")
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]afc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]afc$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]afc/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]afc$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]afc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]afc$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]afc/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]afc$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]afc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]afc$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]afc/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]afc$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.xpchelper")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.FileCoordination")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.lockdown.host_watcher")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow network-outbound
+	(require-all
+		(require-not (regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
+		(require-any
+			(regex #"^/private/var/run/lockdown/checkin")
+			(literal "/private/var/run/syslog"))))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.afc")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/afcd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/afcd.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/afcd.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/appconduitd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/appconduitd.sb
new file mode 100644
index 00000000..c53cb0ac
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/appconduitd.sb
@@ -0,0 +1,433 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.StreamingUnzipService")
+		(subpath-prefix "${HOME}/Library/Caches/com.apple.AppConduit.staging"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/Applications")
+	(subpath "/System/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.conference.plist")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.AppConduit.staging")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal "/dev/dtracehelper")
+	(literal "/dev/zero")
+	(subpath "/usr/share")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+	(literal "/dev/random")
+	(subpath-prefix "${HOME}/Library/Logs/AppConduit")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoRegistry.plist")
+	(subpath "/private/var/db/timezone")
+	(subpath "/private/var/db/MobileIdentityData")
+	(literal "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/EffectiveUserSettings.plist")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/dev/urandom")
+	(literal "/dev/aes_0")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(subpath-prefix "${HOME}/Library/AppConduit")
+	(extension "com.apple.sandbox.executable")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.nanoprefsyncd.plist")
+	(literal "/dev/ptmx")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.pairedsync.plist")
+	(subpath "/Developer")
+	(subpath "/private/var/containers/Bundle/Application")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/private/var/tmp")
+	(subpath-prefix "${HOME}/Library/Logs/AirTraffic")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ids.plist")
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]appconduitd[.]gizmostate" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]companionappd" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]sockpuppet[.]activeComplications" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]appconduitd[.]gizmostate" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]companionappd" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]sockpuppet[.]activeComplications")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(debug-mode)
+		(require-any
+			(subpath "/AppleInternal/Applications")
+			(subpath "/private/var/mobile/XcodeBuiltProducts")))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]nano-complications$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]nano-complications$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/EffectiveUserSettings.plist$" #"^/private/var/mobile/Library/UserConfigurationProfiles/EffectiveUserSettings.plist$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/EffectiveUserSettings.plist$")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal-prefix "${HOME}/Library/PPTDevice")
+	(literal "/private/var/run/syslog")
+	(literal-prefix "${HOME}/Library/DeviceRegistry")
+	(vnode-type DIRECTORY)
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath-prefix "${HOME}/Library/Logs/AppConduit")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.AppConduit.staging")
+	(subpath-prefix "${HOME}/Library/AppConduit")
+	(subpath "/private/var/tmp")
+	(subpath-prefix "${HOME}/Library/Logs/AirTraffic")
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]appconduitd[.]gizmostate" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]companionappd" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]sockpuppet[.]activeComplications" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]appconduitd[.]gizmostate" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]companionappd" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]sockpuppet[.]activeComplications")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.atc.xpc")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.nano.nanoregistry.paireddeviceregistry")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.mobile.installd")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.FileCoordination")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.misagent")
+	(global-name "com.apple.marco")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.itunesstored.xpc")
+	(global-name "com.apple.pairedsyncd.syncstate")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.lsd.modifydb")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.identityservicesd.embedded.auth")
+	(global-name "com.apple.lsd.xpc")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.nanoprefsync")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.ProgressReporting")
+	(global-name "com.apple.SBUserNotification")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.frontboard.systemappservices")
+	(global-name "com.apple.lsd.mapdb")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.cache_delete")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.system.libinfo.muser")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.NanoRegistry")
+	(preference-domain "com.apple.demo-settings")
+	(preference-domain "com.apple.pairedsync")
+	(preference-domain "com.apple.ids")
+	(preference-domain "com.apple.nanoprefsyncd")
+	(preference-domain "com.apple.logging")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.conference")
+	(preference-domain "com.apple.marco")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/appconduitd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/appconduitd.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/appconduitd.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/apsd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/apsd.sb
new file mode 100644
index 00000000..1d73ed57
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/apsd.sb
@@ -0,0 +1,381 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]apsd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]apsd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]apsd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]apsd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]apsd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]apsd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]apsd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]apsd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]apsd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]apsd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]apsd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]apsd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileAsset.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal "/dev/urandom")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(regex #"^/System/Library/CoreServices/SystemVersion$" #"^/System/Library/CoreServices/SystemVersion.+$")
+	(literal "/dev/zero")
+	(subpath "/private/etc")
+	(literal "/dev/ptmx")
+	(literal "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicEffectiveUserSettings.plist")
+	(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+	(subpath "/System/Library")
+	(subpath-prefix "${HOME}/Library/ApplePushService")
+	(subpath "/private/var/Keychains")
+	(subpath "/private/var/preferences")
+	(subpath "/private/var/db/timezone")
+	(subpath-prefix "${HOME}/Library/Managed Preferences")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/dev/aes_0")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(subpath-prefix "${HOME}/Library/Preferences")
+	(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+	(literal "/Library/Keychains")
+	(literal "/Library/Managed Preferences/mobile")
+	(subpath "/Developer")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(literal "/Library/Preferences")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+	(subpath "/usr")
+	(subpath "/private/var/tmp")
+	(literal "/dev/random")
+	(subpath-prefix "${HOME}/Library/Logs")
+	(literal "/dev/dtracehelper")
+	(extension "com.apple.sandbox.executable")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(subpath "/private/var/Managed Preferences/mobile")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/dev/null")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(subpath "/private/var/MobileAsset")
+		(extension "com.apple.assets.read"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle$" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/Info[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/Info[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[.]lproj$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[.]lproj$" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[^/]+[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[^/]+[.]lproj$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[^/]+[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[^/]+[.]lproj$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]bundle$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]bundle/Info[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/((.*[.]bundle/|[.]bundle/[^/]+)|.+[.]bundle/[^/]+)[.]lproj/" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/((.*[.]bundle/|[.]bundle/[^/]+)|.+[.]bundle/[^/]+)[.]lproj$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]apsd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]apsd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]apsd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]apsd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]apsd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]apsd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]apsd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]apsd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Assets")
+		(extension "com.apple.assets.read"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]apsd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]apsd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]apsd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]apsd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicEffectiveUserSettings.plist$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicEffectiveUserSettings.plist$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicEffectiveUserSettings.plist$")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-metadata)
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection")
+	(subpath-prefix "${HOME}/Library/Logs")
+	(subpath-prefix "${HOME}/Library/ApplePushService")
+	(subpath-prefix "${HOME}/Library/Preferences")
+	(subpath "/private/var/tmp")
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]apsd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]apsd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]apsd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]apsd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]apsd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]apsd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]apsd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]apsd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]apsd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]apsd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]apsd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]apsd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches"))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open)
+(allow iokit-set-properties)
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup)
+(allow network-inbound
+	(subpath "/"))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.MobileAsset")
+	(preference-domain "com.apple.carrier")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow process-exec*
+	(literal "/System/Library/PrivateFrameworks/ApplePushService.framework/apsd"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/apsd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/apsd.sb.xml
new file mode 100644
index 00000000..f81f602e
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/apsd.sb.xml
@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="file-read-metadata" action="allow" />
+	<operation name="iokit-open" action="allow" />
+	<operation name="iokit-set-properties" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="mach-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/assertiond.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/assertiond.sb
new file mode 100644
index 00000000..81c89a6a
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/assertiond.sb
@@ -0,0 +1,241 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/private/var/containers/Bundle")
+	(literal "/dev/random")
+	(subpath "/Applications")
+	(literal "/dev/urandom")
+	(literal "/dev/ptmx")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/System/Library")
+	(literal "/dev/aes_0")
+	(literal "/usr/libexec")
+	(literal "/dev/dtracehelper")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal "/private/etc/master.passwd")
+	(extension "com.apple.sandbox.executable")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assertiond.plist")
+	(subpath "/Developer")
+	(literal "/dev/null")
+	(literal "/dev/zero")
+	(subpath "/usr/lib")
+	(subpath "/usr/share")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(subpath "/private/var/db/timezone")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(debug-mode)
+		(require-any
+			(subpath "/AppleInternal/Applications")
+			(subpath "/private/var/mobile/XcodeBuiltProducts")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assertiond.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-write-create
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open
+	(extension "com.apple.security.exception.iokit-user-client-class")
+	(iokit-user-client-class "RootDomainUserClient")
+	(iokit-user-client-class "AppleMobileFileIntegrityUserClient"))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.powerlog.plxpclogger.xpc")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.CARenderServer")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.PowerManagement.control")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.frontboard.systemappservices")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.lsd.icons")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow mach-task-name)
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.assertiond")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.assertiond"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow signal)
+(allow sysctl*
+	(sysctl-name "kern.ipc.throttle_best_effort")
+	(sysctl-name "kern.memorystatus_vm_pressure_send"))
+(allow sysctl-read)
+(allow system-privilege)
+(allow system-suspend-resume)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/assertiond.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/assertiond.sb.xml
new file mode 100644
index 00000000..972d53f1
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/assertiond.sb.xml
@@ -0,0 +1,43 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="mach-task-name" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="signal" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+	<operation name="system-suspend-resume" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/cloudphotod.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/cloudphotod.sb
new file mode 100644
index 00000000..1f564bcf
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/cloudphotod.sb
@@ -0,0 +1,19 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow iokit-get-properties)
+(allow mach-cross-domain-lookup)
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/cloudphotod.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/cloudphotod.sb.xml
new file mode 100644
index 00000000..c5c1c883
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/cloudphotod.sb.xml
@@ -0,0 +1,37 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.AssetCacheLocatorService.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.AssetCacheLocatorService.sb
new file mode 100644
index 00000000..b5abbb97
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.AssetCacheLocatorService.sb
@@ -0,0 +1,455 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]AssetCacheLocatorService/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]AssetCacheLocatorService$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]AssetCacheLocatorService/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]AssetCacheLocatorService$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]AssetCacheLocatorService/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]AssetCacheLocatorService$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]AssetCacheLocatorService/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]AssetCacheLocatorService$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]AssetCacheLocatorService/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]AssetCacheLocatorService$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]AssetCacheLocatorService/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]AssetCacheLocatorService$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/System/Library")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal "/dev/dtracehelper")
+	(literal "/dev/zero")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal "/dev/random")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AssetCacheLocatorService.plist")
+	(subpath "/private/var/db/timezone")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/dev/urandom")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(extension "com.apple.sandbox.executable")
+	(literal "/dev/ptmx")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/private/var/tmp")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal "/dev/aes_0")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]AssetCacheLocatorService/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]AssetCacheLocatorService$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]AssetCacheLocatorService/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]AssetCacheLocatorService$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AssetCacheLocatorService/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AssetCacheLocatorService$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AssetCacheLocatorService/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AssetCacheLocatorService$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AssetCacheLocatorService/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AssetCacheLocatorService$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AssetCacheLocatorService/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AssetCacheLocatorService$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(vnode-type DIRECTORY)
+	(literal-prefix "${HOME}/Library/Caches")
+	(vnode-type SYMLINK)
+	(literal "/private/var/run/syslog")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/private/var/tmp")
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AssetCacheLocatorService/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AssetCacheLocatorService$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AssetCacheLocatorService/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AssetCacheLocatorService$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]AssetCacheLocatorService/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]AssetCacheLocatorService$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]AssetCacheLocatorService/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]AssetCacheLocatorService$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AssetCacheLocatorService/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AssetCacheLocatorService$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AssetCacheLocatorService/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AssetCacheLocatorService$")
+		(subpath-prefix "${HOME}")))
+(allow file-write-create
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.private.safe-move.send")))))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.AssetCacheC")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.lsd.mapdb")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "platform-application")))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "platform-application")))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private")))
+(allow network-inbound
+	(local udp "*:*"))
+(allow network-bind
+	(local udp "*:*"))
+(allow network-outbound
+	(require-all
+		(require-not (regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
+		(require-any
+			(remote tcp "*:*")
+			(remote udp "*:53")
+			(literal "/private/var/run/syslog")
+			(literal "/private/var/run/mDNSResponder")
+			(control-name "com.apple.netsrc")
+			(control-name "com.apple.network.statistics"))))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.AssetCacheLocatorService")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.AssetCacheLocatorService.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.AssetCacheLocatorService.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.AssetCacheLocatorService.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.GSSCred.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.GSSCred.sb
new file mode 100644
index 00000000..aa5d5999
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.GSSCred.sb
@@ -0,0 +1,185 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal "/dev/random")
+	(subpath "/Developer")
+	(literal "/dev/urandom")
+	(literal "/dev/ptmx")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/System/Library")
+	(literal "/dev/aes_0")
+	(literal "/dev/dtracehelper")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.sandbox.executable")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal "/dev/zero")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(subpath "/usr/share")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(subpath "/private/var/db/timezone")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(literal "/private/var/db/heim-credential-store.archive")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal "/private/var/db/heim-credential-store.archive")
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-write-create
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.GSSCred.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.GSSCred.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.GSSCred.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.WebKit.Databases.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.WebKit.Databases.sb
new file mode 100644
index 00000000..e42d3fa1
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.WebKit.Databases.sb
@@ -0,0 +1,114 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal "/dev/random")
+	(subpath "/Developer")
+	(literal "/dev/urandom")
+	(literal "/dev/ptmx")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/System/Library")
+	(literal "/dev/aes_0")
+	(literal "/dev/dtracehelper")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.sandbox.executable")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(extension "com.apple.app-sandbox.read-write")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal "/dev/zero")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(subpath "/usr/share")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(subpath "/private/var/db/timezone")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-read-metadata)
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-audit)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.WebKit.Databases.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.WebKit.Databases.sb.xml
new file mode 100644
index 00000000..857bf1d4
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.WebKit.Databases.sb.xml
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="file-read-metadata" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-audit" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.WebKit.Networking.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.WebKit.Networking.sb
new file mode 100644
index 00000000..270e1527
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.WebKit.Networking.sb
@@ -0,0 +1,327 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.app-sandbox.read-write")
+		(extension-class "com.apple.nsurlstorage.extension-cache"))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal "/dev/random")
+	(subpath "/Developer")
+	(literal "/dev/urandom")
+	(literal "/dev/ptmx")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/System/Library")
+	(literal "/dev/aes_0")
+	(literal "/dev/dtracehelper")
+	(extension "com.apple.app-sandbox.read")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(extension "com.apple.sandbox.executable")
+	(extension "com.apple.app-sandbox.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal "/dev/zero")
+	(subpath "/usr/lib")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(subpath "/usr/share")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(subpath "/private/var/db/timezone")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-read-metadata)
+(allow iokit-open
+	(extension "com.apple.security.exception.iokit-user-client-class")
+	(iokit-user-client-class "AppleKeyStoreUserClient")
+	(iokit-user-client-class "AppleMobileFileIntegrityUserClient")
+	(iokit-user-client-class "RootDomainUserClient"))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.ocspd")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.PowerManagement.control")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.lsd.mapdb")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-audit)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.WebKit.Networking.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.WebKit.Networking.sb.xml
new file mode 100644
index 00000000..857bf1d4
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.WebKit.Networking.sb.xml
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="file-read-metadata" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-audit" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.WebKit.WebContent.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.WebKit.WebContent.sb
new file mode 100644
index 00000000..342a2f41
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.WebKit.WebContent.sb
@@ -0,0 +1,764 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(extension-class "com.apple.quicklook.readonly")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(subpath "/private/var/MobileAsset")
+		(extension "com.apple.assets.read")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension "com.apple.app-sandbox.read-write")
+		(extension-class "com.apple.nsurlstorage.extension-cache"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.app-sandbox.read"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(extension "com.apple.librarian.ubiquity-container")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Assets")
+		(extension "com.apple.assets.read")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(require-all
+				(subpath-prefix "${HOME}/Library/OnDemandResources/AssetPacks")
+				(extension "com.apple.odr-assets"))
+			(require-all
+				(subpath "/private/var/containers/Data/System/com.apple.ondemandd/Library/AssetPacks")
+				(extension "com.apple.odr-assets"))))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(require-all
+				(subpath-prefix "${HOME}/Library/OnDemandResources/AssetPacks")
+				(extension "com.apple.odr-assets"))
+			(require-all
+				(subpath "/private/var/containers/Data/System/com.apple.ondemandd/Library/AssetPacks")
+				(extension "com.apple.odr-assets"))))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write"))))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(subpath "/System/Library")
+	(literal "/dev/urandom")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.locationd.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.UIKit.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.keyboard.plist")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.accounts.exists.plist")
+	(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+	(subpath "/Library/Dictionaries")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.linkedin.plist")
+	(extension "com.apple.app-sandbox.read-write")
+	(literal "/dev/zero")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Accessibility.plist")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.IconsCache")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.keyboards")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.preferences.sounds.plist")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.twitter.plist")
+	(literal-prefix "${HOME}/Library/Keyboard/LocalDictionary")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.SpeakSelection.plist")
+	(subpath-prefix "${HOME}/Library/Fonts")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Preferences.plist")
+	(literal-prefix "${HOME}/Library/Caches/DateFormats.plist")
+	(extension "com.apple.app-sandbox.read")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoRegistry.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+	(subpath-prefix "${HOME}/Library/Assets/com_apple_MobileAsset_VoiceServicesVocalizerVoice")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+	(literal "/com.apple.xpc.launchd.bootstrap.plist")
+	(subpath "/private/var/db/timezone")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iokit.IOMobileGraphicsFamily.plist")
+	(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MapKit.internal.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreMotion.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.pairedsync.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.support.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mt.plist")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.facebook.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.EmojiPreferences.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreanimation.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.da.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.itunesstored/url-resolution.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(extension "com.apple.sandbox.executable")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.nanoprefsyncd.plist")
+	(subpath-prefix "${HOME}/Library/VoiceServices/Assets")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Sharing.plist")
+	(subpath-prefix "${HOME}/Library/Dictionaries")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iapd.plist")
+	(literal "/dev/aes_0")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.telephonyutilities.dialassist.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.voiceservices.plist")
+	(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.public.plist")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaremote.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileAsset.plist")
+	(literal "/dev/random")
+	(subpath "/Developer")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.UIStatusBar")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.LaunchServices.plist")
+	(literal "/dev/dtracehelper")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.radios.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.InputModePreferences.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebUI.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/usr/share")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+	(literal-prefix "${HOME}/Library/Logs/awd/awd-com.apple.WebKit.WebContent.log")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.sinaweibo.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(literal "/dev/ptmx")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.VoiceOverTouch.plist")
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Application Support/CloudDocs/session/r")
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.clouddocs.version"))
+	(require-all
+		(subpath "/private/var/MobileAsset")
+		(extension "com.apple.assets.read"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Application Support/Ubiquity/genstore")
+		(extension "com.apple.librarian.ubiquity-revision"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath "/private/var/containers/Data/System/com.apple.ondemandd/Library/AssetPacks")
+		(extension "com.apple.odr-assets"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(vnode-type DIRECTORY)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+		(extension "com.apple.revisiond.revision"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(vnode-type SYMLINK)
+		(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+		(extension "com.apple.revisiond.revision"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/OnDemandResources/AssetPacks")
+		(extension "com.apple.odr-assets"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/[.]GlobalPreferences$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/[.]GlobalPreferences$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+		(extension "com.apple.revisiond.revision"))
+	(require-all
+		(vnode-type SYMLINK)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Assets")
+		(extension "com.apple.assets.read")))
+(allow file-read-metadata)
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${HOME}/Library/Logs/awd/awd-com.apple.WebKit.WebContent.log")
+	(extension "com.apple.app-sandbox.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.public.plist")
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.springboard.plist"))
+		(require-not (literal-prefix "${HOME}/Library/Caches/DateFormats.plist"))
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.EmojiPreferences.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Preferences.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.public.plist")
+			(subpath-prefix "${HOME}/Library/Caches/com.apple.keyboards")
+			(literal-prefix "${HOME}/Library/Keyboard/LocalDictionary")
+			(extension "com.apple.app-sandbox.read-write")
+			(require-all
+				(subpath-prefix "${HOME}/Library/Mobile Documents")
+				(require-any
+					(extension "com.apple.librarian.ubiquity-container")
+					(require-entitlement "com.apple.private.librarian.container-proxy")))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(vnode-type BLOCK-DEVICE)
+				(vnode-type CHARACTER-DEVICE)
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(vnode-type SYMLINK)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Logs/awd"))
+			(require-all
+				(require-not (vnode-type SYMLINK))
+				(require-any
+					(require-all
+						(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.Accessibility.plist"))
+						(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.UIKit.plist"))
+						(vnode-type REGULAR-FILE)
+						(extension "com.apple.private.safe-move.send"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(literal-prefix "${HOME}/Library/Caches/com.apple.DictionaryServices")))))))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.pairedsyncd.syncstate")
+	(global-name "com.apple.nano.nanoregistry.paireddeviceregistry")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.mobileassetd")
+	(global-name "com.apple.UIKit.KeyboardManagement")
+	(global-name "com.apple.springboard.backgroundappservices")
+	(global-name "com.apple.audio.AudioSession")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.mediaserverd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.frontboard.workspace")
+	(global-name "com.apple.UIKit.statusbarserver")
+	(global-name-regex #"^com[.]apple[.]uikit[.]viewservice[.].+")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.FileProvider")
+	(global-name "com.apple.backboard.animation-fence-arbiter")
+	(global-name "com.apple.coremedia.asset")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.marco")
+	(global-name "ScripterServer")
+	(global-name "com.apple.librariand")
+	(global-name "com.apple.PowerManagement.control")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "UIASTNotificationCenter")
+	(global-name "com.apple.UIKit.KeyboardManagement.hosted")
+	(global-name "com.apple.fig.movie")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.uikit.GestureServer")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.MediaRemote.isrunning")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.coremedia.assetimagegenerator")
+	(local-name-regex #"^com[.]apple[.]assistant[.]contextprovider[.]")
+	(global-name "com.apple.powerlog.plxpclogger.xpc")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.nanoprefsync")
+	(global-name "com.apple.springboard.services")
+	(global-name "com.apple.TextInput.lexicon-server")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.MediaRemote.nowplayingserver")
+	(global-name "com.apple.airplaydiagnostics.server")
+	(global-name "com.apple.coremedia.admin")
+	(global-name "com.apple.iohideventsystem")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.locationd.registration")
+	(global-name "com.apple.coremedia.capturesession")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.itunesstored.xpc")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.TextInput")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.usernotification.notificationregistrar")
+	(global-name "com.apple.quicklook.ThumbnailsAgent")
+	(global-name "com.apple.TextInput.rdt")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.coremedia.sandboxserver")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.itunescloudd.xpc")
+	(global-name "com.apple.locationd.synchronous")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.coremedia.videocompositor")
+	(global-name "com.apple.audio.AudioQueueServer")
+	(global-name "com.apple.mediaremoted.xpc")
+	(global-name "com.apple.gpumemd.source")
+	(global-name "com.apple.TextInput.shortcuts")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.bird.token")
+	(global-name "com.apple.backboard.hid.services")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.coremedia.capturesource")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.revisiond")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.accessibility.gax.backboard")
+	(global-name "com.apple.coremedia.endpoint.xpc")
+	(global-name "com.apple.backboard.TouchDeliveryPolicyServer")
+	(global-name "com.apple.dictationd.recognition")
+	(global-name "com.apple.usernotification.notificationscheduler")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.ondemandd.client")
+	(global-name "com.apple.voiceservices.keepalive")
+	(global-name "com.apple.cvmsServ")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.bird")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.voiceservices.tts")
+	(global-name "com.apple.pegasus")
+	(global-name "com.apple.assertiond.expiration")
+	(global-name "com.apple.CARenderServer")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.frontboard.systemappservices")
+	(global-name "com.apple.webinspector")
+	(global-name "com.apple.FileCoordination")
+	(global-name "com.apple.coremedia.recorder")
+	(global-name "com.apple.pluginkit.pkd")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.accessibility.AXBackBoardServer")
+	(global-name "com.apple.locationd.spi")
+	(global-name "com.apple.backboard.display.services")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.sharingd.nsxpc")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.MediaRemote.daemon")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.audio.SystemSoundServer-iOS")
+	(global-name "com.apple.iphone.axserver-systemwide")
+	(global-name "com.apple.audio.AURemoteIOServer")
+	(global-name "com.apple.awdd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.coremedia.remaker")
+	(global-name "com.apple.assistant.dictation")
+	(global-name "com.apple.sharingd")
+	(global-name "com.apple.UIKit.pasteboardd")
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.springboard.statusbarservices")
+		(require-entitlement "com.apple.springboard.statusbarstyleoverrides"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(preference-domain "com.apple.NanoRegistry")
+	(preference-domain "com.apple.demo-settings")
+	(preference-domain "com.apple.Preferences")
+	(preference-domain "com.apple.UIKit")
+	(preference-domain "com.apple.mobileipod")
+	(preference-domain "com.apple.locationd")
+	(preference-domain "com.apple.avfoundation")
+	(preference-domain "com.apple.EmojiPreferences")
+	(preference-domain "com.apple.coreaudio")
+	(preference-domain "com.apple.iokit.IOMobileGraphicsFamily")
+	(preference-domain "com.apple.keyboard")
+	(preference-domain "com.apple.mt")
+	(preference-domain "com.apple.corevideo")
+	(preference-domain "com.apple.MapKit.internal")
+	(preference-domain "com.apple.voiceservices")
+	(preference-domain "com.apple.nanoprefsyncd")
+	(preference-domain "com.apple.assistant.support")
+	(preference-domain "com.apple.itunesstored")
+	(preference-domain "com.apple.mediaaccessibility")
+	(preference-domain "com.apple.telephonyutilities.dialassist")
+	(preference-domain "com.apple.mediaremote")
+	(preference-domain "com.apple.SpeakSelection")
+	(preference-domain ".GlobalPreferences")
+	(preference-domain "com.apple.CoreMotion")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "com.apple.Sharing")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.coreanimation")
+	(preference-domain "com.apple.GEO")
+	(preference-domain "com.apple.iapd")
+	(preference-domain "com.apple.da")
+	(preference-domain "com.apple.pairedsync")
+	(preference-domain "com.apple.MobileAsset")
+	(preference-domain "com.apple.WebUI")
+	(preference-domain "com.apple.carrier")
+	(preference-domain "com.apple.coremedia")
+	(preference-domain "com.apple.InputModePreferences")
+	(preference-domain "com.apple.LaunchServices")
+	(preference-domain "com.apple.preferences.sounds")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.mediaaccessibility.public")
+	(preference-domain "com.apple.marco")
+	(preference-domain "com.apple.logging")
+	(preference-domain "com.apple.VoiceOverTouch")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.Accessibility")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.mediaaccessibility.public")
+	(preference-domain "com.apple.EmojiPreferences")
+	(preference-domain "com.apple.Preferences"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-audit)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.WebKit.WebContent.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.WebKit.WebContent.sb.xml
new file mode 100644
index 00000000..857bf1d4
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.WebKit.WebContent.sb.xml
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="file-read-metadata" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-audit" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.assistant.assistantd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.assistant.assistantd.sb
new file mode 100644
index 00000000..c4c6054a
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.assistant.assistantd.sb
@@ -0,0 +1,683 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]assistantd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]assistantd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]assistantd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]assistantd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]AssistantServices/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]AssistantServices$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]AssistantServices/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]AssistantServices$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]AssistantServices/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]AssistantServices$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]AssistantServices/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]AssistantServices$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]assistantd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]assistantd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]assistantd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]assistantd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]AssistantServices/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]AssistantServices$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]AssistantServices/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]AssistantServices$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]assistantd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]assistantd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]assistantd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]assistantd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.voicetrigger.plist")
+	(subpath "/System/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.token.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.avvc.plist")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.weather.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+	(literal-prefix "${HOME}/Library/Logs/awd/awd-assistantd.log")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.logging.plist")
+	(subpath-prefix "${HOME}/Library/Logs/CrashReporter/Assistant")
+	(extension "com.apple.sandbox.executable")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoRegistry.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+	(subpath "/private/var/db/timezone")
+	(subpath-prefix "${HOME}/siri_recordings")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.backedup.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.support.plist")
+	(subpath "/Developer")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.siri.backedup.encrypted.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaremote.plist")
+	(subpath-prefix "${HOME}/Library/Assistant")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.springboard.plist")
+	(subpath "/Library/Audio/Tunings")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AssistantServices.plist")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.siri.")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.pairedsync.plist")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/usr/local/lib")
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Caches/GeoServices/tguid.bin"))
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+			(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+			(literal "/dev/random")
+			(subpath-prefix "${FRONT_USER_HOME}/Library/Caches/GeoServices")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreDuet.plist")
+			(literal "/dev/urandom")
+			(literal "/dev/ptmx")
+			(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+			(literal "/dev/aes_0")
+			(literal "/dev/dtracehelper")
+			(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+			(literal "/dev/null")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AOSNotification.public.notbackedup.plist")
+			(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+			(subpath "/private/var/containers/Data/System/com.apple.geod")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.postwipe.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+			(literal "/dev/zero")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataMigration.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iokit.IOMobileGraphicsFamily.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+			(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+			(subpath-prefix "${HOME}/Library/Cookies")
+			(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.public.notbackedup.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]AssistantServices/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]AssistantServices$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]AssistantServices/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]AssistantServices$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(vnode-type TTY)
+				(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle$" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/Info[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/Info[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[.]lproj$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[.]lproj$" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[^/]+[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[^/]+[.]lproj$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[^/]+[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[^/]+[.]lproj$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]bundle$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]bundle/Info[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/((.*[.]bundle/|[.]bundle/[^/]+)|.+[.]bundle/[^/]+)[.]lproj/" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/((.*[.]bundle/|[.]bundle/[^/]+)|.+[.]bundle/[^/]+)[.]lproj$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]assistantd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]assistantd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]assistantd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]assistantd$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+				(subpath-prefix "${FRONT_USER_HOME}"))
+			(require-all
+				(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+				(extension "com.apple.sandbox.pty"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AssistantServices/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AssistantServices$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AssistantServices/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AssistantServices$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/AddressBook")
+				(extension "com.apple.tcc.kTCCServiceAddressBook"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(vnode-type BLOCK-DEVICE)
+				(vnode-type CHARACTER-DEVICE)
+				(require-any
+					(literal "/private/etc/hosts")
+					(literal "/private/etc/group")
+					(literal "/private/etc/passwd")
+					(literal "/")
+					(literal "/private/etc/protocols")
+					(literal "/private/etc/services")
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+						(require-entitlement "com.apple.coreduetd.people"))))
+			(require-all
+				(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+				(extension "com.apple.tcc.kTCCServiceAddressBook"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AssistantServices/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AssistantServices$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AssistantServices/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AssistantServices$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]assistantd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]assistantd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]assistantd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]assistantd$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]assistantd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]assistantd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]assistantd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]assistantd$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode)))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles")
+	(literal-prefix "${HOME}/Library/Caches")
+	(literal-prefix "${HOME}/Library/DeviceRegistry")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal-prefix "${HOME}/Library/PPTDevice")
+	(literal "/private/var/run/syslog")
+	(literal-prefix "${HOME}/Library/Logs/awd")
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/awd"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}")))))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.siri.")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.weather.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.token.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.support.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AssistantServices.plist")
+	(subpath-prefix "${HOME}/Library/Logs/CrashReporter/Assistant")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.siri.backedup.encrypted.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.logging.plist")
+	(subpath-prefix "${HOME}/Library/Assistant")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.voicetrigger.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.backedup.plist")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${HOME}/Library/Logs/awd/awd-assistantd.log")
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Caches/GeoServices/tguid.bin"))
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+			(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]AssistantServices/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]AssistantServices$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]AssistantServices/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]AssistantServices$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AssistantServices/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AssistantServices$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AssistantServices/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AssistantServices$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]assistantd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]assistantd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]assistantd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]assistantd$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type BLOCK-DEVICE)
+				(vnode-type CHARACTER-DEVICE)
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+				(extension "com.apple.tcc.kTCCServiceAddressBook"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/AddressBook")
+				(extension "com.apple.tcc.kTCCServiceAddressBook"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AssistantServices/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AssistantServices$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AssistantServices/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]AssistantServices$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]assistantd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]assistantd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]assistantd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]assistantd$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]assistantd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]assistantd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]assistantd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]assistantd$")
+				(subpath-prefix "${HOME}")))))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Logs/awd"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.private.safe-move.send")))))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open
+	(extension "com.apple.security.exception.iokit-user-client-class")
+	(iokit-user-client-class "AppleKeyStoreUserClient")
+	(iokit-user-client-class "IOMobileFramebufferUserClient")
+	(iokit-user-client-class "RootDomainUserClient")
+	(iokit-user-client-class "AppleMobileFileIntegrityUserClient"))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.nano.nanoregistry.paireddeviceregistry")
+	(global-name "com.apple.geod")
+	(global-name "com.apple.audio.AudioSession")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.mediaserverd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.MediaRemote.daemon")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.marco")
+	(local-name-regex #"^com[.]apple[.]assistant[.]contextprovider[.]")
+	(global-name "com.apple.BTLEAudioController.xpc")
+	(global-name "com.apple.imagent.embedded.auth")
+	(global-name "com.apple.PowerManagement.control")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.spotlight.IndexAgent")
+	(global-name "com.apple.coreduetd")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.nanomaps.xpc.GeoServices")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.cmfsyncagent.embedded.auth")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.assistant_service")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.powerlog.plxpclogger.xpc")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.absd")
+	(global-name "com.apple.springboard.services")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.coremedia.admin")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.locationd.registration")
+	(global-name "com.apple.MediaRemote.nowplayingserver")
+	(global-name "com.apple.telephonyutilities.callservicesdaemon.callcapabilities")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.MediaRemote.isrunning")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.usernotification.notificationregistrar")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.locationd.synchronous")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.springboard.backgroundappservices")
+	(global-name "com.apple.accountsd.oauthsigner")
+	(global-name "com.apple.audio.AudioQueueServer")
+	(global-name "com.apple.mediaremoted.xpc")
+	(global-name "com.apple.wifi.manager")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.coremedia.endpoint.xpc")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.locationd.spi")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.voiceservices.tts")
+	(global-name "com.apple.absinthed")
+	(global-name "com.apple.frontboard.systemappservices")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.identityservicesd.idquery.embedded.auth")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.usernotification.notificationscheduler")
+	(global-name "com.apple.pairedsyncd.syncstate")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.ABDatabaseDoctor")
+	(global-name "com.apple.awdd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.xpcd")
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.springboard")
+	(preference-domain "com.apple.avfoundation")
+	(preference-domain "com.apple.coreaudio")
+	(preference-domain "com.apple.iokit.IOMobileGraphicsFamily")
+	(preference-domain "com.apple.weather")
+	(preference-domain "com.apple.assistant.support")
+	(preference-domain "com.apple.icloud.findmydeviced.postwipe")
+	(preference-domain "com.apple.mediaremote")
+	(preference-domain "com.apple.GEO")
+	(preference-domain "com.apple.mobileipod")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "com.apple.voicetrigger")
+	(preference-domain "com.apple.CoreDuet")
+	(preference-domain "com.apple.avfoundation.avvc")
+	(preference-domain "com.apple.pairedsync")
+	(preference-domain "com.apple.assistant")
+	(preference-domain "com.apple.carrier")
+	(preference-domain "com.apple.icloud.findmydeviced.public.notbackedup")
+	(preference-domain "com.apple.coremedia")
+	(preference-domain "com.apple.assistant.backedup")
+	(preference-domain "com.apple.DataMigration")
+	(preference-domain "com.apple.AssistantServices")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.NanoRegistry")
+	(preference-domain "com.apple.assistant.token")
+	(preference-domain "com.apple.demo-settings")
+	(preference-domain "com.apple.assistant.logging")
+	(preference-domain "com.apple.siri.backedup.encrypted")
+	(preference-domain "com.apple.marco")
+	(preference-domain "com.apple.logging")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.AOSNotification.public.notbackedup")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.AssistantServices")
+	(preference-domain "com.apple.assistant.support")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.assistant.logging")
+	(preference-domain "com.apple.assistant.token")
+	(preference-domain "com.apple.assistant")
+	(preference-domain "com.apple.siri.backedup.encrypted")
+	(preference-domain "com.apple.weather")
+	(preference-domain "com.apple.voicetrigger")
+	(preference-domain "com.apple.assistant.backedup"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.assistant.assistantd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.assistant.assistantd.sb.xml
new file mode 100644
index 00000000..c9d99090
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.assistant.assistantd.sb.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.bird.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.bird.sb
new file mode 100644
index 00000000..915b2819
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.bird.sb
@@ -0,0 +1,629 @@
+(version 1)
+(deny default)
+(allow distributed-notification-post)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Application Support/Ubiquity/genstore")
+		(extension-class "com.apple.librarian.ubiquity-revision"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(literal-prefix "${HOME}/Library/Mobile Documents/"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(extension-class "com.apple.librarian.ubiquity-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]bird/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]bird$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]bird/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]bird$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]ubd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]ubd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]ubd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]ubd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]ubd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]ubd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]ubd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]ubd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]bird/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]bird$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]bird/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]bird$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension-class "com.apple.app-sandbox.read")
+			(extension-class "com.apple.quicklook.readonly")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]ubd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]ubd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]ubd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]ubd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]bird/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]bird$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]bird/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]bird$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.clouddocs.version")
+		(vnode-type REGULAR-FILE)
+		(subpath-prefix "${HOME}/Library/Application Support/CloudDocs/session/r")))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/System/Library")
+	(literal "/dev/urandom")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CloudKit.BehaviorOptions.plist")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(subpath-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/Ubiquity")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ubd.plist")
+	(subpath-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/CloudDocs")
+	(subpath-prefix "${HOME}/Library/Application Support/Ubiquity")
+	(subpath-prefix "${HOME}/Library/Caches/CloudKit/com.apple.bird")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal "/dev/zero")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(literal-prefix "${HOME}/Library/Mobile Documents.")
+	(literal "/dev/ptmx")
+	(subpath "/Developer")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.accountsd.plist")
+	(subpath-prefix "${HOME}/Library/Caches/CloudKit/com.apple.clouddocs")
+	(subpath-prefix "${HOME}/Library/Application Support/CloudDocs")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iCloudDriveApp.plist")
+	(subpath "/private/var/db/timezone")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles")
+	(literal "/dev/aes_0")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.persistentconnection.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(extension "com.apple.sandbox.executable")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+	(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.appleaccount.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bird.plist")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+	(literal "/dev/random")
+	(subpath-prefix "${HOME}/Library/Mobile Documents")
+	(literal "/dev/dtracehelper")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mmcs.plist")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath-prefix "${HOME}/Library/Caches/CloudKit/tmp")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(subpath-prefix "${HOME}/Library/Logs/CloudDocs")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]bird" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]bird" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]bird")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]ubd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]ubd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]ubd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]ubd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]bird/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]bird$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]bird/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]bird$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles$" #"^/private/var/mobile/Library/ConfigurationProfiles/" #"^/private/var/mobile/Library/UserConfigurationProfiles$" #"^/private/var/mobile/Library/UserConfigurationProfiles/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(vnode-type DIRECTORY)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+		(extension "com.apple.revisiond.revision"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]bird/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]bird$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]bird/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]bird$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]ubd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]ubd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]ubd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]ubd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type SYMLINK)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]ubd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]ubd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]ubd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]ubd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]bird/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]bird$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]bird/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]bird$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type SYMLINK)
+		(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+		(extension "com.apple.revisiond.revision"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+		(extension "com.apple.revisiond.revision"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-read-metadata)
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath-prefix "${HOME}/Library/Caches/CloudKit/com.apple.clouddocs")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.appleaccount.plist")
+	(literal-prefix "${HOME}/Library/Mobile Documents.")
+	(subpath-prefix "${HOME}/Library/Mobile Documents")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ubd.plist")
+	(subpath-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/CloudDocs")
+	(subpath-prefix "${HOME}/Library/Application Support/Ubiquity")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iCloudDriveApp.plist")
+	(subpath-prefix "${HOME}/Library/Caches/CloudKit/com.apple.bird")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(subpath-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/Ubiquity")
+	(subpath-prefix "${HOME}/Library/Application Support/CloudDocs")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bird.plist")
+	(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+	(subpath-prefix "${HOME}/Library/Caches/CloudKit/tmp")
+	(subpath-prefix "${HOME}/Library/Logs/CloudDocs")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]bird/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]bird$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]bird/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]bird$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]ubd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]ubd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]ubd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]ubd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type SYMLINK)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]bird/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]bird$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]bird/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]bird$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]ubd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]ubd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]ubd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]ubd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]ubd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]ubd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]ubd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]ubd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]bird/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]bird$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]bird/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]bird$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]bird" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]bird" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]bird")
+		(subpath-prefix "${FRONT_USER_HOME}")))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Application Support"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches/CloudKit"))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.private.safe-move.send"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(require-any
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches"))))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/Logs/CrashReporter")
+			(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs")))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.quicklook.ThumbnailsAgent")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.librariand")
+	(global-name "com.apple.PowerManagement.control")
+	(global-name "com.apple.FileCoordination")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.spotlight.IndexAgent")
+	(global-name "com.apple.coreduetd")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.powerlog.plxpclogger.xpc")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.FSEvents")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.lsd.modifydb")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.coresymbolicationd")
+	(global-name "com.apple.ProgressReporting")
+	(global-name "com.apple.SBUserNotification")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.frontboard.systemappservices")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.mobile.keybagd.UserManager.xpc")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.apsd")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.revisiond")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.cache_delete")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.bird.ContainerMetadataExtractor")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.mobile.keybagd.xpc")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.ubd")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.lsd.xpc")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.cloudd")
+	(global-name "com.apple.xpcd")
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "com.apple.CloudKit.BehaviorOptions")
+	(preference-domain "com.apple.ubd")
+	(preference-domain "com.apple.appleaccount")
+	(preference-domain "com.apple.persistentconnection")
+	(preference-domain "com.apple.accountsd")
+	(preference-domain "com.apple.mmcs")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.bird")
+	(preference-domain "com.apple.iCloudDriveApp")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.ubd")
+	(preference-domain "com.apple.bird")
+	(preference-domain "com.apple.iCloudDriveApp")
+	(preference-domain "com.apple.appleaccount"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-fsctl
+	(fsctl-command (_IO "h" 24))
+	(fsctl-command (_IO "h" 30))
+	(fsctl-command (_IO "h" 32))
+	(fsctl-command (_IO "h" 31)))
+(allow system-info
+	(info-type "hw.uuid"))
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.bird.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.bird.sb.xml
new file mode 100644
index 00000000..82828b2d
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.bird.sb.xml
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="distributed-notification-post" action="allow" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="file-read-metadata" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.cloudd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.cloudd.sb
new file mode 100644
index 00000000..0a47bd14
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.cloudd.sb
@@ -0,0 +1,600 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(regex #"^/private/var/mobile/Containers/[^/]+/[^/]+/[^/]+/Library/Caches/CloudKit" #"^/private/var/euser[0-9]+/Containers/[^/]+/[^/]+/[^/]+/Library/Caches/CloudKit")
+		(subpath-prefix "${HOME}")
+		(require-any
+			(extension-class "com.apple.nsurlstorage.extension-cache")
+			(extension-class "com.apple.app-sandbox.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Containers/[^/]+/Data/Library/Caches/CloudKit" #"^/private/var/euser[0-9]+/Library/Containers/[^/]+/Data/Library/Caches/CloudKit")
+		(subpath-prefix "${HOME}")
+		(require-any
+			(extension-class "com.apple.nsurlstorage.extension-cache")
+			(extension-class "com.apple.app-sandbox.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"/private/var/containers/[^/]+/[^/]+/[^/]+/Library/Caches/CloudKit" #".+/private/var/containers/[^/]+/[^/]+/[^/]+/Library/Caches/CloudKit")
+		(require-any
+			(extension-class "com.apple.nsurlstorage.extension-cache")
+			(extension-class "com.apple.app-sandbox.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/CloudKit/[^/]+/[^/]+" #"^/private/var/euser[0-9]+/Library/Caches/CloudKit/[^/]+/[^/]+")
+		(subpath-prefix "${HOME}")
+		(require-any
+			(extension-class "com.apple.nsurlstorage.extension-cache")
+			(extension-class "com.apple.app-sandbox.read-write"))))
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/System/Library")
+	(literal "/dev/urandom")
+	(literal "/private/var/db/mds/messages/se_SecurityMessages")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(mount-relative-regex #"^/[.]DocumentRevisions-V100-bad-[0-9]+$" #"^/[.]DocumentRevisions-V100-bad-[0-9]+/")
+	(subpath-prefix "${HOME}/Library/Logs/awd")
+	(literal "/Library/Preferences/com.apple.security.plist")
+	(literal "/")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.public.notbackedup.plist")
+	(regex #"^/private/var/tmp/CKTraffic$" #"^/private/var/tmp/CKTraffic[^/]+$")
+	(mount-relative-regex #"^/[.]DocumentRevisions-V100$" #"^/[.]DocumentRevisions-V100/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+	(literal "/dev/zero")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AOSNotification.public.notbackedup.plist")
+	(regex #"^/Library/Keychains/System.keychain")
+	(subpath-prefix "${HOME}/Library/Keychains")
+	(literal-prefix "${HOME}/Library/Logs/ProtectedCloudStorage.log")
+	(literal "/dev/ptmx")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreDuet.plist")
+	(mount-relative-regex #"^/[.]TemporaryItems$" #"^/[.]TemporaryItems/")
+	(extension "com.apple.sandbox.executable")
+	(literal "/private/var/db/DetachedSignatures")
+	(literal-prefix "${HOME}/Library/Caches")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.postwipe.plist")
+	(subpath "/private/var/db/timezone")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iokit.IOMobileGraphicsFamily.plist")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.migration.plist")
+	(literal "/dev/aes_0")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.persistentconnection.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/var/tmp$" #"^/var/tmp/" #"^/private/var/tmp$" #"^/private/var/tmp/")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath-prefix "${HOME}/Library/Caches/CloudKit")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(subpath-prefix "${HOME}/Library/Logs/Ubiquity")
+	(subpath "/usr/share")
+	(subpath-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs")
+	(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(literal "/private/var/run/diagnosticd/dyld_shared_cache_x86_64")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.nsurlsessiond")
+	(literal "/private/var/logs/Ubiquity")
+	(literal "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/CloudConfigurationDetails.plist")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+	(literal "/dev/random")
+	(subpath "/Developer")
+	(literal "/dev/dtracehelper")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.cloudd")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/dev/null")
+	(literal "/private/var/db/mds/system/mdsDirectory.db")
+	(subpath "/usr/lib")
+	(literal "/Library/Preferences/SystemConfiguration/preferences.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataMigration.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.purplebuddy.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/CloudConfigurationDetails.plist$" #"^/private/var/mobile/Library/UserConfigurationProfiles/CloudConfigurationDetails.plist$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/CloudConfigurationDetails.plist$")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/CloudKit" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/CloudKit")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/CrashReporter/CFNetwork_com[.]apple[.]cloudd_log" #"^/private/var/mobile/Library/Logs/CrashReporter/CFNetwork_com[.]apple[.]cloudd_.+log" #"^/private/var/euser[0-9]+/Library/Logs/CrashReporter/CFNetwork_com[.]apple[.]cloudd_.*log")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/AddressBook")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Caches/CloudKit" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Caches/CloudKit")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]cloudd" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]cloudd" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]cloudd")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal "/private/tmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")
+	(regex #"^/var/tmp$" #"^/private/var/tmp$")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library")
+	(literal "/AppleInternal")
+	(literal "/etc")
+	(literal "/tmp")
+	(literal-prefix "${HOME}/Library/Caches")
+	(literal "/private/etc/localtime")
+	(literal "/Library/Keychains")
+	(literal "/private/var/run/systemkeychaincheck.done")
+	(literal "/Library/Logs")
+	(literal "/private/var/run/syslog")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(regex #"^/var$" #"^/private/var$")
+	(literal "/Library")
+	(literal "/Library/Security/Trust Settings/Admin.plist")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection"))))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.cloudd")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.nsurlsessiond")
+	(regex #"^/var/tmp$" #"^/var/tmp/" #"^/private/var/tmp$" #"^/private/var/tmp/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+	(mount-relative-regex #"^/[.]TemporaryItems$" #"^/[.]TemporaryItems/")
+	(subpath-prefix "${HOME}/Library/Logs/awd")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(subpath-prefix "${HOME}/Library/Caches/CloudKit")
+	(literal "/")
+	(regex #"^/Library/Keychains/System.keychain")
+	(subpath-prefix "${HOME}/Library/Logs/Ubiquity")
+	(literal-prefix "${HOME}/Library/Caches")
+	(subpath-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs")
+	(subpath-prefix "${HOME}/Library/Keychains")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.purplebuddy.plist")
+	(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+	(regex #"^/private/var/tmp/CKTraffic$" #"^/private/var/tmp/CKTraffic[^/]+$")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+	(literal "/private/var/logs/Ubiquity")
+	(literal-prefix "${HOME}/Library/Logs/ProtectedCloudStorage.log")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/CrashReporter/CFNetwork_com[.]apple[.]cloudd_log" #"^/private/var/mobile/Library/Logs/CrashReporter/CFNetwork_com[.]apple[.]cloudd_.+log" #"^/private/var/euser[0-9]+/Library/Logs/CrashReporter/CFNetwork_com[.]apple[.]cloudd_.*log")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/CloudKit" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/CloudKit")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/AddressBook")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]cloudd" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]cloudd" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]cloudd")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Caches/CloudKit" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Caches/CloudKit")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(require-not (vnode-type BLOCK-DEVICE))
+		(require-not (vnode-type CHARACTER-DEVICE))
+		(require-any
+			(require-all
+				(regex #"^/cores/")
+				(require-not (file-mode #o0000)))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people")))))
+(allow file-write-create
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_com.apple.cloudd")
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.private.safe-move.send"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(require-any
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection"))))))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow file-write-xattr
+	(mount-relative-regex #"^/[.]DocumentRevisions-V100$" #"^/[.]DocumentRevisions-V100/")
+	(mount-relative-regex #"^/[.]DocumentRevisions-V100-bad-[0-9]+$" #"^/[.]DocumentRevisions-V100-bad-[0-9]+/"))
+(allow iokit-open
+	(extension "com.apple.security.exception.iokit-user-client-class")
+	(iokit-user-client-class "AppleKeyStoreUserClient")
+	(iokit-user-client-class "AppleMobileFileIntegrityUserClient")
+	(iokit-user-client-class "IOMobileFramebufferUserClient"))
+(allow iokit-get-properties)
+(allow ipc-posix-shm-read-data
+	(ipc-posix-name-regex #"^/tmp/com[.]apple[.]csseed[.][0-9]+$")
+	(ipc-posix-name "FNetwork.defaultStorageSession")
+	(ipc-posix-name "com.apple.AppleDatabaseChanged"))
+(allow ipc-posix-shm-write-data
+	(ipc-posix-name-regex #"^gdt-[0-9A-Za-z]+-c$" #"^gdt-[0-9A-Za-z]+-s$")
+	(ipc-posix-name "com.apple.AppleDatabaseChanged"))
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.fairplayd.versioned")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.coreservices.quarantine-resolver")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.PowerManagement.control")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.spotlight.IndexAgent")
+	(global-name "com.apple.coreduetd")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.cmfsyncagent.embedded.auth")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.powerlog.plxpclogger.xpc")
+	(global-name "com.apple.datamigrator")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.ABDatabaseDoctor")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.telephonyutilities.callservicesdaemon.callcapabilities")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.SBUserNotification")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.system.DirectoryService.libinfo_v1")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.mobile.keybagd.UserManager.xpc")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.apsd")
+	(global-name "com.apple.SecurityServer")
+	(global-name "com.apple.CARenderServer")
+	(global-name "com.apple.fairplayd")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.AssetCacheLocatorService")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.awdd")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.CoreServices.coreservicesd")
+	(global-name "com.apple.identityservicesd.idquery.embedded.auth")
+	(global-name "com.apple.pluginkit.pkd")
+	(global-name "com.apple.mobile.keybagd.xpc")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.windowserver.active")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.ocspd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.xpcd")
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow network-outbound
+	(require-all
+		(require-not (regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
+		(require-any
+			(remote tcp "*:*")
+			(literal "/private/var/run/mDNSResponder")
+			(literal "/private/var/run/syslog")
+			(literal "/private/var/run/asl_input")
+			(control-name "com.apple.network.statistics")
+			(control-name "com.apple.netsrc"))))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.UIKit")
+	(preference-domain "com.apple.keyboard")
+	(preference-domain "com.apple.icloud.findmydeviced.postwipe")
+	(preference-domain "com.apple.CloudKit.BehaviorOptions")
+	(preference-domain "com.apple.iokit.IOMobileGraphicsFamily")
+	(preference-domain "com.apple.icloud.findmydeviced.public.notbackedup")
+	(preference-domain "com.apple.mmcs")
+	(preference-domain "com.apple.cloudd")
+	(preference-domain "com.apple.purplebuddy")
+	(preference-domain "com.apple.CoreDuet")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.persistentconnection")
+	(preference-domain "com.apple.springboard")
+	(preference-domain "com.apple.DataMigration")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.migration")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.AOSNotification.public.notbackedup")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.mmcs")
+	(preference-domain "com.apple.cloudd")
+	(preference-domain "com.apple.CloudKit.BehaviorOptions")
+	(preference-domain "com.apple.purplebuddy")
+	(preference-domain "com.apple.PeoplePicker"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.cloudd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.cloudd.sb.xml
new file mode 100644
index 00000000..c9d99090
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.cloudd.sb.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.datadetectors.AddToRecentsService.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.datadetectors.AddToRecentsService.sb
new file mode 100644
index 00000000..63d6d8ff
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.datadetectors.AddToRecentsService.sb
@@ -0,0 +1,210 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/private/var/containers/Bundle")
+	(subpath "/Applications")
+	(literal "/dev/urandom")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+	(literal "/dev/dtracehelper")
+	(literal "/dev/zero")
+	(subpath "/usr/share")
+	(literal "/dev/random")
+	(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+	(subpath "/System/Library")
+	(subpath "/private/var/db/timezone")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobilephone.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(extension "com.apple.sandbox.executable")
+	(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+	(literal "/dev/ptmx")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.telephonyutilities.dialassist.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.message.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal "/dev/aes_0")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(debug-mode)
+		(require-any
+			(subpath "/AppleInternal/Applications")
+			(subpath "/private/var/mobile/XcodeBuiltProducts")))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(vnode-type DIRECTORY)
+	(subpath-prefix "${HOME}/Library/Carrier Bundles")
+	(vnode-type SYMLINK)
+	(literal "/private/var/run/syslog")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.corerecents.recentsd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.lsd.icons")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.message")
+	(preference-domain "com.apple.carrier")
+	(preference-domain "com.apple.mobilephone")
+	(preference-domain "com.apple.telephonyutilities.dialassist")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.datadetectors.AddToRecentsService.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.datadetectors.AddToRecentsService.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.datadetectors.AddToRecentsService.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.homed.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.homed.sb
new file mode 100644
index 00000000..f99f488e
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.homed.sb
@@ -0,0 +1,724 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(extension "com.apple.librarian.ubiquity-container")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]homed/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]homed$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]homed/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]homed$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]homed/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]homed$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]homed/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]homed$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]homed/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]homed$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]homed/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]homed$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write"))))
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileAsset.plist")
+	(literal "/dev/urandom")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.locationd.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.conference.plist")
+	(subpath-prefix "${HOME}/Library/HomeConfiguration")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+	(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.public.notbackedup.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+	(literal "/dev/zero")
+	(subpath-prefix "${HOME}/Library/homed")
+	(subpath "/usr/share")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AOSNotification.public.notbackedup.plist")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+	(literal "/dev/ptmx")
+	(subpath "/Developer")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist")
+	(subpath "/System/Library")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.postwipe.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+	(subpath "/private/var/db/timezone")
+	(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.homed.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${HOME}/Library/Logs/awd/awd-homed.log")
+	(literal "/dev/aes_0")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.persistentconnection.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(extension "com.apple.sandbox.executable")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+	(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+	(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+	(literal "/dev/random")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreDuet.plist")
+	(literal "/dev/dtracehelper")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataMigration.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ids.plist")
+	(require-all
+		(subpath-prefix "${HOME}/Library/Application Support/Ubiquity/genstore")
+		(extension "com.apple.librarian.ubiquity-revision"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Application Support/CloudDocs/session/r")
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.clouddocs.version"))
+	(require-all
+		(subpath "/private/var/MobileAsset")
+		(extension "com.apple.assets.read"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]homed" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]homed" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]homed")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]homed/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]homed$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]homed/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]homed$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+		(extension "com.apple.revisiond.revision"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type SYMLINK)
+		(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+		(extension "com.apple.revisiond.revision"))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(vnode-type DIRECTORY)
+		(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+		(extension "com.apple.revisiond.revision"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/CrashReporter/DiagnosticLogs/HomeKit" #"^/private/var/euser[0-9]+/Library/Logs/CrashReporter/DiagnosticLogs/HomeKit")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Assets")
+		(extension "com.apple.assets.read"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]homed/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]homed$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]homed/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]homed$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]homed/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]homed$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]homed/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]homed$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/AddressBook")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(vnode-type SYMLINK)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging")))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")
+	(literal-prefix "${HOME}/Library")
+	(literal-prefix "${HOME}/Library/PPTDevice")
+	(vnode-type SYMLINK)
+	(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(literal-prefix "${HOME}/Library/Caches")
+	(literal-prefix "${HOME}/Library/Mobile Documents")
+	(literal-prefix "${HOME}/Library/Logs/awd")
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/CrashReporter"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/awd")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${HOME}/Library/Logs/awd/awd-homed.log")
+	(subpath-prefix "${HOME}/Library/HomeConfiguration")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.homed.plist")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+	(subpath-prefix "${HOME}/Library/homed")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]homed/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]homed$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]homed/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]homed$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]homed" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]homed" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]homed")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]homed/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]homed$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]homed/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]homed$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(vnode-type SYMLINK)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/AddressBook")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/CrashReporter/DiagnosticLogs/HomeKit" #"^/private/var/euser[0-9]+/Library/Logs/CrashReporter/DiagnosticLogs/HomeKit")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]homed/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]homed$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]homed/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]homed$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging")))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs"))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.private.safe-move.send"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Logs/awd"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(require-any
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")))))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/CrashReporter")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.mobileassetd")
+	(global-name "com.apple.nano.nanoregistry.paireddeviceregistry")
+	(global-name "com.apple.audio.AudioSession")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.corefollowup.agent")
+	(global-name "com.apple.fairplayd.versioned")
+	(global-name "com.apple.mediaserverd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.quicklook.ThumbnailsAgent")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.coremedia.asset")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.marco")
+	(global-name "com.apple.librariand")
+	(global-name "com.apple.PowerManagement.control")
+	(global-name "com.apple.server.bluetooth.le.att.xpc")
+	(global-name "com.apple.spotlight.IndexAgent")
+	(global-name "com.apple.fig.movie")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.cmfsyncagent.embedded.auth")
+	(global-name "com.apple.FileProvider")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.coremedia.remaker")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.coremedia.assetimagegenerator")
+	(global-name "com.apple.powerlog.plxpclogger.xpc")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.ABDatabaseDoctor")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.locationd.registration")
+	(global-name "com.apple.coremedia.capturesession")
+	(global-name "com.apple.identityservicesd.embedded.auth")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.itunesstored.xpc")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.SBUserNotification")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.coremedia.sandboxserver")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.identityservicesd.idquery.embedded.auth")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.itunescloudd.xpc")
+	(global-name "com.apple.locationd.synchronous")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.coremedia.capturesource")
+	(global-name "com.apple.springboard.backgroundappservices")
+	(global-name "com.apple.apsd")
+	(global-name "com.apple.coremedia.admin")
+	(global-name "com.apple.wirelessproxd")
+	(global-name "com.apple.wifi.manager")
+	(global-name "com.apple.telephonyutilities.callservicesdaemon.callcapabilities")
+	(global-name "com.apple.coremedia.videocompositor")
+	(global-name "com.apple.bird.token")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.mobile.keybagd.UserManager.xpc")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.coremedia.endpoint.xpc")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.bird")
+	(global-name "com.apple.pegasus")
+	(global-name "com.apple.revisiond")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.frontboard.systemappservices")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.coremedia.recorder")
+	(global-name "com.apple.mobile.keybagd.xpc")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.locationd.spi")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.lsd.xpc")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.coreduetd.knowledge")
+	(global-name "com.apple.awdd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.cloudd")
+	(global-name "com.apple.xpcd")
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.ids")
+	(preference-domain "com.apple.locationd")
+	(preference-domain "com.apple.avfoundation")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.coreaudio")
+	(preference-domain "com.apple.icloud.findmydeviced.postwipe")
+	(preference-domain "com.apple.icloud.findmydeviced.public.notbackedup")
+	(preference-domain "com.apple.corevideo")
+	(preference-domain "com.apple.mobileipod")
+	(preference-domain "com.apple.homed")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.CoreDuet")
+	(preference-domain "com.apple.GEO")
+	(preference-domain "com.apple.itunesstored")
+	(preference-domain "com.apple.persistentconnection")
+	(preference-domain "com.apple.carrier")
+	(preference-domain "com.apple.coremedia")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.logging")
+	(preference-domain "com.apple.DataMigration")
+	(preference-domain "com.apple.marco")
+	(preference-domain "com.apple.MobileAsset")
+	(preference-domain "com.apple.conference")
+	(preference-domain "com.apple.AOSNotification.public.notbackedup")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.homed"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.homed.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.homed.sb.xml
new file mode 100644
index 00000000..c9d99090
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.homed.sb.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.nehelper.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.nehelper.sb
new file mode 100644
index 00000000..86468d4b
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.nehelper.sb
@@ -0,0 +1,491 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/root/Library/Caches/nehelper/" #"^/private/var/root/Library/Caches/nehelper$"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/private/var/root/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/root/Library/Caches/nehelper/" #"^/private/var/root/Library/Caches/nehelper$"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/root/Library/Caches/nehelper/" #"^/private/var/root/Library/Caches/nehelper$"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath "/private/var/root/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/Applications")
+	(subpath "/System/Library")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal "/dev/dtracehelper")
+	(literal "/dev/zero")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(regex #"^/private/var/preferences/SystemConfiguration/VPN-[^/]+[.]plist")
+	(literal "/usr/local/bin/network_test")
+	(literal "/dev/random")
+	(literal "/dev/ptmx")
+	(subpath "/usr/libexec")
+	(subpath "/private/var/root/Library/Cookies")
+	(subpath "/private/var/db/timezone")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/dev/urandom")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/preferences/com[.]apple[.]networkextension[.]plist" #"^/private/var/preferences/com[.]apple[.]networkextension[.]necp[.]plist" #"^/private/var/preferences/com[.]apple[.]networkextension[.]control[.]plist" #"^/private/var/preferences/com[.]apple[.]networkextension[.]cache[.]plist")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(literal "/private/etc/master.passwd")
+	(extension "com.apple.sandbox.executable")
+	(subpath "/usr/share")
+	(regex #"^/private/var/root/Library/Caches/nehelper/" #"^/private/var/root/Library/Caches/nehelper$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(subpath "/private/var/containers/Bundle/Application")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/private/var/tmp")
+	(literal "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/CloudConfigurationDetails.plist")
+	(subpath "/usr/sbin")
+	(subpath "/Developer")
+	(regex #"^/private/var/preferences/SystemConfiguration/preferences[.]plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal "/dev/aes_0")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/CloudConfigurationDetails.plist$" #"^/private/var/mobile/Library/UserConfigurationProfiles/CloudConfigurationDetails.plist$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/CloudConfigurationDetails.plist$")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/nehelper/" #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/nehelper$"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/nehelper/" #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/nehelper$"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal "/private/var/root/Library/Caches")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal "/private/var/run/syslog")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal "/private/var/root/Library/Caches"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/preferences/SystemConfiguration/VPN-[^/]+[.]plist")
+	(regex #"^/private/var/root/Library/Caches/nehelper/" #"^/private/var/root/Library/Caches/nehelper$")
+	(regex #"^/private/var/preferences/com[.]apple[.]networkextension[.]plist" #"^/private/var/preferences/com[.]apple[.]networkextension[.]necp[.]plist" #"^/private/var/preferences/com[.]apple[.]networkextension[.]control[.]plist" #"^/private/var/preferences/com[.]apple[.]networkextension[.]cache[.]plist")
+	(regex #"^/private/var/preferences/SystemConfiguration/preferences[.]plist")
+	(subpath "/private/var/root/Library/Cookies")
+	(subpath "/private/var/tmp")
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/nehelper/" #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/nehelper$"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/nehelper/" #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/nehelper$")))
+(allow file-write-create
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal "/private/var/root/Library/Caches"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.private.safe-move.send")))))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.CoreServices.coreservicesd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.managedconfiguration.profiled")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.frontboard.systemappservices")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.networking.captivenetworksupport")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.CoreAuthentication.daemon")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.SBUserNotification")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.lsd.mapdb")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "platform-application")))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "platform-application")))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private")))
+(allow mach-register
+	(global-name "com.apple.nehelper")
+	(require-all
+		(extension "com.apple.security.exception.mach-register.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(extension "com.apple.security.exception.mach-register.global-name")
+		(global-name-regex #".+")))
+(allow network*
+	(local udp "*:500")
+	(local udp "*:4500")
+	(literal "/private/var/run/racoon.sock"))
+(allow network-outbound
+	(require-all
+		(require-not (regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
+		(require-any
+			(remote udp "*:*")
+			(literal "/private/var/run/mDNSResponder")
+			(control-name "com.apple.net.utun_control")
+			(literal "/private/var/run/syslog")
+			(control-name "com.apple.network.statistics")
+			(remote tcp "*:*")
+			(control-name "com.apple.netsrc")
+			(control-name "com.apple.content-filter")
+			(control-name "com.apple.flow-divert")
+			(control-name "com.apple.net.necp_control")
+			(control-name "com.apple.net.ipsec_control"))))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl*
+	(sysctl-name-regex #"^net[.]inet[.]ipsec[.].+")
+	(sysctl-name-regex #"^net[.]necp[.].+"))
+(allow sysctl-read)
+(allow system-privilege)
+(allow system-socket)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.nehelper.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.nehelper.sb.xml
new file mode 100644
index 00000000..c8ed3bf5
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.nehelper.sb.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+	<operation name="system-socket" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.nesessionmanager.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.nesessionmanager.sb
new file mode 100644
index 00000000..3c3cae9c
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.nesessionmanager.sb
@@ -0,0 +1,466 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/root/Library/Caches/nesessionmanager/" #"^/private/var/root/Library/Caches/nesessionmanager$"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/root/Library/Caches/nesessionmanager/" #"^/private/var/root/Library/Caches/nesessionmanager$"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/root/Library/Caches/nesessionmanager/" #"^/private/var/root/Library/Caches/nesessionmanager$"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/System/Library")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal "/dev/dtracehelper")
+	(literal "/dev/zero")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(regex #"^/private/var/preferences/SystemConfiguration/VPN-[^/]+[.]plist")
+	(literal "/dev/random")
+	(subpath "/usr/libexec")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(literal "/private/var/run/racoon.pid")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.networkextension.plist")
+	(subpath "/private/var/db/timezone")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/dev/urandom")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/preferences/com[.]apple[.]networkextension[.]plist" #"^/private/var/preferences/com[.]apple[.]networkextension[.]necp[.]plist" #"^/private/var/preferences/com[.]apple[.]networkextension[.]control[.]plist" #"^/private/var/preferences/com[.]apple[.]networkextension[.]cache[.]plist")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(literal "/private/etc/master.passwd")
+	(extension "com.apple.sandbox.executable")
+	(literal "/dev/ptmx")
+	(subpath "/Developer")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/private/var/tmp")
+	(regex #"^/private/var/root/Library/Caches/nesessionmanager/" #"^/private/var/root/Library/Caches/nesessionmanager$")
+	(subpath "/private/etc/ppp")
+	(subpath "/usr/sbin")
+	(subpath "/private/var/containers/Bundle/VPNPlugin")
+	(regex #"^/private/var/preferences/SystemConfiguration/preferences[.]plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal "/dev/aes_0")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/dev/null")
+	(subpath "/private/var/run/racoon")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(regex #"^/private/var/run/ppp[0-9]+[.]pid$")
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/nesessionmanager/" #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/nesessionmanager$"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/nesessionmanager/" #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/nesessionmanager$"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal "/private/var/root/Library/Caches")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal "/private/var/run/syslog")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal "/private/var/root/Library/Caches"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath "/private/var/run/racoon")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal "/private/var/log/ppp.log")
+	(regex #"^/private/var/preferences/SystemConfiguration/preferences[.]plist")
+	(subpath "/private/var/tmp")
+	(regex #"^/private/var/preferences/SystemConfiguration/VPN-[^/]+[.]plist")
+	(regex #"^/private/var/root/Library/Caches/nesessionmanager/" #"^/private/var/root/Library/Caches/nesessionmanager$")
+	(regex #"^/private/var/run/ppp[0-9]+[.]pid$")
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/nesessionmanager/" #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/nesessionmanager$"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/nesessionmanager/" #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/nesessionmanager$")))
+(allow file-write-create
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal "/private/var/root/Library/Caches"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.private.safe-move.send")))))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.PowerManagement.control")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.UNCUserNotification")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.symptom_analytics")
+	(global-name "com.apple.springboard.services")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.SBUserNotification")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.neagent")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.frontboard.systemappservices")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.CoreServices.coreservicesd")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.pluginkit.pkd")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.ocspd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.xpcd")
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow network*)
+(allow network-inbound)
+(allow network-bind)
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.networkextension")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow process-exec*
+	(literal "/usr/sbin/pppd"))
+(allow process-fork)
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow signal)
+(allow sysctl*
+	(sysctl-name "net.key.natt_keepalive_interval"))
+(allow sysctl-read)
+(allow system-privilege)
+(allow system-socket)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.nesessionmanager.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.nesessionmanager.sb.xml
new file mode 100644
index 00000000..aa4f26ab
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.nesessionmanager.sb.xml
@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="network*" action="allow" />
+	<operation name="network-inbound" action="allow" />
+	<operation name="network-bind" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-fork" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="signal" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+	<operation name="system-socket" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.quicklook.QLThumbnailsService.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.quicklook.QLThumbnailsService.sb
new file mode 100644
index 00000000..3a766d1c
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.quicklook.QLThumbnailsService.sb
@@ -0,0 +1,466 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.quicklook.readonly")
+		(extension-class "com.apple.mediaserverd.read")))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/System/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Accessibility.plist")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+	(literal "/dev/zero")
+	(subpath "/usr/share")
+	(literal-prefix "${HOME}/Library/Application Support/Quick Look/cloudthumbnails.db")
+	(literal "/dev/random")
+	(literal "/dev/ptmx")
+	(literal-prefix "${HOME}/Library/Application Support/Quick Look/cloudthumbnails.db-shm")
+	(extension "com.apple.sandbox.executable")
+	(subpath "/usr/lib")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+	(subpath "/private/var/db/timezone")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iokit.IOMobileGraphicsFamily.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/dev/urandom")
+	(literal "/dev/aes_0")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+	(extension "com.apple.quicklook.readonly")
+	(subpath "/Developer")
+	(literal "/dev/dtracehelper")
+	(literal-prefix "${HOME}/Library/Application Support/Quick Look")
+	(literal-prefix "${HOME}/Library/Application Support/Quick Look/cloudthumbnails.db-wal")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal-prefix "${HOME}/Library/Application Support/Quick Look/cloudthumbnails.db-journal")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+		(extension "com.apple.revisiond.revision"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+		(extension "com.apple.revisiond.revision"))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(vnode-type DIRECTORY)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(vnode-type SYMLINK)
+		(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+		(extension "com.apple.revisiond.revision"))
+	(require-all
+		(vnode-type SYMLINK)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(subpath-prefix "${HOME}/Library/Application Support/CloudDocs/session")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(subpath-prefix "${HOME}/Media")
+	(subpath-prefix "${HOME}/Library/Mobile Documents")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Application Support/Documents" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Application Support/Documents")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Documents")
+		(subpath-prefix "${HOME}")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${HOME}/Library/Application Support/Quick Look/cloudthumbnails.db-shm")
+	(literal-prefix "${HOME}/Library/Application Support/Quick Look")
+	(literal-prefix "${HOME}/Library/Application Support/Quick Look/cloudthumbnails.db-wal")
+	(literal-prefix "${HOME}/Library/Application Support/Quick Look/cloudthumbnails.db")
+	(literal-prefix "${HOME}/Library/Application Support/Quick Look/cloudthumbnails.db-journal")
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Application Support/Quick Look"))
+	(require-all
+		(vnode-type SYMLINK)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-write-create
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal-prefix "${HOME}/Library/Application Support/Quick Look/cloudthumbnails.db")
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open
+	(extension "com.apple.security.exception.iokit-user-client-class")
+	(iokit-user-client-class "IOSurfaceRootUserClient")
+	(iokit-user-client-class "AppleMobileFileIntegrityUserClient")
+	(iokit-user-client-class "IOMobileFramebufferUserClient"))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.itunescloudd.xpc")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.coremedia.assetimagegenerator")
+	(global-name "com.apple.coremedia.capturesource")
+	(global-name "com.apple.audio.AudioSession")
+	(global-name "com.apple.pegasus")
+	(global-name "com.apple.springboard.backgroundappservices")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.mediaserverd")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.coremedia.admin")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.coremedia.asset")
+	(global-name "com.apple.coremedia.sandboxserver")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.itunesstored.xpc")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.coremedia.videocompositor")
+	(global-name "com.apple.coremedia.capturesession")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.coremedia.recorder")
+	(global-name "com.apple.revisiond")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.coremedia.endpoint.xpc")
+	(global-name "com.apple.fig.movie")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.coremedia.remaker")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.ctkd.token-client")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.bird")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.itunesstored")
+	(preference-domain "com.apple.iokit.IOMobileGraphicsFamily")
+	(preference-domain "com.apple.avfoundation")
+	(preference-domain "com.apple.coreaudio")
+	(preference-domain "com.apple.mobileipod")
+	(preference-domain "com.apple.coremedia")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.Accessibility")
+	(preference-domain "com.apple.corevideo")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-fsctl
+	(fsctl-command (_IO "h" 31)))
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.quicklook.QLThumbnailsService.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.quicklook.QLThumbnailsService.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.quicklook.QLThumbnailsService.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.rtcreportingd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.rtcreportingd.sb
new file mode 100644
index 00000000..1a731fe5
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.rtcreportingd.sb
@@ -0,0 +1,494 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/rtcreportingd/" #"^/private/var/mobile/Library/Caches/rtcreportingd$" #"^/private/var/euser[0-9]+/Library/Caches/rtcreportingd/" #"^/private/var/euser[0-9]+/Library/Caches/rtcreportingd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/rtcreportingd/" #"^/private/var/mobile/Library/Caches/rtcreportingd$" #"^/private/var/euser[0-9]+/Library/Caches/rtcreportingd/" #"^/private/var/euser[0-9]+/Library/Caches/rtcreportingd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/rtcreportingd/" #"^/private/var/mobile/Library/Caches/rtcreportingd$" #"^/private/var/euser[0-9]+/Library/Caches/rtcreportingd/" #"^/private/var/euser[0-9]+/Library/Caches/rtcreportingd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/Retired/rtcreportingd_")
+	(literal "/usr/libexec")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/rtcreportingd.plist")
+	(literal "/dev/dtracehelper")
+	(literal "/dev/zero")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.VideoConference.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.rtcreporting.plist")
+	(literal "/dev/random")
+	(literal-prefix "${HOME}/Library/Logs/awd/awd-rtcreportingd.log")
+	(subpath "/System/Library")
+	(subpath "/private/var/db/timezone")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.timed.plist")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/dev/urandom")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(extension "com.apple.sandbox.executable")
+	(literal "/dev/ptmx")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(subpath "/private/var/tmp")
+	(extension "com.apple.rtcreporting.upload")
+	(subpath "/Developer")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/rtcreportingd")
+	(literal "/usr/libexec/rtcreportingd")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal "/dev/aes_0")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/rtcreportingd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/rtcreportingd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/rtcreportingd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/rtcreportingd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/rtcreportingd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/rtcreportingd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/rtcreportingd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/rtcreportingd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/rtcreportingd/" #"^/private/var/mobile/Library/Caches/rtcreportingd$" #"^/private/var/euser[0-9]+/Library/Caches/rtcreportingd/" #"^/private/var/euser[0-9]+/Library/Caches/rtcreportingd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-data
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/Retired"))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/Retired")
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Caches")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(literal-prefix "${HOME}/Library/Logs/awd")
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/awd"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/CrashReporter/Retired"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/CrashReporter")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/Retired/rtcreportingd_")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/rtcreportingd")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/rtcreportingd.plist")
+	(literal-prefix "${HOME}/Library/Logs/awd/awd-rtcreportingd.log")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.rtcreporting.plist")
+	(subpath "/private/var/tmp")
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/rtcreportingd/" #"^/private/var/mobile/Library/Caches/rtcreportingd$" #"^/private/var/euser[0-9]+/Library/Caches/rtcreportingd/" #"^/private/var/euser[0-9]+/Library/Caches/rtcreportingd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/rtcreportingd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/rtcreportingd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/rtcreportingd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/rtcreportingd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/rtcreportingd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/rtcreportingd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/rtcreportingd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/rtcreportingd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-write-create
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Logs/awd"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.private.safe-move.send"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Logs/CrashReporter/Retired"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Logs/CrashReporter"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches")))))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(extension "com.apple.rtcreporting.upload")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.powerlog.plxpclogger.xpc")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.awdd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.lsd.mapdb")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.powerlogd")
+	(global-name "com.apple.system.libinfo.muser")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "rtcreportingd")
+	(preference-domain "com.apple.timed")
+	(preference-domain "com.apple.VideoConference")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.rtcreporting")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.rtcreporting")
+	(preference-domain "rtcreportingd"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.rtcreportingd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.rtcreportingd.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.rtcreportingd.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.sandboxd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.sandboxd.sb
new file mode 100644
index 00000000..a9984379
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.sandboxd.sb
@@ -0,0 +1,67 @@
+(version 1)
+(deny default)
+(allow file-ioctl
+	(literal "/dev/dtracehelper"))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*)
+(allow file-read-data)
+(allow file-read-metadata)
+(allow file-read-xattr)
+(allow file-write*
+	(extension "com.apple.sandbox.system-group")
+	(subpath "/private/var/tmp")
+	(regex #"^/private/var/logs/CrashReporter/Sandbox-.+[.]ips" #"^/private/var/logs/CrashReporter/[.]Sandbox-.+[.]ips")
+	(regex #"^/private/var/mobile/Library/Logs/CrashReporter/Sandbox-.+[.]ips" #"^/private/var/mobile/Library/Logs/CrashReporter/[.]Sandbox-.+[.]ips")
+	(require-all
+		(regex #"^/cores/")
+		(require-not (file-mode #o0000))))
+(allow file-write-data
+	(literal "/dev/dtracehelper")
+	(literal "/dev/null")
+	(literal "/dev/zero"))
+(allow iokit-open
+	(iokit-user-client-class "AppleMobileFileIntegrityUserClient"))
+(allow iokit-get-properties)
+(allow ipc-posix-shm*
+	(ipc-posix-name "apple.shm.notification_center"))
+(allow ipc-posix-shm-read*
+	(ipc-posix-name-regex #"^apple[.]shm[.]cfprefsd[.]"))
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.mobile.keybagd.xpc")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.system.DirectoryService.libinfo_v1")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.mobile.keybagd.UserManager.xpc")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.system.libinfo.muser")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.coresymbolicationd"))
+(allow network*
+	(regex #"^/private/var/tmp/sandbox[.]"))
+(allow network-outbound
+	(require-all
+		(require-not (regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
+		(require-any
+			(regex #"^/private/tmp/[.]webdavUDS[.][^/]+$")
+			(literal "/private/var/run/asl_input"))))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.sandboxd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.sandboxd.sb.xml
new file mode 100644
index 00000000..3cfb47db
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.sandboxd.sb.xml
@@ -0,0 +1,43 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="file-read*" action="allow" />
+	<operation name="file-read-data" action="allow" />
+	<operation name="file-read-metadata" action="allow" />
+	<operation name="file-read-xattr" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.siri.ClientFlow.ClientScripter.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.siri.ClientFlow.ClientScripter.sb
new file mode 100644
index 00000000..943abf2e
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.siri.ClientFlow.ClientScripter.sb
@@ -0,0 +1,207 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal "/dev/random")
+	(subpath-prefix "${HOME}/Library/Logs/CrashReporter/Assistant")
+	(literal "/dev/urandom")
+	(literal "/dev/ptmx")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/System/Library")
+	(literal "/dev/aes_0")
+	(literal "/dev/dtracehelper")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.siri.ClientFlow.ClientScripter.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.sandbox.executable")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(subpath "/Developer")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal "/dev/zero")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(subpath "/usr/share")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(subpath "/private/var/db/timezone")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.logging.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal "/private/var/run/syslog")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/CrashReporter"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath-prefix "${HOME}/Library/Logs/CrashReporter/Assistant")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.siri.ClientFlow.ClientScripter.plist")
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/CrashReporter"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.assistant.logging")
+	(preference-domain "com.apple.siri.ClientFlow.ClientScripter")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.siri.ClientFlow.ClientScripter"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.siri.ClientFlow.ClientScripter.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.siri.ClientFlow.ClientScripter.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.siri.ClientFlow.ClientScripter.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.snhelper.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.snhelper.sb
new file mode 100644
index 00000000..7203d9c9
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.snhelper.sb
@@ -0,0 +1,139 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal "/dev/random")
+	(subpath "/var/mobile/Library/Caches")
+	(literal "/dev/urandom")
+	(literal "/dev/ptmx")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/System/Library")
+	(literal "/dev/aes_0")
+	(literal "/dev/dtracehelper")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.sandbox.executable")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(subpath "/Developer")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal "/dev/zero")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(subpath "/usr/share")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(subpath "/private/var/db/timezone")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-register
+	(global-name "com.apple.snhelper")
+	(require-all
+		(extension "com.apple.security.exception.mach-register.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(extension "com.apple.security.exception.mach-register.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.snhelper.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.snhelper.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.snhelper.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.tccd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.tccd.sb
new file mode 100644
index 00000000..0084590a
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.tccd.sb
@@ -0,0 +1,450 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(extension-class-regex #"^com[.]apple[.]tcc[.]")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.conference.plist")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db-wal")
+	(literal-prefix "${HOME}/Library/Logs/awd/awd-tccd.log")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoRegistry.plist")
+	(literal "/dev/urandom")
+	(literal "/dev/ptmx")
+	(subpath "/System/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.companionsync.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist")
+	(literal-prefix "${HOME}/Library/Logs/CompanionSync")
+	(literal "/dev/dtracehelper")
+	(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db-journal")
+	(subpath-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/CompanionSync/TransportLogs")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db")
+	(literal "/dev/null")
+	(literal "/dev/random")
+	(extension "com.apple.sandbox.executable")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal "/dev/aes_0")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(subpath "/Developer")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.pairedsync.plist")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal "/dev/zero")
+	(subpath "/usr/lib")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(subpath "/usr/share")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(subpath "/private/var/db/timezone")
+	(subpath-prefix "${HOME}/Library/Logs/CompanionSync/TransportLogs")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ids.plist")
+	(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db-shm")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync/com[.]apple[.]private[.]alloy[.]tccd[.]sync" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync/nms[.]com[.]apple[.]private[.]alloy[.]tccd[.]sync" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync/(nms[.])?com[.]apple[.]private[.]alloy[.]tccd[.]sync")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${HOME}/Library/Logs/CompanionSync")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/CompanionSync")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs")
+	(literal-prefix "${HOME}/Library/PPTDevice")
+	(literal "/private/var/run/syslog")
+	(literal-prefix "${HOME}/Library/DeviceRegistry")
+	(literal-prefix "${HOME}/Library/Logs/awd")
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/awd"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/Logs/CompanionSync")
+			(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs")
+			(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/CompanionSync")))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$")
+		(subpath-prefix "${HOME}")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db-wal")
+	(literal-prefix "${HOME}/Library/Logs/awd/awd-tccd.log")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db-journal")
+	(subpath-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/CompanionSync/TransportLogs")
+	(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db")
+	(subpath-prefix "${HOME}/Library/TCC")
+	(subpath-prefix "${HOME}/Library/Logs/CompanionSync/TransportLogs")
+	(subpath "/private/var/tmp/com.apple.tccd")
+	(literal-prefix "${HOME}/Library/Logs/CompanionSync")
+	(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db-shm")
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync/com[.]apple[.]private[.]alloy[.]tccd[.]sync" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync/nms[.]com[.]apple[.]private[.]alloy[.]tccd[.]sync" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync/(nms[.])?com[.]apple[.]private[.]alloy[.]tccd[.]sync")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/CompanionSync"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/awd"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/Logs/CompanionSync")
+			(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs")
+			(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/CompanionSync")))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$")
+		(subpath-prefix "${HOME}")))
+(allow file-write-data
+	(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db")
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-owner
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$")
+		(subpath-prefix "${HOME}")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.appconduitd.device-connection")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.nano.nanoregistry.paireddeviceregistry")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.mobile.keybagd.UserManager.xpc")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.backboard.systemservices")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.springboard.backgroundappservices")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.springboard.services")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.mobile.keybagd.xpc")
+	(global-name "com.apple.SBUserNotification")
+	(global-name "com.apple.marco")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.pairedsyncd.syncstate")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.identityservicesd.embedded.auth")
+	(global-name "com.apple.librariand")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.pluginkit.pkd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.awdd")
+	(global-name "com.apple.companionappd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.frontboard.systemappservices")
+	(global-name "com.apple.lsd.mapdb")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.lsd.icons")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.NanoRegistry")
+	(preference-domain "com.apple.demo-settings")
+	(preference-domain "com.apple.pairedsync")
+	(preference-domain "com.apple.ids")
+	(preference-domain "com.apple.marco")
+	(preference-domain "com.apple.logging")
+	(preference-domain "com.apple.companionsync")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.conference")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow signal)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.tccd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.tccd.sb.xml
new file mode 100644
index 00000000..14606502
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.tccd.sb.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="signal" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.tzlinkd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.tzlinkd.sb
new file mode 100644
index 00000000..c05eaded
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.tzlinkd.sb
@@ -0,0 +1,140 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal "/dev/random")
+	(subpath "/Developer")
+	(literal "/dev/urandom")
+	(literal "/dev/ptmx")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/System/Library")
+	(literal "/dev/aes_0")
+	(literal "/dev/dtracehelper")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.sandbox.executable")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal "/dev/zero")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(subpath "/usr/share")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(subpath "/private/var/db/timezone")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write-create
+	(literal "/private/var/db/timezone/localtime")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-unlink
+	(literal "/private/var/db/timezone/localtime")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.tzlinkd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.tzlinkd.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.tzlinkd.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.ubd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.ubd.sb
new file mode 100644
index 00000000..ab9d58d6
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.ubd.sb
@@ -0,0 +1,527 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Application Support/Ubiquity/genstore")
+		(extension-class "com.apple.librarian.ubiquity-revision"))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]ubd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]ubd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]ubd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]ubd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]ubd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]ubd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]ubd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]ubd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]ubd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]ubd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]ubd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]ubd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/System/Library")
+	(literal "/dev/urandom")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(subpath-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/Ubiquity")
+	(subpath-prefix "${HOME}/Library/Application Support/Ubiquity")
+	(literal "/")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal "/dev/zero")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ubd.plist")
+	(literal "/dev/ptmx")
+	(literal-prefix "${HOME}/Library/Mobile Documents")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.accountsd.plist")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(subpath "/private/var/db/timezone")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+	(literal-prefix "${HOME}/Library/processed-Mobile Documents.delete")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(literal "/dev/aes_0")
+	(literal-prefix "${HOME}/Library/Logs/awd/awd-ubd.log")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.persistentconnection.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal-prefix "${HOME}/Library/Application Support")
+	(literal-prefix "${HOME}/Library")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(extension "com.apple.sandbox.executable")
+	(subpath "/usr/share")
+	(subpath "/Developer")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+	(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.appleaccount.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+	(literal "/dev/random")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bird.plist")
+	(literal "/dev/dtracehelper")
+	(literal-prefix "${HOME}/Library/Collections")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mmcs.plist")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.mobilegestalt.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/CrashReporter/DiagnosticLogs/ubiquity[.]log" #"^/private/var/mobile/Library/Logs/CrashReporter/DiagnosticLogs/ubiquity.+[.]log" #"^/private/var/euser[0-9]+/Library/Logs/CrashReporter/DiagnosticLogs/ubiquity.*[.]log")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]ubd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]ubd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]ubd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]ubd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]ubd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]ubd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]ubd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]ubd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]ubd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]ubd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]ubd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]ubd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]ubd" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]ubd" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]ubd")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-data
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs")))
+(allow file-read-metadata)
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${HOME}/Library/Collections")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${HOME}/Library/Mobile Documents")
+	(literal-prefix "${HOME}/Library/Logs/awd/awd-ubd.log")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ubd.plist")
+	(literal-prefix "${HOME}/Library/Application Support")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+	(subpath-prefix "${HOME}/Library/Application Support/Ubiquity")
+	(subpath-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/Ubiquity")
+	(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(literal-prefix "${HOME}/Library/processed-Mobile Documents.delete")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mmcs.plist")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/CrashReporter/DiagnosticLogs/ubiquity[.]log" #"^/private/var/mobile/Library/Logs/CrashReporter/DiagnosticLogs/ubiquity.+[.]log" #"^/private/var/euser[0-9]+/Library/Logs/CrashReporter/DiagnosticLogs/ubiquity.*[.]log")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]ubd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]ubd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]ubd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]ubd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]ubd" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]ubd" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]ubd")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]ubd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]ubd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]ubd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]ubd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]ubd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]ubd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]ubd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]ubd$")
+		(subpath-prefix "${HOME}")))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/awd"))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.private.safe-move.send"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Logs/CrashReporter"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(require-any
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches")))))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.absd")
+	(global-name "com.apple.PowerManagement.control")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.powerlog.plxpclogger.xpc")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.FSEvents")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.apsd")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.awdd")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.bird")
+	(global-name "com.apple.absinthed")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.FileCoordination")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.coreservices.appleid.authentication")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.xpcd")
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow network-outbound
+	(require-all
+		(require-not (regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
+		(require-any
+			(literal "/private/var/run/lockdown.sock")
+			(remote tcp "*:*")
+			(literal "/private/var/run/syslog")
+			(literal "/private/var/run/mDNSResponder")
+			(control-name "com.apple.netsrc")
+			(control-name "com.apple.network.statistics"))))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.appleaccount")
+	(preference-domain "com.apple.persistentconnection")
+	(preference-domain "com.apple.ubd")
+	(preference-domain "com.apple.accountsd")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.bird")
+	(preference-domain "com.apple.mmcs")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.ubd")
+	(preference-domain "com.apple.mmcs"))
+(allow process-exec*
+	(literal "/System/Library/PrivateFrameworks/Ubiquity.framework/Versions/A/Support/ubd"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl*)
+(allow sysctl-read)
+(allow sysctl-write)
+(allow system-fsctl
+	(fsctl-command (_IO "h" 24))
+	(fsctl-command (_IO "h" 30)))
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.ubd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.ubd.sb.xml
new file mode 100644
index 00000000..f9ff07cc
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/com.apple.ubd.sb.xml
@@ -0,0 +1,43 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="file-read-metadata" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl*" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="sysctl-write" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/container.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/container.sb
new file mode 100644
index 00000000..8e41b0f9
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/container.sb
@@ -0,0 +1,3520 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(extension-class "com.apple.quicklook.readonly")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")
+			(extension "com.apple.security.exception.files.absolute-path.read-write")))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(extension "com.apple.librarian.ubiquity-container")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Caches/sharedCaches/com.apple.iTunesStore.NSURLCache")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(require-all
+				(subpath "/private/var/containers/Data/System/com.apple.ondemandd/Library/AssetPacks")
+				(extension "com.apple.odr-assets"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/OnDemandResources/AssetPacks")
+				(extension "com.apple.odr-assets"))))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Mail")
+		(extension-class "com.apple.mediaserverd.read")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(subpath-prefix "${HOME}/Media/Books")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(subpath-prefix "${HOME}/Library/Mail")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(extension "com.apple.librarian.ubiquity-container")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(subpath "/private/var/MobileAsset")
+		(extension "com.apple.assets.read")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Mail")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-write")
+				(require-entitlement "com.apple.private.signing-identifier"
+					(entitlement-value "com.apple.mobilemail")))
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-write")
+				(require-entitlement "com.apple.private.signing-identifier"
+					(entitlement-value "com.apple.mobilemail")))))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(require-all
+				(extension "com.apple.sandbox.container")
+				(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.container")
+				(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/iTunesArtwork$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/iTunesArtwork$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(require-all
+				(subpath-prefix "${HOME}/Library/Caches/sharedCaches/com.apple.Radio.RadioRequestURLCache")
+				(require-entitlement "com.apple.private.signing-identifier"
+					(entitlement-value "com.apple.Music")))
+			(require-all
+				(subpath-prefix "${HOME}/Library/Caches/sharedCaches/com.apple.Radio.RadioImageCache")
+				(require-entitlement "com.apple.private.signing-identifier"
+					(entitlement-value "com.apple.Music")))))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.application-group")
+		(regex #"^/private/var/mobile/Containers/Shared/AppGroup/[-0-9A-Z]+/" #"^/private/var/mobile/Containers/Shared/AppGroup/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Containers/Shared/AppGroup/[-0-9A-Z]+/" #"^/private/var/euser[0-9]+/Containers/Shared/AppGroup/[-0-9A-Z]+$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Caches/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Caches$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Caches/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Caches$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(require-any
+			(require-all
+				(subpath-prefix "${HOME}/Library/Caches/sharedCaches/com.apple.Radio.RadioImageCache")
+				(require-entitlement "com.apple.private.signing-identifier"
+					(entitlement-value "com.apple.Music")))
+			(require-all
+				(subpath-prefix "${HOME}/Library/Caches/sharedCaches/com.apple.Radio.RadioRequestURLCache")
+				(require-entitlement "com.apple.private.signing-identifier"
+					(entitlement-value "com.apple.Music")))))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(subpath-prefix "${HOME}/Media")
+		(extension "com.apple.avasset.read-only")
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.application-group")
+		(regex #"^/private/var/mobile/Containers/Shared/AppGroup/[-0-9A-Z]+/" #"^/private/var/euser[0-9]+/Containers/Shared/AppGroup/[-0-9A-Z]+/")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(subpath-prefix "${HOME}/Library/ReplayKit")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.ReplayKit.RPVideoEditorExtension")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Mail")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Cookies")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(require-any
+				(entitlement-value "com.apple.mobilesafari")
+				(entitlement-value "com.apple.webbookmarksd")
+				(entitlement-value "com.apple.safarifetcherd")
+				(entitlement-value "com.apple.Safari.SocialHelper"))))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(subpath-prefix "${HOME}/Library/Caches/sharedCaches/com.apple.iTunesStore.NSURLCache")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.application-group")
+		(regex #"^/private/var/mobile/Containers/Shared/AppGroup/[-0-9A-Z]+/" #"^/private/var/euser[0-9]+/Containers/Shared/AppGroup/[-0-9A-Z]+/")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-only")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-only")
+				(extension "com.apple.tcc.kTCCServicePhotos"))))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(require-all
+				(subpath-prefix "${HOME}/Library/Caches/sharedCaches/com.apple.Radio.RadioRequestURLCache")
+				(require-entitlement "com.apple.private.signing-identifier"
+					(entitlement-value "com.apple.Music")))
+			(require-all
+				(subpath-prefix "${HOME}/Library/Caches/sharedCaches/com.apple.Radio.RadioImageCache")
+				(require-entitlement "com.apple.private.signing-identifier"
+					(entitlement-value "com.apple.Music")))))
+	(require-all
+		(subpath-prefix "${HOME}/Media/Podcasts")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-write")
+				(require-entitlement "com.apple.private.signing-identifier"
+					(entitlement-value "com.apple.mobilemail")))
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-only")
+				(require-entitlement "com.apple.private.signing-identifier"
+					(entitlement-value "com.apple.mobilemail")))
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-only")
+				(require-entitlement "com.apple.private.signing-identifier"
+					(entitlement-value "com.apple.mobilemail")))
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-write")
+				(require-entitlement "com.apple.private.signing-identifier"
+					(entitlement-value "com.apple.mobilemail")))))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(require-all
+				(subpath "/private/var/containers/Data/System/com.apple.ondemandd/Library/AssetPacks")
+				(extension "com.apple.odr-assets"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/OnDemandResources/AssetPacks")
+				(extension "com.apple.odr-assets"))))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Caches/sharedCaches/com.apple.iTunesStore.NSURLCache")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.application-group")
+		(regex #"^/private/var/mobile/Containers/Shared/AppGroup/[-0-9A-Z]+/" #"^/private/var/euser[0-9]+/Containers/Shared/AppGroup/[-0-9A-Z]+/")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Assets")
+		(extension "com.apple.assets.read")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Cookies")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(require-any
+				(entitlement-value "com.apple.mobilesafari")
+				(entitlement-value "com.apple.webbookmarksd")
+				(entitlement-value "com.apple.safarifetcherd")
+				(entitlement-value "com.apple.Safari.SocialHelper"))))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.application-group")
+		(regex #"^/private/var/mobile/Containers/Shared/AppGroup/[-0-9A-Z]+/" #"^/private/var/euser[0-9]+/Containers/Shared/AppGroup/[-0-9A-Z]+/")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Media/DCIM")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(require-any
+				(entitlement-value "com.apple.mobilesafari")
+				(entitlement-value "com.apple.webapp"))))
+	(require-all
+		(subpath-prefix "${HOME}/Media/Purchases")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.application-group")
+		(regex #"^/private/var/mobile/Containers/Shared/AppGroup/[-0-9A-Z]+/" #"^/private/var/mobile/Containers/Shared/AppGroup/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Containers/Shared/AppGroup/[-0-9A-Z]+/" #"^/private/var/euser[0-9]+/Containers/Shared/AppGroup/[-0-9A-Z]+$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.application-group")
+		(regex #"^/private/var/mobile/Containers/Shared/AppGroup/[-0-9A-Z]+/" #"^/private/var/euser[0-9]+/Containers/Shared/AppGroup/[-0-9A-Z]+/")
+		(subpath-prefix "${HOME}")))
+(allow file-map-executable)
+(allow file-read*
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+	(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+	(subpath "/System/Library")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(subpath "/Developer")
+	(subpath "/usr/share")
+	(subpath "/usr/lib")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/private/var/db/timezone")
+	(extension "com.apple.sandbox.executable")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(subpath-prefix "${HOME}/Library/Caches/sharedCaches/com.apple.iTunesStore.NSURLCache")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.system.get-wallpaper")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))))
+	(require-all
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb-shm")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]mobilemail" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]mobilemail" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]mobilemail")
+		(subpath-prefix "${FRONT_USER_HOME}")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(subpath-prefix "${HOME}/Media/Books")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))))
+	(require-all
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/iTunesArtwork$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/iTunesArtwork$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${HOME}/Library/SpringBoard/OriginalLockVideo.mov")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.system.get-wallpaper")))
+	(require-all
+		(literal-prefix "${HOME}/Library/SpringBoard/HomeBackground.cpbitmap")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.system.get-wallpaper")))
+	(require-all
+		(literal-prefix "${HOME}/Library/Caches/com.apple.storeservices/AppPurchaseHistory.6.sqlitedb-journal")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.ios.StoreKitUIService")))
+	(require-all
+		(subpath-prefix "${HOME}/Media")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(subpath-prefix "${HOME}/Media/Safari")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilesafari")))
+	(require-all
+		(literal-prefix "${HOME}/Library/SpringBoard/OriginalHomeVideo.mov")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.system.get-wallpaper")))
+	(require-all
+		(literal "/private/var/preferences/SystemConfiguration/com.apple.wifi.plist")
+		(require-entitlement "platform-application"))
+	(require-all
+		(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(literal-prefix "${HOME}/Library/Cookies")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.container2")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb-shm")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))))
+	(require-all
+		(literal-prefix "${HOME}/Library/Caches/com.apple.storeservices")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.ios.StoreKitUIService")))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.AOSNotification.launchd")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(require-any
+				(entitlement-value "com.apple.mobilesafari")
+				(entitlement-value "com.apple.webbookmarksd")
+				(entitlement-value "com.apple.safarifetcherd")
+				(entitlement-value "com.apple.Safari.SocialHelper"))))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Cookies")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(require-any
+				(entitlement-value "com.apple.mobilesafari")
+				(entitlement-value "com.apple.webbookmarksd")
+				(entitlement-value "com.apple.safarifetcherd")
+				(entitlement-value "com.apple.Safari.SocialHelper"))))
+	(require-all
+		(subpath-prefix "${HOME}/Media/DCIM")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(require-any
+				(entitlement-value "com.apple.mobilesafari")
+				(entitlement-value "com.apple.webapp"))))
+	(require-all
+		(subpath-prefix "${HOME}/Library/SMS")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Maps")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Calendar")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(subpath "/Library/Application Support/Mail/Plugins")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb-wal")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilesafari")))
+	(require-all
+		(literal-prefix "${HOME}/Media/iTunes_Control/iTunes")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))
+			(require-entitlement "com.apple.container2")))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "platform-application"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/DataAccess")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(literal-prefix "${HOME}/Library/SpringBoard/LockBackgroundThumbnail.jpg")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.system.get-wallpaper")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoMail$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoMail/" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/PairedSyncServiceRestrictions$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/PairedSyncServiceRestrictions/" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/(NanoMail|PairedSyncServiceRestrictions)$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/(NanoMail|PairedSyncServiceRestrictions)/")
+		(subpath-prefix "${HOME}")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.container2")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/CloudConfigurationDetails.plist$" #"^/private/var/mobile/Library/UserConfigurationProfiles/CloudConfigurationDetails.plist$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/CloudConfigurationDetails.plist$")
+		(subpath-prefix "${FRONT_USER_HOME}")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(require-any
+				(entitlement-value "com.apple.Maps")
+				(entitlement-value "com.apple.SafariViewService")
+				(entitlement-value "com.apple.mobilesafari")
+				(entitlement-value "com.apple.webapp"))))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Caches/DataAccess")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(subpath-prefix "${HOME}/Media/Purchases")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.container2")))
+	(require-all
+		(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb-journal")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(vnode-type SYMLINK)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))))
+	(require-all
+		(subpath-prefix "${HOME}/Media/iTunes_Control/Ringtones")
+		(require-entitlement "com.apple.media.ringtones.read-write"))
+	(require-all
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${HOME}/Library/SpringBoard/LockVideo.mov")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.system.get-wallpaper")))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(literal-prefix "${HOME}/Library/Caches/com.apple.storeservices/AppPurchaseHistory.6.sqlitedb-shm")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.ios.StoreKitUIService")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles$" #"^/private/var/mobile/Library/ConfigurationProfiles/" #"^/private/var/mobile/Library/UserConfigurationProfiles$" #"^/private/var/mobile/Library/UserConfigurationProfiles/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/")
+		(subpath-prefix "${FRONT_USER_HOME}")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(vnode-type DIRECTORY)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/WebClips")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(require-any
+				(entitlement-value "com.apple.mobilesafari")
+				(entitlement-value "com.apple.webapp"))))
+	(require-all
+		(literal-prefix "${HOME}/Library/SpringBoard/HomeBackgroundThumbnail.jpg")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.system.get-wallpaper")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb-wal")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Caches/com.apple.storeservices/AppPurchaseHistory.6.sqlitedb")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.ios.StoreKitUIService")))
+	(require-all
+		(vnode-type SYMLINK)
+		(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+		(extension "com.apple.revisiond.revision"))
+	(require-all
+		(literal-prefix "${HOME}/Library/SpringBoard/.LockBackground.cpbitmap")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.system.get-wallpaper")))
+	(require-all
+		(regex #"^/private/var/containers/Bundle/[^/]+/[-0-9A-Z]+/GeoJSON")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Maps")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Safari")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(require-any
+				(entitlement-value "com.apple.mobilesafari")
+				(entitlement-value "com.apple.webbookmarksd")
+				(entitlement-value "com.apple.mobilemail")
+				(entitlement-value "com.apple.mobilenotes")
+				(entitlement-value "com.apple.safarifetcherd")
+				(entitlement-value "com.apple.Safari.SocialHelper"))))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.dataaccess.launchd")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-any
+			(require-entitlement "com.apple.media.ringtones.read-only")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilemail"))))
+	(require-all
+		(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-journal")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))
+			(require-entitlement "com.apple.container2")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Carrier Bundles")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilemail"))
+			(require-entitlement "com.apple.security.exception.carrier-bundle.read")))
+	(require-all
+		(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/Ringtones.plist")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilemail"))
+			(require-entitlement "com.apple.media.ringtones.read-only")))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Maps")))
+	(require-all
+		(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(literal "/System/Library/PairedSyncServices/com.apple.pairedsync.mail.plist")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Application Support/CloudDocs/session/r")
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.clouddocs.version"))
+	(require-all
+		(literal-prefix "${HOME}/Library/SpringBoard/LockBackground.cpbitmap")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.system.get-wallpaper")))
+	(require-all
+		(literal-prefix "${HOME}/Library/Caches/com.apple.storeservices/AppPurchaseHistory.6.sqlitedb-wal")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.ios.StoreKitUIService")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Logs/Mail")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-shm")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))))
+	(require-all
+		(subpath-prefix "${HOME}/Media/iTunes_Control")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))))
+	(require-all
+		(literal-prefix "${HOME}/Library/Cookies")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(subpath-prefix "${HOME}/Media/Podcasts")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.container2")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Application Support/Ubiquity/genstore")
+		(extension "com.apple.librarian.ubiquity-revision"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.system.set-alert-tone"))
+	(require-all
+		(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/Ringtones.plist")
+		(require-entitlement "com.apple.media.ringtones.read-write"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Mail")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-wal")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Notes")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(require-any
+				(entitlement-value "com.apple.mobilemail")
+				(entitlement-value "com.apple.mobilenotes"))))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.stocks.watchkitextension")))
+	(require-all
+		(literal-prefix "${HOME}/Library/SpringBoard/.HomeBackground.cpbitmap")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.system.get-wallpaper")))
+	(require-all
+		(subpath-prefix "${HOME}/Media/Purchases")
+		(require-entitlement "com.apple.media.ringtones.read-write"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Caches/sharedCaches/com.apple.Radio.RadioRequestURLCache")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Music")))
+	(require-all
+		(require-not (regex #"^/private/var/mobile/Library/Preferences/com.apple.apsalerts.plist" #"^/private/var/euser[0-9]+/Library/Preferences/com.apple.apsalerts.plist"))
+		(require-any
+			(subpath "/AppleInternal")
+			(subpath "/Applications")
+			(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+			(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+			(subpath-prefix "${HOME}/Media/iTunes_Control/iTunes")
+			(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+			(subpath-prefix "${HOME}/Media/iTunes_Control/Artwork")
+			(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+			(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+			(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+			(require-all
+				(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.application-group")
+				(regex #"^/private/var/mobile/Containers/Shared/AppGroup/[-0-9A-Z]+/" #"^/private/var/euser[0-9]+/Containers/Shared/AppGroup/[-0-9A-Z]+/")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(require-not (literal-prefix "${HOME}/Library/Caches/GeoServices/tguid.bin"))
+				(require-any
+					(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+					(subpath-prefix "${FRONT_USER_HOME}/Library/Caches/GeoServices")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+					(literal "/private/var/preferences/SystemConfiguration/com.apple.facebook.plist")
+					(literal-prefix "${HOME}/Media/Vibrations/UserGeneratedVibrationPatterns.plist")
+					(subpath "/private/var/containers/Data/System/com.apple.geod")
+					(literal "/private/var/preferences/SystemConfiguration/com.apple.radios.plist")
+					(subpath "/Library/Ringtones")
+					(extension "com.apple.app-sandbox.read")
+					(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+					(literal "/private/var/preferences/SystemConfiguration/com.apple.linkedin.plist")
+					(subpath-prefix "${HOME}/Library/Caches/com.apple.UIStatusBar")
+					(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+					(subpath-prefix "${HOME}/Library/Fonts")
+					(literal-prefix "${HOME}/Library/Caches/com.apple.itunesstored/url-resolution.plist")
+					(literal-prefix "${HOME}/Library/Caches/DateFormats.plist")
+					(extension "com.apple.app-sandbox.read-write")
+					(literal-prefix "${HOME}/Library/Caches/Checkpoint.plist")
+					(subpath-prefix "${HOME}/Library/VoiceServices/Assets")
+					(subpath "/Library/Dictionaries")
+					(subpath-prefix "${HOME}/Library/Dictionaries")
+					(subpath-prefix "${HOME}/Library/Assets/com_apple_MobileAsset_VoiceServicesVocalizerVoice")
+					(literal "/private/var/preferences/com.apple.networkd.plist")
+					(literal "/private/var/preferences/com.apple.security.plist")
+					(subpath-prefix "${HOME}/Library/Caches/com.apple.IconsCache")
+					(literal "/com.apple.xpc.launchd.bootstrap.plist")
+					(literal "/private/var/preferences/SystemConfiguration/com.apple.sinaweibo.plist")
+					(subpath-prefix "${HOME}/Library/Caches/com.apple.keyboards")
+					(literal-prefix "${HOME}/Library/Keyboard/LocalDictionary")
+					(literal "/private/var/preferences/SystemConfiguration/com.apple.accounts.exists.plist")
+					(literal "/private/var/preferences/SystemConfiguration/com.apple.twitter.plist")
+					(require-all
+						(subpath-prefix "${HOME}/Library/Mobile Documents")
+						(require-any
+							(extension "com.apple.librarian.ubiquity-container")
+							(require-entitlement "com.apple.private.librarian.container-proxy")))
+					(require-all
+						(subpath-prefix "${HOME}/Library/Application Support/Ubiquity/genstore")
+						(extension "com.apple.librarian.ubiquity-revision"))
+					(require-all
+						(vnode-type REGULAR-FILE)
+						(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+						(extension "com.apple.revisiond.revision"))
+					(require-all
+						(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(subpath-prefix "${HOME}/Library/OnDemandResources/AssetPacks")
+						(extension "com.apple.odr-assets"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/[.]GlobalPreferences$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/[.]GlobalPreferences$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(subpath-prefix "${HOME}/Library/Application Support/CloudDocs/session/r")
+						(vnode-type REGULAR-FILE)
+						(extension "com.apple.clouddocs.version"))
+					(require-all
+						(literal-prefix "${HOME}/Media/PhotoData/syncInfo.plist")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite-journal")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(subpath "/private/var/containers/Data/System/com.apple.ondemandd/Library/AssetPacks")
+						(extension "com.apple.odr-assets"))
+					(require-all
+						(subpath-prefix "${HOME}/Media")
+						(extension "com.apple.avasset.read-only")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite-shm")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(vnode-type SYMLINK)
+						(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+						(extension "com.apple.revisiond.revision"))
+					(require-all
+						(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]ToneLibrary$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]ToneLibrary$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite-wal")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(vnode-type SYMLINK)
+						(subpath "/private/var/.DocumentRevisions-V100/staging")
+						(extension "com.apple.revisiond.staging"))
+					(require-all
+						(subpath-prefix "${HOME}/Media/PhotoData/Sync/FaceAlbumThumbnails")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(subpath-prefix "${HOME}/Media/PhotoData/Metadata")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(require-not (subpath-prefix "${HOME}/Library/FairPlay"))
+						(require-not (literal "/usr/sbin/fairplayd"))
+						(require-not (subpath-prefix "${HOME}/Media"))
+						(require-any
+							(literal "/dev/random")
+							(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+							(literal "/dev/null")
+							(literal "/dev/urandom")
+							(literal "/dev/ptmx")
+							(literal "/dev/zero")
+							(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+							(literal "/dev/aes_0")
+							(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+							(literal "/dev/dtracehelper")
+							(require-all
+								(extension "com.apple.sandbox.system-group")
+								(require-any
+									(require-entitlement "com.apple.security.system-groups")
+									(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+									(require-entitlement "com.apple.security.system-group-containers")
+									(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+							(require-all
+								(vnode-type TTY)
+								(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+							(require-all
+								(extension "com.apple.sandbox.system-container")
+								(require-entitlement "com.apple.security.system-container"))
+							(require-all
+								(vnode-type BLOCK-DEVICE)
+								(vnode-type CHARACTER-DEVICE)
+								(require-any
+									(literal "/private/etc/hosts")
+									(literal "/private/etc/group")
+									(literal "/private/etc/passwd")
+									(literal "/")
+									(literal "/private/etc/protocols")
+									(literal "/private/etc/services")
+									(require-all
+										(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+										(require-entitlement "com.apple.coreduetd.people"))
+									(require-all
+										(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+										(require-entitlement "com.apple.coreduetd.people"))
+									(require-all
+										(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+										(require-entitlement "com.apple.coreduetd.people"))
+									(require-all
+										(literal-prefix "${HOME}/Library/CoreDuet/People")
+										(require-entitlement "com.apple.coreduetd.people"))
+									(require-all
+										(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+										(require-entitlement "com.apple.coreduetd.people"))))
+							(require-all
+								(extension "com.apple.sandbox.system-container")
+								(require-entitlement "com.apple.security.system-container"))
+							(require-all
+								(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+								(subpath-prefix "${FRONT_USER_HOME}"))
+							(require-all
+								(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+								(require-entitlement "com.apple.bulletinboard.dataprovider"))
+							(require-all
+								(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+								(extension "com.apple.sandbox.pty"))
+							(require-all
+								(extension "com.apple.sandbox.system-group")
+								(require-any
+									(require-entitlement "com.apple.security.system-groups")
+									(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+									(require-entitlement "com.apple.security.system-group-containers")
+									(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))))
+					(require-all
+						(vnode-type DIRECTORY)
+						(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+						(extension "com.apple.revisiond.revision"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/GameKit/Data/[^/]+.gcdata$" #"^/private/var/euser[0-9]+/Library/GameKit/Data/[^/]+.gcdata$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(subpath-prefix "${HOME}/Media/PhotoData/Thumbnails")
+						(extension "com.apple.tcc.kTCCServicePhotos"))
+					(require-all
+						(vnode-type REGULAR-FILE)
+						(subpath "/private/var/.DocumentRevisions-V100/staging")
+						(extension "com.apple.revisiond.staging"))
+					(require-all
+						(subpath "/private/var/MobileAsset")
+						(extension "com.apple.assets.read"))
+					(require-all
+						(subpath-prefix "${HOME}/Library/Assets")
+						(extension "com.apple.assets.read"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(subpath "/private/var/.DocumentRevisions-V100/staging")
+						(extension "com.apple.revisiond.staging"))))
+			(require-all
+				(extension "com.apple.sandbox.application-group")
+				(regex #"^/private/var/mobile/Containers/Shared/AppGroup/[-0-9A-Z]+/" #"^/private/var/mobile/Containers/Shared/AppGroup/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Containers/Shared/AppGroup/[-0-9A-Z]+/" #"^/private/var/euser[0-9]+/Containers/Shared/AppGroup/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+				(extension "com.apple.tcc.kTCCServiceAddressBook"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/AddressBook")
+				(extension "com.apple.tcc.kTCCServiceAddressBook"))))
+	(require-all
+		(literal-prefix "${HOME}/Library/Caches/com.apple.notes.objectcreation.lock")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(require-any
+				(entitlement-value "com.apple.mobilemail")
+				(entitlement-value "com.apple.mobilenotes"))))
+	(require-all
+		(literal-prefix "${HOME}/Library/SpringBoard/HomeVideo.mov")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.system.get-wallpaper")))
+	(require-all
+		(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb-journal")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))))
+	(require-all
+		(subpath-prefix "${HOME}/Media/iTunes_Control/Ringtones")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilemail"))
+			(require-entitlement "com.apple.media.ringtones.read-only")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]stocks[.]bridge$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]stocks[.]bridge$")
+		(subpath-prefix "${HOME}")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.stocks.watchkitextension")))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.container2")))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+		(extension "com.apple.revisiond.revision"))
+	(require-all
+		(literal "/private/var/preferences/SystemConfiguration/com.apple.AutoWake.plist")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.iCloudDriveApp")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Preferences/com.apple.restrictionspassword.plist" #"^/private/var/euser[0-9]+/Library/Preferences/com.apple.restrictionspassword.plist")
+		(subpath-prefix "${HOME}")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.WebContentFilter.remoteUI.WebContentAnalysisUI")))
+	(require-all
+		(literal-prefix "${HOME}/Library/Caches/com.apple.notes.sharedstore.lock")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(require-any
+				(entitlement-value "com.apple.mobilemail")
+				(entitlement-value "com.apple.mobilenotes"))))
+	(require-all
+		(subpath-prefix "${HOME}/Media/iTunes_Control/iTunes")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoMaps$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoMaps/" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoMaps$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoMaps/")
+		(subpath-prefix "${HOME}")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Maps")))
+	(require-all
+		(literal "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/CloudConfigurationDetails.plist")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(require-any
+				(entitlement-value "com.apple.Maps")
+				(entitlement-value "com.apple.SafariViewService")
+				(entitlement-value "com.apple.mobilesafari")
+				(entitlement-value "com.apple.webapp"))))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]NanoMail" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]NanoMail")
+		(subpath-prefix "${HOME}")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(subpath-prefix "${HOME}/Media/Purchases")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilemail"))
+			(require-entitlement "com.apple.media.ringtones.read-only")))
+	(require-all
+		(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))
+			(require-entitlement "com.apple.container2")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Caches/sharedCaches/com.apple.Radio.RadioImageCache")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Music")))
+	(require-all
+		(vnode-type DIRECTORY)
+		(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+		(extension "com.apple.revisiond.revision")))
+(allow file-read-data
+	(require-all
+		(regex #"^/private/var/mobile/Library/ExternalAccessory/ea[.0-9]+$" #"^/private/var/euser[0-9]+/Library/ExternalAccessory/ea[.0-9]+$")
+		(subpath-prefix "${FRONT_USER_HOME}")))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library")
+	(literal "/private/var")
+	(literal-prefix "${HOME}/Library/PPTDevice")
+	(literal "/private/var/run/printd")
+	(literal "/private/var/run/syslog")
+	(literal-prefix "${HOME}/Library/GameKit/Data")
+	(literal-prefix "${HOME}/Media")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles")
+	(vnode-type DIRECTORY)
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.DictionaryServices")
+	(literal-prefix "${HOME}/Library/Mobile Documents")
+	(literal-prefix "${HOME}/Library/DeviceRegistry")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal-prefix "${HOME}")
+	(vnode-type SYMLINK)
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Maps")))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.stocks.watchkitextension")))
+	(require-all
+		(literal-prefix "${HOME}/Library/com.apple.iTunesStore")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "platform-application"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilesafari")))
+	(require-all
+		(literal-prefix "${HOME}/Library/Caches/com.apple.storeservices")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.ios.StoreKitUIService")))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-any
+			(require-entitlement "com.apple.media.ringtones.read-only")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilemail"))))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.system.set-alert-tone"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "platform-application"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Caches/sharedCaches")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Music")))
+	(require-all
+		(literal-prefix "${HOME}/Media/PhotoData")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches/com.apple.storeservices")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.ios.StoreKitUIService")))
+	(require-all
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/iTunesMetadata[.]plist$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/iTunesMetadata[.]plist$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Caches")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(require-any
+				(entitlement-value "com.apple.mobilemail")
+				(entitlement-value "com.apple.mobilenotes"))))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.system.set-alert-tone"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Maps")))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.iCloudDriveApp")))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilesafari")))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.system.get-wallpaper")))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches/sharedCaches")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Music")))
+	(require-all
+		(literal-prefix "${HOME}/Media/PhotoData/Thumbnails")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(require-any
+				(entitlement-value "com.apple.mobilesafari")
+				(entitlement-value "com.apple.webbookmarksd")
+				(entitlement-value "com.apple.safarifetcherd")
+				(entitlement-value "com.apple.Safari.SocialHelper"))))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(require-any
+				(entitlement-value "com.apple.mobilesafari")
+				(entitlement-value "com.apple.webbookmarksd")
+				(entitlement-value "com.apple.safarifetcherd")
+				(entitlement-value "com.apple.Safari.SocialHelper"))))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(literal-prefix "${HOME}/Library/com.apple.iTunesStore/LocalStorage")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+				(require-entitlement "com.apple.private.signing-identifier"
+					(entitlement-value "com.apple.mobilemail")))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")
+				(require-entitlement "com.apple.private.signing-identifier"
+					(entitlement-value "com.apple.mobilemail")))))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(literal-prefix "${HOME}/Library/Caches/sharedCaches")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-any
+			(require-entitlement "com.apple.media.ringtones.read-only")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilemail"))))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches/com.apple.DictionaryServices"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.system.get-wallpaper")))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.container2")))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(require-any
+				(entitlement-value "com.apple.mobilemail")
+				(entitlement-value "com.apple.mobilenotes"))))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.stocks.watchkitextension")))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches/sharedCaches")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.container2")))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.iCloudDriveApp")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(require-all
+				(literal-prefix "${HOME}/Library/com.apple.iTunesStore/LocalStorage")
+				(require-any
+					(require-entitlement "com.apple.container2")
+					(require-entitlement "com.apple.private.signing-identifier"
+						(entitlement-value "com.apple.mobilesafari"))
+					(require-entitlement "com.apple.private.signing-identifier"
+						(require-any
+							(entitlement-value "com.apple.iBooks")
+							(entitlement-value "com.apple.itunesu")))))
+			(require-all
+				(literal-prefix "${HOME}/Library/com.apple.iTunesStore")
+				(require-any
+					(require-entitlement "com.apple.container2")
+					(require-entitlement "com.apple.private.signing-identifier"
+						(entitlement-value "com.apple.mobilesafari"))
+					(require-entitlement "com.apple.private.signing-identifier"
+						(require-any
+							(entitlement-value "com.apple.iBooks")
+							(entitlement-value "com.apple.itunesu")))))))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.container2"))))
+(allow file-write*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.container2")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Caches/sharedCaches/com.apple.iTunesStore.NSURLCache")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.container2")))
+	(require-all
+		(literal-prefix "${HOME}/Media/iTunes_Control/iTunes")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))))
+	(require-all
+		(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/Ringtones.plist")
+		(require-entitlement "com.apple.media.ringtones.read-write"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))))
+	(require-all
+		(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb-shm")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(subpath-prefix "${HOME}/Media/Books")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.youtube.dp.plist")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilesafari")))
+	(require-all
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Caches/com.apple.storeservices/AppPurchaseHistory.6.sqlitedb-journal")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.ios.StoreKitUIService")))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.OTASyncState.plist")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(literal-prefix "${HOME}/Library/Cookies")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))))
+	(require-all
+		(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb-shm")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))))
+	(require-all
+		(subpath-prefix "${HOME}/Media/Purchases")
+		(require-entitlement "com.apple.media.ringtones.read-write"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]mobilemail" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]mobilemail" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]mobilemail")
+		(subpath-prefix "${FRONT_USER_HOME}")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb-journal")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))
+			(require-entitlement "com.apple.container2")))
+	(require-all
+		(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-journal")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mail.composition.plist")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(literal-prefix "${HOME}/Library/Cookies")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Caches/sharedCaches/com.apple.Radio.RadioRequestURLCache")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Music")))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(subpath-prefix "${HOME}/Media/iTunes_Control/iTunes")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Caches/com.apple.notes.sharedstore.lock")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(require-any
+				(entitlement-value "com.apple.mobilemail")
+				(entitlement-value "com.apple.mobilenotes"))))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoMaps$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoMaps/" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoMaps$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoMaps/")
+		(subpath-prefix "${HOME}")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Maps")))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))))
+	(require-all
+		(literal-prefix "${HOME}/Library/Caches/com.apple.notes.objectcreation.lock")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(require-any
+				(entitlement-value "com.apple.mobilemail")
+				(entitlement-value "com.apple.mobilenotes"))))
+	(require-all
+		(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-wal")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))))
+	(require-all
+		(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb-journal")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.internal.Voltaire.plist")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Maps")))
+	(require-all
+		(extension "com.apple.sandbox.application-group")
+		(regex #"^/private/var/mobile/Containers/Shared/AppGroup/[-0-9A-Z]+/" #"^/private/var/euser[0-9]+/Containers/Shared/AppGroup/[-0-9A-Z]+/")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Logs/Mail")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(subpath-prefix "${HOME}/Media/iTunes_Control/Ringtones")
+		(require-entitlement "com.apple.media.ringtones.read-write"))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.springboard.plist"))
+		(require-not (literal-prefix "${HOME}/Library/Caches/GeoServices/tguid.bin"))
+		(require-not (literal-prefix "${HOME}/Library/Caches/DateFormats.plist"))
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.EmojiPreferences.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Preferences.plist")
+			(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.public.plist")
+			(subpath-prefix "${HOME}/Library/Caches/com.apple.keyboards")
+			(literal-prefix "${HOME}/Library/Keyboard/LocalDictionary")
+			(extension "com.apple.app-sandbox.read-write")
+			(require-all
+				(subpath-prefix "${HOME}/Library/Mobile Documents")
+				(require-any
+					(extension "com.apple.librarian.ubiquity-container")
+					(require-entitlement "com.apple.private.librarian.container-proxy")))
+			(require-all
+				(subpath-prefix "${HOME}/Media")
+				(require-any
+					(require-all
+						(extension "com.apple.sandbox.system-group")
+						(require-any
+							(require-entitlement "com.apple.security.system-group-containers")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+							(require-entitlement "com.apple.security.system-groups")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+					(require-all
+						(extension "com.apple.sandbox.system-container")
+						(require-entitlement "com.apple.security.system-container"))
+					(require-all
+						(vnode-type BLOCK-DEVICE)
+						(vnode-type CHARACTER-DEVICE)
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+						(require-entitlement "com.apple.coreduetd.people"))))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(vnode-type SYMLINK)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.OTASyncAgent.plist")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Media/iTunes_Control/iTunes")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))))
+	(require-all
+		(subpath-prefix "${HOME}/Library/WebClips")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(require-any
+				(entitlement-value "com.apple.mobilesafari")
+				(entitlement-value "com.apple.webapp"))))
+	(require-all
+		(subpath-prefix "${HOME}/Library/AddressBook")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoMailKit.plist")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Maps")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Notes")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(require-any
+				(entitlement-value "com.apple.mobilemail")
+				(entitlement-value "com.apple.mobilenotes"))))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Preferences/com.apple.restrictionspassword.plist" #"^/private/var/euser[0-9]+/Library/Preferences/com.apple.restrictionspassword.plist")
+		(subpath-prefix "${HOME}")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.WebContentFilter.remoteUI.WebContentAnalysisUI")))
+	(require-all
+		(vnode-type DIRECTORY)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoMail$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoMail/" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/PairedSyncServiceRestrictions$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/PairedSyncServiceRestrictions/" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/(NanoMail|PairedSyncServiceRestrictions)$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/(NanoMail|PairedSyncServiceRestrictions)/")
+		(subpath-prefix "${HOME}")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MailAccount-ExtProperties.plist")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.skyhookwireless.wps.plist")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Maps")))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.springboard.plist")
+		(require-entitlement "com.apple.system.set-alert-tone"))
+	(require-all
+		(regex #"^/private/var/containers/Bundle/[^/]+/[-0-9A-Z]+/GeoJSON")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Maps")))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.cloud.quota.plist")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Cookies")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(require-any
+				(entitlement-value "com.apple.mobilesafari")
+				(entitlement-value "com.apple.webbookmarksd")
+				(entitlement-value "com.apple.safarifetcherd")
+				(entitlement-value "com.apple.Safari.SocialHelper"))))
+	(require-all
+		(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb-wal")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.cloud.quota.plist")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.iCloudDriveApp")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Safari")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(require-any
+				(entitlement-value "com.apple.mobilesafari")
+				(entitlement-value "com.apple.webbookmarksd")
+				(entitlement-value "com.apple.mobilemail")
+				(entitlement-value "com.apple.mobilenotes")
+				(entitlement-value "com.apple.safarifetcherd")
+				(entitlement-value "com.apple.Safari.SocialHelper"))))
+	(require-all
+		(subpath-prefix "${HOME}/Library/SMS")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Maps")))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Cookies")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Mail")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Calendar")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Caches/sharedCaches/com.apple.Radio.RadioImageCache")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Music")))
+	(require-all
+		(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))))
+	(require-all
+		(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb-wal")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))))
+	(require-all
+		(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-shm")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.plist")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Maps")))
+	(require-all
+		(subpath-prefix "${HOME}/Media/iTunes_Control")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GMM.plist")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Maps")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/DataAccess")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Cookies")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(vnode-type SYMLINK)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]NanoMail" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]NanoMail")
+		(subpath-prefix "${HOME}")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail"))))
+(allow file-write-create
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches/com.apple.storeservices")
+				(require-entitlement "com.apple.private.signing-identifier"
+					(entitlement-value "com.apple.ios.StoreKitUIService")))
+			(require-all
+				(vnode-type DIRECTORY)
+				(require-any
+					(require-all
+						(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+						(require-entitlement "com.apple.private.signing-identifier"
+							(entitlement-value "com.apple.mobilemail")))
+					(require-all
+						(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")
+						(require-entitlement "com.apple.private.signing-identifier"
+							(entitlement-value "com.apple.mobilemail")))))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches")
+				(require-entitlement "com.apple.private.signing-identifier"
+					(require-any
+						(entitlement-value "com.apple.mobilemail")
+						(entitlement-value "com.apple.mobilenotes"))))
+			(require-all
+				(vnode-type DIRECTORY)
+				(require-any
+					(require-all
+						(literal-prefix "${HOME}/Library/com.apple.iTunesStore")
+						(require-any
+							(require-entitlement "com.apple.private.signing-identifier"
+								(require-any
+									(entitlement-value "com.apple.iBooks")
+									(entitlement-value "com.apple.itunesu")))
+							(require-entitlement "com.apple.container2")
+							(require-entitlement "com.apple.private.signing-identifier"
+								(entitlement-value "com.apple.mobilesafari"))))
+					(require-all
+						(literal-prefix "${HOME}/Library/com.apple.iTunesStore/LocalStorage")
+						(require-any
+							(require-entitlement "com.apple.private.signing-identifier"
+								(require-any
+									(entitlement-value "com.apple.iBooks")
+									(entitlement-value "com.apple.itunesu")))
+							(require-entitlement "com.apple.container2")
+							(require-entitlement "com.apple.private.signing-identifier"
+								(entitlement-value "com.apple.mobilesafari"))))))
+			(require-all
+				(literal-prefix "${HOME}/Library/Preferences/com.apple.AOSNotification.launchd")
+				(require-entitlement "com.apple.private.signing-identifier"
+					(entitlement-value "com.apple.mobilemail")))
+			(require-all
+				(literal-prefix "${HOME}/Library/Preferences/com.apple.dataaccess.launchd")
+				(require-entitlement "com.apple.private.signing-identifier"
+					(entitlement-value "com.apple.mobilemail")))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches/sharedCaches")
+				(require-entitlement "com.apple.private.signing-identifier"
+					(entitlement-value "com.apple.Music")))
+			(require-all
+				(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.Accessibility.plist"))
+				(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.UIKit.plist"))
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.private.safe-move.send"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches/sharedCaches")
+				(require-any
+					(require-entitlement "com.apple.private.signing-identifier"
+						(require-any
+							(entitlement-value "com.apple.iBooks")
+							(entitlement-value "com.apple.itunesu")))
+					(require-entitlement "com.apple.container2")))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches/com.apple.DictionaryServices"))))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}")))))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.container2")))
+	(require-all
+		(literal-prefix "${HOME}/Library/Caches/com.apple.storeservices/AppPurchaseHistory.6.sqlitedb")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.ios.StoreKitUIService")))
+	(require-all
+		(literal-prefix "${HOME}/Library/Cookies/com.apple.itunesstored.2.sqlitedb")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ExternalAccessory/ea[.0-9]+$" #"^/private/var/euser[0-9]+/Library/ExternalAccessory/ea[.0-9]+$")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(subpath-prefix "${HOME}/Media/Podcasts")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.container2")))
+	(require-all
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/Inbox/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/Inbox$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/Inbox/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/Inbox$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.dataaccess.launchd")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.AOSNotification.launchd")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(subpath-prefix "${HOME}/Media/Purchases")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.container2"))))
+(allow iokit-open
+	(extension "com.apple.security.exception.iokit-user-client-class")
+	(iokit-user-client-class "IOHIDLibUserClient")
+	(iokit-user-client-class "IOSurfaceSendRight")
+	(iokit-user-client-class "IOAccelSharedUserClient2")
+	(iokit-user-client-class "IOAccelDevice2")
+	(iokit-user-client-class "IOAccelContext2")
+	(iokit-user-client-class "IOSurfaceAcceleratorClient")
+	(iokit-user-client-class "IOMobileFramebufferUserClient")
+	(iokit-user-client-class "AppleKeyStoreUserClient")
+	(iokit-user-client-class "IOAccelContext")
+	(iokit-user-client-class "IOAccelDevice")
+	(iokit-user-client-class "AppleJPEGDriverUserClient")
+	(iokit-user-client-class "IOAccelSharedUserClient")
+	(iokit-user-client-class "IOSurfaceRootUserClient")
+	(iokit-user-client-class "IOAccelSubmitter2")
+	(require-all
+		(iokit-user-client-class "RootDomainUserClient")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(iokit-user-client-class "com_apple_driver_FairPlayIOKitUserClient")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.container2"))))
+(allow iokit-get-properties
+	(iokit-property "compass-calibration")
+	(iokit-property "gyro-interrupt-calibration")
+	(require-not (iokit-property-regex #"-mac-address" #"mac-address-" #".+-mac-address" #".+mac-address-"))
+	(require-entitlement "com.apple.system.get-hardware-identifiers")
+	(require-entitlement "fairplay-client")
+	(require-not (require-entitlement "com.apple.private.MobileGestalt.AllowedProtectedKeys"))
+	(require-entitlement "com.apple.wifi.manager-access"))
+(allow ipc-posix-sem
+	(semaphore-owner self)
+	(extension "com.apple.sandbox.application-group"))
+(allow ipc-posix-shm*
+	(ipc-posix-name-regex #"^stack-logs")
+	(ipc-posix-name-regex #"^OA-")
+	(extension "com.apple.sandbox.application-group")
+	(ipc-posix-name-regex #"^/FSM-"))
+(allow ipc-posix-shm-read*
+	(ipc-posix-name-regex #"^gdt-[0-9A-Za-z]+-c$" #"^gdt-[0-9A-Za-z]+-s$")
+	(ipc-posix-name-regex #"^apple[.]shm[.]cfprefsd[.]")
+	(ipc-posix-name "apple.shm.notification_center")
+	(ipc-posix-name-regex #"^Apple MIDI in [0-9]+$" #"^Apple MIDI out [0-9]+$")
+	(require-all
+		(ipc-posix-name-regex #"^AppleABL[.]." #"^AppleABL[.].+")
+		(require-entitlement "inter-app-audio")))
+(allow ipc-posix-shm-write-create
+	(ipc-posix-name-regex #"^/mono[.][0-9]+$"))
+(allow ipc-posix-shm-write-data
+	(ipc-posix-name-regex #"^gdt-[0-9A-Za-z]+-c$" #"^gdt-[0-9A-Za-z]+-s$")
+	(ipc-posix-name-regex #"^Apple MIDI in [0-9]+$" #"^Apple MIDI out [0-9]+$")
+	(require-all
+		(ipc-posix-name-regex #"^AppleABL[.]." #"^AppleABL[.].+")
+		(require-entitlement "inter-app-audio")))
+(allow ipc-posix-shm-write-unlink
+	(ipc-posix-name-regex #"^gdt-[0-9A-Za-z]+-c$" #"^gdt-[0-9A-Za-z]+-s$"))
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.telephonyutilities.callservicesdaemon.voip")
+	(global-name "com.apple.mediaserverd")
+	(global-name "com.apple.backboard.animation-fence-arbiter")
+	(global-name "com.apple.MediaRemote.daemon")
+	(global-name "com.apple.imagent.embedded.auth")
+	(global-name "com.apple.appleprofilepolicyd")
+	(global-name "com.apple.audio.AURemoteIOServer")
+	(global-name "com.apple.PowerManagement.control")
+	(global-name "com.apple.imavagent.embedded.auth")
+	(global-name "PurpleSystemAppPort")
+	(global-name "com.apple.UIKit.KeyboardManagement.hosted")
+	(global-name "com.apple.iTunesStore.daemon")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.calaccessd.xpc")
+	(global-name "com.apple.watchconnectivity.complication")
+	(global-name "com.apple.cmfsyncagent.embedded.auth")
+	(global-name "com.apple.mobileipod.MPMusicPlayerMigServerExists")
+	(global-name "com.apple.iapd")
+	(global-name "com.apple.coremedia.videoqueue")
+	(global-name "com.apple.FSEvents")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.airplaydiagnostics.server")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.AdSheetPhone.server")
+	(global-name "com.apple.telephonyutilities.callservicesdaemon.callcapabilities")
+	(global-name "com.apple.gamed")
+	(global-name "com.apple.ExternalAccessory.distributednotification.server")
+	(global-name "com.apple.CoreAuthentication.daemon")
+	(global-name "com.apple.coremedia.wirelessdisplayserver")
+	(global-name "com.apple.TextInput")
+	(global-name "com.apple.mobileipod.MPMusicPlayerMigServer")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.locationd.synchronous")
+	(global-name "com.apple.cloudd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.accountsd.oauthsigner")
+	(global-name "com.apple.PersistentURLTranslator.Gatekeeper")
+	(global-name "com.apple.wifi.manager")
+	(global-name "com.apple.commcenter.dm-helper")
+	(global-name "com.apple.notificationcenter.widgetcontrollerconnection")
+	(global-name "com.apple.videoconference.camera")
+	(global-name "com.apple.wcd")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.accessibility.gax.backboard")
+	(global-name "com.apple.cvmsServ")
+	(global-name "com.apple.ProgressReporting")
+	(global-name "com.apple.voiceservices.keepalive")
+	(global-name "com.apple.Music.MPMusicPlayerControllerInternal")
+	(global-name "com.apple.bird")
+	(global-name "com.apple.pegasus")
+	(global-name "com.apple.assertiond.expiration")
+	(global-name "com.apple.coremedia.asset")
+	(global-name "com.apple.FileCoordination")
+	(global-name "com.apple.coremedia.recorder")
+	(global-name "com.apple.wapi.client")
+	(global-name "com.apple.sharingd.nsxpc")
+	(global-name "com.apple.iaptransportd")
+	(global-name "com.apple.coreservices.appleid.authentication")
+	(global-name "com.apple.FileProvider")
+	(global-name "com.apple.midiserver.io")
+	(global-name "com.apple.Music.MPMusicPlayerMigServerExists")
+	(global-name "com.apple.awdd")
+	(global-name "com.apple.springboard.blockableservices")
+	(global-name "com.apple.mobilecheckpoint.checkpointd")
+	(global-name "com.apple.nano.nanoregistry.paireddeviceregistry")
+	(global-name "com.apple.UIKit.KeyboardManagement")
+	(global-name "com.apple.telephonyutilities.remotelogdaemon")
+	(global-name "com.apple.homed.xpc")
+	(global-name "com.apple.server.bluetooth.le.pipe.xpc")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.diagnosticd")
+	(global-name-regex #"^com[.]apple[.]uikit[.]viewservice[.].+")
+	(global-name "com.apple.marco")
+	(global-name "com.apple.nanoprefsync")
+	(global-name "com.apple.cvmsCompAgent_armv7")
+	(global-name "com.apple.Music.MPMusicPlayerMigServer")
+	(global-name "com.apple.certui.relay")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.weibod.server")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.server.bluetooth.le.att.xpc")
+	(global-name "com.apple.webfilterd")
+	(global-name "com.apple.gizmoappd")
+	(global-name "com.apple.passd.assertions")
+	(global-name "com.apple.backboard.watchdog")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.ABDatabaseDoctor")
+	(global-name "com.apple.ReportCrash")
+	(global-name "com.apple.atc")
+	(extension "com.apple.sandbox.application-group")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.locationd.registration")
+	(global-name "com.apple.dataaccess.dataaccessd")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.backboard.workspaceserverconnection")
+	(global-name "com.apple.scrod")
+	(global-name "com.apple.syncdefaultsd")
+	(global-name "com.apple.SBUserNotification")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.usernotification.notificationregistrar")
+	(global-name "com.apple.TextInput.rdt")
+	(global-name "com.apple.coremedia.mutablecomposition")
+	(global-name "com.apple.MobileInternetSharing")
+	(global-name "com.apple.testmanagerd")
+	(global-name "com.apple.frontboard.systemappservices")
+	(global-name "com.apple.calaccessd")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.nanomaps.xpc.GeoServices")
+	(global-name "com.apple.mobile.installd")
+	(global-name "com.apple.assetsd.notificationServer")
+	(global-name "com.apple.audio.AudioQueueServer")
+	(global-name "com.apple.mediaremoted.xpc")
+	(global-name "com.apple.coremedia.decompressionsession")
+	(global-name "com.apple.MobileFileIntegrity")
+	(global-name "com.apple.coremedia.videocompositor")
+	(global-name "com.apple.twitterd.server")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.dictationd.recognition")
+	(global-name "com.apple.prdaily")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.coremedia.endpoint.xpc")
+	(global-name "com.apple.iaptransportd.xpc")
+	(global-name "com.apple.mediastream.sharing")
+	(global-name "com.apple.audio.AudioConverterServer")
+	(global-name "com.apple.mobileassetd")
+	(global-name "com.apple.springboard.watchdogserver")
+	(global-name "com.apple.frontboard.workspace")
+	(global-name "com.apple.pluginkit.pkd")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.accountsd.authmanager")
+	(global-name "com.apple.audio.AudioUnitServer")
+	(global-name "com.apple.usernotification.notificationscheduler")
+	(global-name "com.apple.pairedsyncd.syncstate")
+	(global-name "com.apple.AdSheetPad.server")
+	(global-name "com.apple.ondemandd.client")
+	(global-name "com.apple.dataaccess.dataaccessd.active")
+	(global-name "com.apple.ReportCrash.StackShot")
+	(global-name "com.apple.mDNSResponder")
+	(global-name "com.apple.corerecents.recentsd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.itunescloudd.xpc")
+	(global-name "com.apple.springboard.remotenotifications")
+	(global-name "PurpleSystemEventPort")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.fairplayd.versioned")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.UIKit.statusbarserver")
+	(global-name "com.apple.audio.AudioFileServer")
+	(global-name "com.apple.networking.captivenetworksupport")
+	(global-name "com.apple.iap2d.distributednotification.server")
+	(global-name "UIASTNotificationCenter")
+	(global-name "com.apple.spotlight.IndexAgent")
+	(global-name "com.apple.fig.movie")
+	(global-name "com.apple.iapauthd.xpc")
+	(global-name "com.apple.assetsd.changehub")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.coremedia.formatreader")
+	(global-name "com.apple.springboard.icongeneration")
+	(global-name "com.apple.itunesstored.xpc")
+	(global-name "PurplePPTServer")
+	(global-name "com.apple.librariand")
+	(global-name "com.apple.assertiond.extension")
+	(global-name "com.apple.springboard.services")
+	(global-name "com.apple.TextInput.lexicon-server")
+	(global-name "com.apple.mobilemail.services.xpc")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.accessibility.AXBackBoardServer")
+	(global-name "com.apple.MediaRemote.nowplayingserver")
+	(global-name "com.apple.midiserver")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.videoconference.avconference")
+	(global-name "com.apple.iap2d.xpc")
+	(global-name "com.apple.assetsd.messagingServer")
+	(global-name "com.apple.NPKCompanionAgent.library")
+	(global-name "com.apple.managedconfiguration.mdmdpush-prod")
+	(global-name "com.apple.coremedia.cpeprotector")
+	(global-name "com.apple.MobileAccessoryUpdater")
+	(global-name "com.apple.iap2d")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.coremedia.sandboxserver")
+	(global-name "com.apple.itdbprep.server")
+	(global-name "com.apple.assistant.dictation")
+	(global-name "com.apple.healthd.server")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.coremedia.capturesource")
+	(global-name "com.apple.springboard")
+	(global-name "com.apple.springboard.backgroundappservices")
+	(global-name "com.apple.airplay.sender.xpc")
+	(global-name "com.apple.coremedia.wirelessdisplay")
+	(global-name "com.apple.uikit.GestureServer")
+	(global-name "com.apple.gamecenter")
+	(global-name "com.apple.fairplayd")
+	(global-name "com.apple.coremedia.admin")
+	(global-name "com.apple.gpumemd.source")
+	(global-name "com.apple.iapd.distributednotification.server")
+	(global-name "com.apple.mediastream.sharing-nowake")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.bird.token")
+	(global-name "com.apple.datamigrator.dz")
+	(global-name "com.apple.managedconfiguration.mdmdpush-dev")
+	(global-name "com.apple.coremedia.compressionsession")
+	(global-name "com.apple.accountsd.accessmanager")
+	(global-name "com.apple.server.bluetooth")
+	(global-name "com.apple.safarifetcherd")
+	(global-name "com.apple.vibrationmanagerd")
+	(global-name "com.apple.iohideventsystem")
+	(global-name "com.apple.distributed_notifications@0v3")
+	(global-name "com.apple.VoiceOverTouch")
+	(global-name "com.apple.managedconfiguration.mdmdservice")
+	(global-name "com.apple.locationd.spi")
+	(global-name "com.apple.mobile.softwareupdated")
+	(global-name "com.apple.coremedia.audioprocessingtap")
+	(global-name "com.apple.iTunesStore.daemon.notifications.public")
+	(global-name "com.apple.iphone.axserver-systemwide")
+	(global-name "com.apple.vsassetd")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.gamed.note")
+	(global-name "com.apple.WebBookmarks.webbookmarksd")
+	(global-name "com.apple.sharingd")
+	(global-name "com.apple.quicklook.ThumbnailsAgent")
+	(global-name "com.apple.iapd.xpc")
+	(global-name "com.apple.medialibraryd.xpc")
+	(global-name "com.apple.audio.AudioSession")
+	(global-name "com.apple.iTunesStore.daemon.deatchwatch")
+	(global-name "com.apple.springboard.alerts")
+	(global-name "com.apple.passd.library")
+	(local-name-regex #"^com[.]apple[.]assistant[.]contextprovider[.]")
+	(global-name "com.apple.backboard.checkin")
+	(global-name "ScripterServer")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.coremedia.audiodeviceclock")
+	(global-name "com.apple.clouddbd")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.MediaRemote.isrunning")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.assetsd.keepDaemonAlive")
+	(global-name "com.apple.powerlog.plxpclogger.xpc")
+	(global-name "com.apple.MediaControl.daemon")
+	(global-name "com.apple.iTunesStore.daemon-notifications")
+	(global-name "com.apple.springboard.UIKit.migserver")
+	(global-name "com.apple.iTunesStore.daemon.public")
+	(global-name "com.apple.instruments.server.mig")
+	(global-name "com.apple.ReportCrash.SafetyNet")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.healthd.restriction")
+	(global-name "com.apple.coremedia.capturesession")
+	(global-name "com.apple.iaptransportd.ExternalAccessory.distributednotification.server")
+	(global-name "com.apple.iap2d.ExternalAccessory.distributednotification.server")
+	(global-name "com.apple.mobileipod.MPMusicPlayerControllerInternal")
+	(global-name "com.apple.coresymbolicationd")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.mDNSResponderHelper")
+	(global-name "com.apple.GameController.gamecontrollerd")
+	(global-name "com.apple.sandboxd")
+	(global-name "com.apple.VoiceOverTouch.xpc")
+	(global-name "com.apple.apsd")
+	(global-name "com.apple.CARenderServer")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.ReportCrash.Jetsam")
+	(global-name "com.apple.coremedia.assetimagegenerator")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.backboard.hid.services")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.revisiond")
+	(global-name "com.apple.geod")
+	(global-name "com.apple.backboard.TouchDeliveryPolicyServer")
+	(global-name "com.apple.ait.client")
+	(global-name "com.apple.coremedia.cpe")
+	(global-name "com.apple.commcenter.mobile-helper")
+	(global-name "com.apple.bypassBasebandAutoBooter.msgport")
+	(global-name "com.apple.webinspector")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.passd.in-app-payment")
+	(global-name "com.apple.identityservicesd.idquery.embedded.auth")
+	(global-name "com.apple.ReportCrash.DirectoryService")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.voiceservices.tts")
+	(global-name "com.apple.backboard.display.services")
+	(global-name "com.apple.audio.SystemSoundServer-iOS")
+	(global-name "com.apple.springboard.processinvalidation")
+	(global-name "com.apple.iapauthd")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.coremedia.remaker")
+	(global-name "com.apple.TextInput.shortcuts")
+	(global-name "com.apple.UIKit.pasteboardd")
+	(require-all
+		(global-name "com.apple.mediaserverd")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.rtcreportingd")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilesafari")))
+	(require-all
+		(global-name "com.apple.mobilemail")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(global-name "com.apple.siri.vocabularyupdates")
+		(require-entitlement "com.apple.siri.synapse"))
+	(require-all
+		(global-name "com.apple.parsec.subscriptionservice.internal")
+		(require-entitlement "com.apple.private.subscriptionservice.internal"))
+	(require-all
+		(global-name "com.apple.coremedia.capturesource")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.endpoint.xpc")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.remaker")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(global-name "com.apple.bulletinboard.observerconnection")
+		(require-entitlement "com.apple.bulletinboard.observer"))
+	(require-all
+		(global-name "com.apple.pegasus")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(global-name "com.apple.coremedia.sandboxserver")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.FileCoordination")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.identityservicesd.embedded.auth")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(global-name "com.apple.itunescloudd.xpc")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))))
+	(require-all
+		(global-name "com.apple.mobile.keybagd.UserManager.xpc")
+		(require-entitlement "platform-application"))
+	(require-all
+		(global-name "com.apple.coremedia.recorder")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(global-name "com.apple.coremedia.videocompositor")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(global-name "com.apple.assistant.analytics")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Maps")))
+	(require-all
+		(global-name "com.apple.lskdd")
+		(require-entitlement "platform-application"))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "com.apple.authkit.client.internal")))
+	(require-all
+		(global-name "com.apple.adid")
+		(require-entitlement "adi-client"
+			(entitlement-value-regex #".+")))
+	(require-all
+		(global-name "com.apple.coreduetd")
+		(require-entitlement "com.apple.coreduetd.allow"))
+	(require-all
+		(global-name "com.apple.coremedia.assetimagegenerator")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.cache_delete")
+		(require-any
+			(require-entitlement "com.apple.mobile.deleted.AllowFreeSpace")
+			(require-entitlement "com.apple.private.CacheDelete")))
+	(require-all
+		(global-name "com.apple.mediaserverd")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(global-name "com.apple.coremedia.endpoint.xpc")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(global-name "com.apple.fig.movie")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.sandboxserver")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(global-name "com.apple.bulletinboard.utilitiesconnection")
+		(require-entitlement "com.apple.bulletinboard.utilities"))
+	(require-all
+		(global-name "com.apple.backupd")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(global-name "com.apple.coreduetd")
+		(require-entitlement "platform-application"))
+	(require-all
+		(global-name "com.apple.nanoprefsync")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.stocks.watchkitextension")))
+	(require-all
+		(global-name "com.apple.parsec.subscriptionservice")
+		(require-entitlement "com.apple.smoot.subscriptionservice"))
+	(require-all
+		(global-name "com.apple.Maps.SpringBoard")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Maps")))
+	(require-all
+		(global-name "com.apple.springboard.backgroundappservices")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(global-name "com.apple.coremedia.asset")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(local-name "com.apple.iphone.axserver")
+		(require-entitlement "com.apple.accessibility.api"))
+	(require-all
+		(global-name "com.apple.absd")
+		(require-entitlement "abs-client"
+			(entitlement-value-regex #".+")))
+	(require-all
+		(global-name "com.apple.suggestd.events")
+		(require-entitlement "com.apple.private.suggestions"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.mobilestoredemod")
+		(require-entitlement "com.apple.private.mobilestoredemo.enabledemo"))
+	(require-all
+		(global-name "com.apple.coremedia.admin")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(global-name "com.apple.bulletinboard.settingsconnection")
+		(require-entitlement "com.apple.bulletinboard.settings"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.coremedia.capturesession")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(global-name "com.apple.pegasus")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.springboard.backgroundappservices")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.capturesource")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(global-name "com.apple.harvestd.manager")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(global-name "com.apple.icfcallserver")
+		(require-entitlement "com.apple.private.icfcallserver"))
+	(require-all
+		(global-name "com.apple.familycircle.agent")
+		(require-entitlement "com.apple.private.familycircle"))
+	(require-all
+		(global-name "com.apple.bulletinboard.systemstateconnection")
+		(require-entitlement "com.apple.bulletinboard.systemstate"))
+	(require-all
+		(global-name "com.apple.biometrickitd")
+		(require-entitlement "com.apple.private.bmk.allow"))
+	(require-all
+		(global-name "com.apple.coremedia.asset")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.nanomaps.xpc.Maps")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Maps")))
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "com.apple.authkit.client.internal")))
+	(require-all
+		(global-name "com.apple.safarifetcherd")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilesafari")))
+	(require-all
+		(global-name "com.apple.absd")
+		(require-entitlement "absinthe-client"
+			(entitlement-value-regex #".+")))
+	(require-all
+		(global-name "com.apple.routined.registration")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Maps")))
+	(require-all
+		(global-name "com.apple.coremedia.assetimagegenerator")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(global-name "com.apple.routined.registration")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(global-name "com.apple.suggestd.mail")
+		(require-entitlement "com.apple.private.suggestions"))
+	(require-all
+		(global-name "com.apple.AOSNotification")
+		(require-entitlement "com.apple.aosnotification.aosnotifyd-access"))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(global-name "com.apple.coremedia.recorder")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.allow"))
+	(require-all
+		(global-name "com.apple.coremedia.admin")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.suggestd.contacts")
+		(require-entitlement "com.apple.private.suggestions"))
+	(require-all
+		(global-name "com.apple.mobilesafari-settings")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.WebSheet")))
+	(require-all
+		(global-name "com.apple.absinthed")
+		(require-entitlement "absinthe-client"
+			(entitlement-value-regex #".+")))
+	(require-all
+		(global-name "com.apple.coremedia.capturesession")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.itunescloudd.xpc")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(global-name "com.apple.medialibraryd.xpc")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))))
+	(require-all
+		(global-name "com.apple.spotlight.SearchAgent")
+		(require-entitlement "com.apple.spotlight.search"))
+	(require-all
+		(global-name "com.apple.audio.AudioSession")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.videocompositor")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.FileCoordination")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.stocks.watchkitextension")))
+	(require-all
+		(global-name "com.apple.managedconfiguration.profiled")
+		(require-entitlement "com.apple.managedconfiguration.profiled-access"))
+	(require-all
+		(global-name "com.apple.nanoprefsync")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(global-name "com.apple.itunescloudd.xpc")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.fig.movie")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(global-name "com.apple.springboard.statusbarservices")
+		(require-entitlement "com.apple.springboard.statusbarstyleoverrides"))
+	(require-all
+		(global-name "com.apple.suggestd.suggestionmanager")
+		(require-entitlement "com.apple.private.suggestions"))
+	(require-all
+		(global-name "com.apple.coremedia.remaker")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.suggestd.spotlight")
+		(require-entitlement "com.apple.private.suggestions"))
+	(require-all
+		(global-name "com.apple.unfreed")
+		(require-entitlement "platform-application"))
+	(require-all
+		(global-name "com.apple.Maps.mapspushd")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Maps")))
+	(require-all
+		(global-name "com.apple.audio.AudioSession")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(global-name "com.apple.mobile.keybagd.xpc")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.WebContentFilter.remoteUI.WebContentAnalysisUI")))
+	(require-all
+		(global-name "com.apple.bulletindistributord.server")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(global-name "com.apple.replayd")
+		(require-not (process-attribute is-plugin)))
+	(require-all
+		(global-name "com.apple.aps.alertprovider.xpc")
+		(require-entitlement "platform-application"))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(global-name "com.apple.mobile.keybagd.xpc")
+		(require-entitlement "platform-application"))
+	(require-all
+		(global-name "com.apple.icloud.findmydeviced")
+		(require-any
+			(require-entitlement "com.apple.aosnotification.aosnotifyd-access")
+			(require-entitlement "com.apple.icloud.findmydeviced.access")))
+	(require-all
+		(global-name "com.apple.SystemConfiguration.PPPController-priv")
+		(require-entitlement "com.apple.networking.vpn.configuration"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow mach-register
+	(require-all
+		(extension "com.apple.security.exception.mach-register.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(require-not (global-name-regex #"-idswake$" #".+-idswake$"))
+		(require-any
+			(local-name "com.apple.accessibility.gax.client")
+			(local-name-regex #"^com[.]apple[.]assistant[.]contextprovider[.]")
+			(extension "com.apple.sandbox.application-group")
+			(local-name "com.apple.iphone.axserver")
+			(require-all
+				(global-name "com.apple.Music.MPMusicPlayerMigServerExists")
+				(require-entitlement "com.apple.private.signing-identifier"
+					(entitlement-value "com.apple.Music")))
+			(require-all
+				(global-name "com.apple.Music.MPMusicPlayerControllerInternal")
+				(require-entitlement "com.apple.private.signing-identifier"
+					(entitlement-value "com.apple.Music")))))
+	(require-all
+		(extension "com.apple.security.exception.mach-register.global-name")
+		(global-name-regex #".+")))
+(allow network-inbound
+	(local ip "*:*")
+	(require-all
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.application-group")
+		(regex #"^/private/var/mobile/Containers/Shared/AppGroup/[-0-9A-Z]+/" #"^/private/var/euser[0-9]+/Containers/Shared/AppGroup/[-0-9A-Z]+/")
+		(subpath-prefix "${HOME}")))
+(allow network-outbound
+	(require-all
+		(require-not (regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
+		(require-any
+			(require-all
+				(require-not (remote tcp "localhost:22"))
+				(require-not (remote tcp "localhost:23"))
+				(require-not (remote tcp "localhost:873"))
+				(require-not (remote tcp "localhost:62078"))
+				(require-any
+					(literal "/private/var/run/mDNSResponder")
+					(control-name "com.apple.network.statistics")
+					(literal "/private/var/run/printd")
+					(remote ip "*:*")
+					(control-name "com.apple.netsrc")
+					(literal "/private/var/run/syslog")
+					(require-all
+						(regex #"^/private/var/mobile/Library/ExternalAccessory/ea[.0-9]+$" #"^/private/var/euser[0-9]+/Library/ExternalAccessory/ea[.0-9]+$")
+						(subpath-prefix "${FRONT_USER_HOME}"))
+					(require-all
+						(extension "com.apple.sandbox.application-group")
+						(regex #"^/private/var/mobile/Containers/Shared/AppGroup/[-0-9A-Z]+/" #"^/private/var/euser[0-9]+/Containers/Shared/AppGroup/[-0-9A-Z]+/")
+						(subpath-prefix "${HOME}"))))
+			(require-all
+				(extension "com.apple.sandbox.container")
+				(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(literal "/private/var/run/lockdown.sock")
+				(require-entitlement "platform-application")))))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(preference-domain "com.apple.carrier")
+	(preference-domain "com.apple.itunesstored")
+	(preference-domain "com.apple.adtracking")
+	(preference-domain "com.apple.dataaccess.dataaccessd")
+	(preference-domain "com.apple.mobileslideshow")
+	(preference-domain "com.apple.mobile.SyncMigrator")
+	(preference-domain "com.apple.mt")
+	(preference-domain "com.apple.aggregated")
+	(preference-domain "com.apple.gamekit")
+	(preference-domain "com.apple.telephonyutilities.dialassist")
+	(preference-domain "com.apple.mediaaccessibility")
+	(preference-domain "com.apple.VoiceOverTouch")
+	(preference-domain "com.apple.managedconfiguration.janitor")
+	(preference-domain "com.apple.preferences.sounds")
+	(preference-domain "com.apple.da")
+	(preference-domain "com.apple.corevideo")
+	(preference-domain "com.apple.certui")
+	(preference-domain "com.apple.voicemail")
+	(preference-domain "com.apple.preferences-sounds")
+	(preference-domain "com.apple.GMM")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.gamed")
+	(preference-domain "com.apple.youtubeframework")
+	(preference-domain "com.apple.mobilecal.alarmengine")
+	(preference-domain "com.apple.demo-settings")
+	(preference-domain "com.apple.ubd")
+	(preference-domain "com.apple.madrid")
+	(preference-domain "com.apple.softwareupdateservicesd")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.Accessibility")
+	(preference-domain "com.apple.atc")
+	(preference-domain "com.apple.Preferences")
+	(preference-domain "com.apple.locationd")
+	(preference-domain "com.apple.avfoundation")
+	(preference-domain "com.apple.CoreDuet")
+	(preference-domain "com.apple.keyboard")
+	(preference-domain "com.apple.compass")
+	(preference-domain "com.apple.mobileme.fmf.assistant")
+	(preference-domain "itdbprepserver")
+	(preference-domain "com.apple.assistant.support")
+	(preference-domain "com.apple.mms_override")
+	(preference-domain "com.apple.InputModePreferences")
+	(preference-domain "com.apple.mediaremote")
+	(preference-domain ".GlobalPreferences")
+	(preference-domain "com.apple.apsd")
+	(preference-domain "com.apple.Sharing")
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.GEO")
+	(preference-domain "com.apple.persistentconnection")
+	(preference-domain "com.apple.SpeakSelection")
+	(preference-domain "com.apple.LaunchServices")
+	(preference-domain "com.apple.ConfigServer")
+	(preference-domain "com.apple.OTASyncState")
+	(preference-domain "com.apple.NanoRegistry")
+	(preference-domain "com.apple.videos")
+	(preference-domain "com.apple.AOSNotification.public.notbackedup")
+	(preference-domain "com.apple.mobilenotes")
+	(preference-domain "com.apple.XCTest")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.network.eapclient.tls.TrustExceptions")
+	(preference-domain "com.apple.icloud.findmydeviced.public.notbackedup")
+	(preference-domain "com.apple.mmcs")
+	(preference-domain "com.apple.camera")
+	(preference-domain "com.apple.voiceservices")
+	(preference-domain "com.apple.assistant.backedup")
+	(preference-domain "com.apple.WebUI")
+	(preference-domain "com.apple.AdLib")
+	(preference-domain "com.apple.mobilecal")
+	(preference-domain "com.apple.iokit.IOMobileGraphicsFamily")
+	(preference-domain "com.apple.MobileAsset")
+	(preference-domain "com.apple.mobilevpn")
+	(preference-domain "com.apple.iapd")
+	(preference-domain "com.apple.coremedia")
+	(preference-domain "com.apple.mediaaccessibility.public")
+	(preference-domain "com.apple.mobileipod")
+	(preference-domain "com.apple.DataMigration")
+	(preference-domain "com.apple.itdbprep.server")
+	(preference-domain "com.apple.logging")
+	(preference-domain "com.apple.coreanimation")
+	(preference-domain "com.apple.UIKit")
+	(preference-domain "com.apple.imdsmsrecordstore")
+	(preference-domain "com.apple.icloud.findmydeviced.postwipe")
+	(preference-domain "com.apple.EmojiPreferences")
+	(preference-domain "com.apple.coreaudio")
+	(preference-domain "com.apple.marco")
+	(preference-domain "com.apple.MapKit.internal")
+	(preference-domain "com.apple.persistentconnection-mcc")
+	(preference-domain "com.apple.mobiletimer")
+	(preference-domain "com.apple.imessage")
+	(preference-domain "com.apple.nanoprefsyncd")
+	(preference-domain "com.apple.CoreMotion")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.celestial")
+	(preference-domain "com.apple.pairedsync")
+	(preference-domain "com.apple.messagesbadgecontroller")
+	(preference-domain "com.apple.preferences.datetime")
+	(preference-domain "com.apple.iqagent")
+	(preference-domain "mediaremote")
+	(preference-domain "com.apple.MobileAddressBook")
+	(preference-domain "com.apple.nike")
+	(preference-domain "com.apple.imagent")
+	(preference-domain "com.apple.appleaccount")
+	(preference-domain "com.apple.VoiceMemos")
+	(preference-domain "com.apple.preferences.network")
+	(preference-domain "com.apple.twitterd")
+	(preference-domain "com.apple.mobilestoresettings")
+	(require-all
+		(preference-domain "com.apple.internal.Voltaire")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Maps")))
+	(require-all
+		(preference-domain "com.apple.homesharing")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))))
+	(require-all
+		(preference-domain "com.apple.weather")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Maps")))
+	(require-all
+		(preference-domain "com.apple.books")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.container2")))
+	(require-all
+		(preference-domain "com.apple.nanoprefsyncd")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(preference-domain "com.apple.coremedia")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.assistant")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Maps")))
+	(require-all
+		(preference-domain "com.apple.avfoundation")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.AppStore")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(preference-domain "com.apple.NanoMailKit")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Maps")))
+	(require-all
+		(preference-domain "com.apple.itunesstored")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(preference-domain "com.apple.coreaudio")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.corevideo")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(preference-domain "com.apple.springboard")
+		(require-any
+			(require-entitlement "com.apple.system.get-wallpaper")
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))))
+	(require-all
+		(preference-domain "com.apple.itunesstored")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.youtube.dp")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilesafari")))
+	(require-all
+		(preference-domain "com.apple.MobileStore")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(preference-domain "com.apple.DataAccess.BehaviorOptions")
+		(require-entitlement "platform-application"))
+	(require-all
+		(preference-domain "com.apple.coreaudio")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(preference-domain "com.apple.itunesstored")
+		(require-any
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))))
+	(require-all
+		(preference-domain "com.apple.springboard")
+		(require-entitlement "com.apple.system.set-alert-tone"))
+	(require-all
+		(preference-domain "com.apple.mobileipod")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.nanoprefsyncd")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.stocks.watchkitextension")))
+	(require-all
+		(preference-domain "com.apple.demo-settings")
+		(require-entitlement "platform-application"))
+	(require-all
+		(preference-domain "com.skyhookwireless.wps")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Maps")))
+	(require-all
+		(preference-domain "com.apple.cloud.quota")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.iCloudDriveApp")))
+	(require-all
+		(preference-domain "com.apple.cloud.quota")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(preference-domain "com.apple.medialibrary")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))))
+	(require-all
+		(preference-domain "com.apple.GMM")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Maps")))
+	(require-all
+		(preference-domain "com.apple.mobileipod")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))))
+	(require-all
+		(preference-domain "com.apple.OTASyncState")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(preference-domain "com.apple.springboard")
+		(require-any
+			(require-entitlement "com.apple.media.ringtones.read-only")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilemail"))))
+	(require-all
+		(preference-domain "com.apple.MailAccount-ExtProperties")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(preference-domain "com.apple.itunesstored")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(preference-domain "com.apple.WebFoundation")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(require-any
+				(entitlement-value "com.apple.mobilesafari")
+				(entitlement-value "com.apple.webbookmarksd")
+				(entitlement-value "com.apple.Safari.SocialHelper")
+				(entitlement-value "com.apple.safarifetcherd"))))
+	(require-all
+		(preference-domain "com.apple.avfoundation")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(preference-domain "com.apple.mail.composition")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(preference-domain "com.apple.coremedia")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(preference-domain "com.apple.OTASyncAgent")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(preference-domain "com.apple.mobileipod")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(preference-domain "com.apple.corevideo")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.Preferences")
+	(preference-domain "com.apple.EmojiPreferences")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.mediaaccessibility.public")
+	(require-all
+		(preference-domain "com.apple.springboard")
+		(require-entitlement "com.apple.system.set-alert-tone"))
+	(require-all
+		(preference-domain "com.apple.internal.Voltaire")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Maps")))
+	(require-all
+		(preference-domain "com.apple.cloud.quota")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.iCloudDriveApp")))
+	(require-all
+		(preference-domain "com.apple.youtube.dp")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilesafari")))
+	(require-all
+		(preference-domain "com.apple.mail.composition")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(preference-domain "com.apple.OTASyncAgent")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(preference-domain "com.apple.mobileipod")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))
+			(require-entitlement "com.apple.container2")))
+	(require-all
+		(preference-domain "com.apple.GMM")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Maps")))
+	(require-all
+		(preference-domain "com.apple.itunesstored")
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.mobilesafari"))
+			(require-entitlement "com.apple.container2")
+			(require-entitlement "com.apple.private.signing-identifier"
+				(require-any
+					(entitlement-value "com.apple.iBooks")
+					(entitlement-value "com.apple.itunesu")))))
+	(require-all
+		(preference-domain "com.apple.assistant")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Maps")))
+	(require-all
+		(preference-domain "com.apple.NanoMailKit")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Maps")))
+	(require-all
+		(preference-domain "com.apple.MailAccount-ExtProperties")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(preference-domain "com.apple.OTASyncState")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail")))
+	(require-all
+		(preference-domain "com.apple.itunesstored")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(preference-domain "com.skyhookwireless.wps")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.Maps")))
+	(require-all
+		(preference-domain "com.apple.cloud.quota")
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.mobilemail"))))
+(allow process-info-pidinfo
+	(target self)
+	(require-entitlement "com.apple.security.exception.process-info")
+	(require-all
+		(target others)
+		(require-entitlement "com.apple.DiagnosticExtensions.extension")))
+(allow process-info-pidfdinfo
+	(target self)
+	(require-entitlement "com.apple.security.exception.process-info"))
+(allow process-info-setcontrol
+	(target self))
+(allow pseudo-tty)
+(allow signal
+	(target self)
+	(require-all
+		(target others)
+		(require-entitlement "com.apple.DiagnosticExtensions.extension"))
+	(require-all
+		(target others)
+		(require-entitlement "com.apple.private.signing-identifier"
+			(entitlement-value "com.apple.webbookmarksd"))))
+(allow sysctl-read
+	(require-all
+		(sysctl-name-regex #"^kern[.]proc[.]")
+		(require-entitlement "com.apple.security.exception.process-info"))
+	(require-all
+		(require-not (sysctl-name "kern.proc.pid.1"))
+		(require-any
+			(require-not (sysctl-name-regex #"^kern[.]proc[.]"))
+			(require-entitlement "com.apple.DiagnosticExtensions.extension"))))
+(allow system-info
+	(require-all
+		(info-type "net.link.addr")
+		(require-entitlement "fairplay-client")
+		(require-not (require-entitlement "com.apple.private.MobileGestalt.AllowedProtectedKeys"))))
+(allow system-privilege)
+(allow system-socket
+	(socket-domain AF_ROUTE)
+	(require-all
+		(socket-domain AF_SYSTEM)
+		(socket-protocol 2))
+	(require-all
+		(socket-domain 39)
+		(require-any
+			(require-entitlement "com.apple.private.signing-identifier"
+				(entitlement-value "com.apple.Maps"))
+			(require-entitlement "com.apple.network.multipath-tcp"))))
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/container.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/container.sb.xml
new file mode 100644
index 00000000..d3f890fe
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/container.sb.xml
@@ -0,0 +1,29 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/containermanagerd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/containermanagerd.sb
new file mode 100644
index 00000000..1cd194de
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/containermanagerd.sb
@@ -0,0 +1,411 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/root/Library/Caches/com[.]apple[.]containermanagerd/" #"^/private/var/root/Library/Caches/com[.]apple[.]containermanagerd$"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/root/Library/Caches/com[.]apple[.]containermanagerd/" #"^/private/var/root/Library/Caches/com[.]apple[.]containermanagerd$"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/root/Library/Caches/com[.]apple[.]containermanagerd/" #"^/private/var/root/Library/Caches/com[.]apple[.]containermanagerd$"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/System/Library")
+	(subpath "/private/var/mobile/Library/MobileContainerManager")
+	(regex #"^/private/var/mobile/Library/Backup/SystemContainers" #"^/private/var/euser[0-9]+/Library/Backup/SystemContainers")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal "/dev/dtracehelper")
+	(literal "/dev/zero")
+	(subpath "/usr/share")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal "/dev/random")
+	(literal "/private/var/root/Library/Preferences/com.apple.containermanagerd.plist")
+	(literal "/private/var/root/Library/MobileContainerManager.")
+	(regex #"^/private/var/root/Library/Caches/com[.]apple[.]containermanagerd/" #"^/private/var/root/Library/Caches/com[.]apple[.]containermanagerd$")
+	(subpath "/private/var/db/timezone")
+	(literal "/private/var/mobile/Library/MobileContainerManager.")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/dev/urandom")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(subpath "/private/var/installd/Library/Caches")
+	(literal "/private/etc/master.passwd")
+	(extension "com.apple.sandbox.executable")
+	(literal "/dev/ptmx")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(regex #"^/private/var/mobile/Library/Caches/com.apple.containermanagerd" #"^/private/var/euser[0-9]+/Library/Caches/com.apple.containermanagerd")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/private/var/tmp")
+	(subpath "/private/var/mobile/Library/Logs/MobileContainerManager")
+	(subpath "/private/var/root/Library/Logs/MobileContainerManager")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(subpath "/private/var/containers")
+	(literal "/dev/aes_0")
+	(subpath "/private/var/root/Library/MobileContainerManager")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(regex #"^/private/var/mobile/Containers" #"^/private/var/euser[0-9]+/Containers")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]containermanagerd/" #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]containermanagerd$"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]containermanagerd/" #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]containermanagerd$"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal "/private/var/installd/Library")
+			(literal "/private/var/mobile/Library")))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal "/private/var/root/Library/Caches")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal "/private/var/run/syslog")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal "/private/var/root/Library/Caches"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/mobile/Library/Caches/com.apple.containermanagerd" #"^/private/var/euser[0-9]+/Library/Caches/com.apple.containermanagerd")
+	(literal "/private/var/root/Library/MobileContainerManager.")
+	(subpath "/private/var/mobile/Library/MobileContainerManager")
+	(regex #"^/private/var/mobile/Library/Backup/SystemContainers" #"^/private/var/euser[0-9]+/Library/Backup/SystemContainers")
+	(subpath "/private/var/mobile/Library/Logs/MobileContainerManager")
+	(literal "/private/var/root/Library/Preferences/com.apple.containermanagerd.plist")
+	(subpath "/private/var/root/Library/Logs/MobileContainerManager")
+	(subpath "/private/var/containers")
+	(literal "/private/var/mobile/Library/MobileContainerManager.")
+	(subpath "/private/var/root/Library/MobileContainerManager")
+	(subpath "/private/var/installd/Library/Caches")
+	(regex #"^/private/var/root/Library/Caches/com[.]apple[.]containermanagerd/" #"^/private/var/root/Library/Caches/com[.]apple[.]containermanagerd$")
+	(regex #"^/private/var/mobile/Containers" #"^/private/var/euser[0-9]+/Containers")
+	(subpath "/private/var/tmp")
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal "/private/var/installd/Library")
+			(literal "/private/var/mobile/Library")))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]containermanagerd/" #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]containermanagerd$"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]containermanagerd/" #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]containermanagerd$"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal "/private/var/root/Library/Caches"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow ipc-posix-sem
+	(ipc-posix-name "containermanagerd.fb_check"))
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.mobile.keybagd.UserManager.xpc")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.mobile.keybagd.xpc")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.lsd.icons")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/containermanagerd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/containermanagerd.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/containermanagerd.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/coresymbolicationd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/coresymbolicationd.sb
new file mode 100644
index 00000000..8bccf5ee
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/coresymbolicationd.sb
@@ -0,0 +1,170 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal "/dev/random")
+	(subpath "/Developer")
+	(literal "/dev/urandom")
+	(literal "/dev/ptmx")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/System/Library")
+	(literal "/dev/aes_0")
+	(literal "/dev/dtracehelper")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.sandbox.executable")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal "/dev/zero")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(subpath "/usr/share")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(subpath "/private/var/db/timezone")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal "/private/var/root/Library/Caches")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal "/private/var/run/syslog")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal "/private/var/root/Library/Caches"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath "/private/var/root/Library/Caches/com.apple.coresymbolicationd")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/System/Library/Caches/com.apple.coresymbolicationd")
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal "/private/var/root/Library/Caches"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/coresymbolicationd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/coresymbolicationd.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/coresymbolicationd.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/cplogd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/cplogd.sb
new file mode 100644
index 00000000..787a2cf5
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/cplogd.sb
@@ -0,0 +1,173 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal "/dev/random")
+	(subpath-prefix "${HOME}/Library/Logs")
+	(literal "/dev/urandom")
+	(literal "/dev/ptmx")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/System/Library")
+	(literal "/dev/aes_0")
+	(literal "/dev/dtracehelper")
+	(subpath "/private/var/logs/WirelessLibraryLogs")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(subpath "/private/var/logs/MobileLibraryLogs")
+	(extension "com.apple.sandbox.executable")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(subpath "/Developer")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal "/dev/zero")
+	(subpath "/usr/lib")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(subpath "/usr/share")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(subpath "/private/var/db/timezone")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath "/private/var/logs/MobileMediaFactoryLogs")
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-read-metadata)
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath-prefix "${HOME}/Library/Logs")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/private/var/logs/WirelessLibraryLogs")
+	(subpath "/private/var/logs/MobileLibraryLogs")
+	(subpath "/private/var/logs/MobileMediaFactoryLogs")
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-write-create
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/cplogd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/cplogd.sb.xml
new file mode 100644
index 00000000..e8f17749
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/cplogd.sb.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="file-read-metadata" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/dataaccessd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/dataaccessd.sb
new file mode 100644
index 00000000..19b1a642
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/dataaccessd.sb
@@ -0,0 +1,512 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]dataaccess[.]dataaccessd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]dataaccess[.]dataaccessd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]dataaccess[.]dataaccessd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]dataaccess[.]dataaccessd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]dataaccess[.]dataaccessd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]dataaccess[.]dataaccessd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]dataaccess[.]dataaccessd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]dataaccess[.]dataaccessd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]dataaccess[.]dataaccessd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]dataaccess[.]dataaccessd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]dataaccess[.]dataaccessd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]dataaccess[.]dataaccessd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${HOME}/Library/Safari/com.apple.Bookmarks.lock")
+	(literal-prefix "${HOME}/Library/Safari/Bookmarks.db-shm")
+	(literal "/dev/urandom")
+	(subpath-prefix "${HOME}/Library/Logs/DataMigration")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.persistentconnection.plist")
+	(subpath-prefix "${HOME}/Library/Mail")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.public.notbackedup.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+	(literal-prefix "${HOME}/Library/Logs")
+	(subpath "/AppleInternal/Library/Frameworks")
+	(literal "/dev/zero")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AOSNotification.public.notbackedup.plist")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal-prefix "${HOME}/Library/Safari/Bookmarks.db")
+	(literal "/dev/ptmx")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreDuet.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.accountsd.plist")
+	(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.notes.objectcreation.lock")
+	(extension "com.apple.sandbox.executable")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.notes.autoincrement.lock")
+	(subpath "/System/Library")
+	(literal-prefix "${HOME}/Library/Caches")
+	(subpath-prefix "${HOME}/Library/DataAccess")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.postwipe.plist")
+	(subpath "/private/var/db/timezone")
+	(literal-prefix "${HOME}/Library/Safari/Bookmarks.db-journal")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.dataaccess.dataaccessd")
+	(subpath-prefix "${HOME}/Library/Logs/DataAccess")
+	(subpath-prefix "${HOME}/Library/Logs/CrashReporter")
+	(subpath-prefix "${HOME}/Library/Notes")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(subpath-prefix "${HOME}/Library/Preferences")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+	(subpath-prefix "${HOME}/Library/Logs/Message")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.notes.sharedstore.lock")
+	(subpath "/Developer")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+	(literal "/dev/aes_0")
+	(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(literal-prefix "${HOME}/Library/Safari/Bookmarks.db-wal")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.appleaccount.plist")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+	(subpath-prefix "${HOME}/Library/Caches/DataAccess")
+	(literal "/dev/random")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.mobilesafari/ReadingListArchives")
+	(subpath "/private/var/Managed Preferences/mobile")
+	(literal "/dev/dtracehelper")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(subpath-prefix "${HOME}/Library/Logs/ManagedConfiguration")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(subpath-prefix "${HOME}/Library/Calendar")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataMigration.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/dev/null")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(literal-prefix "${HOME}/Library/Safari")
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]dataaccess[.]dataaccessd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]dataaccess[.]dataaccessd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]dataaccess[.]dataaccessd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]dataaccess[.]dataaccessd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles$" #"^/private/var/mobile/Library/ConfigurationProfiles/" #"^/private/var/mobile/Library/UserConfigurationProfiles$" #"^/private/var/mobile/Library/UserConfigurationProfiles/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle$" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/Info[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/Info[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[.]lproj$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[.]lproj$" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[^/]+[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[^/]+[.]lproj$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[^/]+[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[^/]+[.]lproj$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]bundle$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]bundle/Info[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/((.*[.]bundle/|[.]bundle/[^/]+)|.+[.]bundle/[^/]+)[.]lproj/" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/((.*[.]bundle/|[.]bundle/[^/]+)|.+[.]bundle/[^/]+)[.]lproj$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]dataaccess[.]dataaccessd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]dataaccess[.]dataaccessd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]dataaccess[.]dataaccessd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]dataaccess[.]dataaccessd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/AddressBook")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(require-not (vnode-type BLOCK-DEVICE))
+		(require-not (vnode-type CHARACTER-DEVICE))
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(require-not (regex #"^/private/var/mobile/Library/" #"^/private/var/euser[0-9]+/Library/"))
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Cookies/com.apple.dataaccessd.binarycookies" #"^/private/var/mobile/Library/Cookies/com.apple.dataaccessd..+binarycookies" #"^/private/var/euser[0-9]+/Library/Cookies/com.apple.dataaccessd..*binarycookies")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]dataaccess[.]dataaccessd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]dataaccess[.]dataaccessd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]dataaccess[.]dataaccessd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]dataaccess[.]dataaccessd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+		(subpath-prefix "${HOME}")))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal "/private/var/run/syslog")
+	(literal-prefix "${HOME}/Library/Caches")
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath-prefix "${HOME}/Library/Logs/DataMigration")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${HOME}/Library/Safari/com.apple.Bookmarks.lock")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.dataaccess.dataaccessd")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(subpath "/private/var/Managed Preferences/mobile")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+	(subpath-prefix "${HOME}/Library/Logs/DataAccess")
+	(subpath-prefix "${HOME}/Library/Logs/CrashReporter")
+	(subpath-prefix "${HOME}/Library/Notes")
+	(subpath-prefix "${HOME}/Library/Mail")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.notes.sharedstore.lock")
+	(subpath-prefix "${HOME}/Library/Preferences")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+	(subpath-prefix "${HOME}/Library/Logs/Message")
+	(subpath-prefix "${HOME}/Library/Logs/ManagedConfiguration")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.notes.objectcreation.lock")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.notes.autoincrement.lock")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(subpath-prefix "${HOME}/Library/Caches/DataAccess")
+	(literal-prefix "${HOME}/Library/Safari/Bookmarks.db-shm")
+	(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+	(literal-prefix "${HOME}/Library/Safari/Bookmarks.db-wal")
+	(subpath-prefix "${HOME}/Library/DataAccess")
+	(literal-prefix "${HOME}/Library/Safari/Bookmarks.db-journal")
+	(subpath-prefix "${HOME}/Library/Calendar")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${HOME}/Library/Safari/Bookmarks.db")
+	(literal-prefix "${HOME}/Library/Safari")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]dataaccess[.]dataaccessd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]dataaccess[.]dataaccessd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]dataaccess[.]dataaccessd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]dataaccess[.]dataaccessd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]dataaccess[.]dataaccessd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]dataaccess[.]dataaccessd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]dataaccess[.]dataaccessd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]dataaccess[.]dataaccessd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles$" #"^/private/var/mobile/Library/ConfigurationProfiles/" #"^/private/var/mobile/Library/UserConfigurationProfiles$" #"^/private/var/mobile/Library/UserConfigurationProfiles/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]dataaccess[.]dataaccessd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]dataaccess[.]dataaccessd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]dataaccess[.]dataaccessd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]dataaccess[.]dataaccessd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Cookies/com.apple.dataaccessd.binarycookies" #"^/private/var/mobile/Library/Cookies/com.apple.dataaccessd..+binarycookies" #"^/private/var/euser[0-9]+/Library/Cookies/com.apple.dataaccessd..*binarycookies")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Safari"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/AddressBook")
+		(extension "com.apple.tcc.kTCCServiceAddressBook")))
+(allow file-write-create
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.private.safe-move.send"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(require-any
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection"))))))
+(allow file-write-data
+	(literal-prefix "${HOME}/Library/Safari/Bookmarks.db")
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.mobilesafari/ReadingListArchives")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open)
+(allow iokit-set-properties)
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup)
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.appleaccount")
+	(preference-domain "com.apple.icloud.findmydeviced.postwipe")
+	(preference-domain "com.apple.persistentconnection")
+	(preference-domain "com.apple.carrier")
+	(preference-domain "com.apple.accountsd")
+	(preference-domain "com.apple.icloud.findmydeviced.public.notbackedup")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.CoreDuet")
+	(preference-domain "com.apple.AOSNotification.public.notbackedup")
+	(preference-domain "com.apple.DataMigration")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.PeoplePicker"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow signal)
+(allow sysctl-read)
+(allow system-privilege)
+(allow system-sched)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/dataaccessd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/dataaccessd.sb.xml
new file mode 100644
index 00000000..b7536db8
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/dataaccessd.sb.xml
@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-open" action="allow" />
+	<operation name="iokit-set-properties" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="mach-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="signal" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+	<operation name="system-sched" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/debugserver.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/debugserver.sb
new file mode 100644
index 00000000..7f7e9393
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/debugserver.sb
@@ -0,0 +1,166 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/private/var/containers/Bundle")
+	(subpath "/Applications")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal "/dev/dtracehelper")
+	(literal "/dev/zero")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(literal "/dev/random")
+	(subpath "/System/Library")
+	(subpath "/private/var/db/timezone")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/dev/urandom")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(extension "com.apple.sandbox.executable")
+	(literal "/dev/ptmx")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal "/dev/aes_0")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(debug-mode)
+		(require-any
+			(subpath "/AppleInternal/Applications")
+			(subpath "/private/var/mobile/XcodeBuiltProducts")))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(regex #"^/private/var/mobile" #"^/private/var/euser[0-9]+")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow iokit-open)
+(allow iokit-set-properties)
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup)
+(allow mach-priv-task-port)
+(allow network-inbound
+	(local tcp "localhost:*")
+	(remote tcp "localhost:*"))
+(allow network-outbound
+	(require-all
+		(require-not (regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
+		(require-any
+			(regex #"^/private/var/run/lockdown/checkin")
+			(literal "/private/var/run/mDNSResponder")
+			(control-name "com.apple.netsrc")
+			(control-name "com.apple.network.statistics")
+			(literal "/private/var/run/syslog"))))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-exec*
+	(require-all
+		(require-not (subpath-prefix "${FRONT_USER_HOME}/Containers"))
+		(require-not (subpath "/private/var/containers"))
+		(debug-mode)))
+(allow process-fork
+	(debug-mode))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow signal)
+(allow sysctl-read)
+(allow system-debug)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/debugserver.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/debugserver.sb.xml
new file mode 100644
index 00000000..c2f49fe7
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/debugserver.sb.xml
@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-open" action="allow" />
+	<operation name="iokit-set-properties" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="mach-lookup" action="allow" />
+	<operation name="mach-priv-task-port" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="signal" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-debug" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/deleted.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/deleted.sb
new file mode 100644
index 00000000..da7daa3a
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/deleted.sb
@@ -0,0 +1,251 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal "/dev/random")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.cache_delete.plist")
+	(literal "/dev/urandom")
+	(literal "/dev/ptmx")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/System/Library")
+	(literal "/dev/aes_0")
+	(subpath "/AppleInternal/Library/CacheDelete")
+	(literal "/dev/dtracehelper")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.sandbox.executable")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/Developer")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal "/dev/zero")
+	(subpath-prefix "${HOME}/Library/Logs/CacheDelete")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(subpath "/usr/share")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(subpath "/private/var/db/timezone")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(subpath "/private/var/tmp")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath "/AppleInternal/Library/CacheDelete")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.cache_delete.plist")
+	(subpath-prefix "${HOME}/Library/Logs/CacheDelete")
+	(subpath "/private/var/tmp")
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-write-create
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name-regex #"^com[.]apple[.]mobile[.]cache_delete_")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name-regex #"^com[.]apple[.].+cache-delete$")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name-regex #"^com[.]apple[.].+[Cc]ache[Dd]elete$")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.lsd.icons")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.cache_delete")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.cache_delete"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-fsctl
+	(fsctl-command (_IO "h" 24)))
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/deleted.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/deleted.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/deleted.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/duetexpertd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/duetexpertd.sb
new file mode 100644
index 00000000..37135f0e
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/duetexpertd.sb
@@ -0,0 +1,337 @@
+(version 1)
+(deny default)
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileAsset.plist")
+	(subpath "/System/Library")
+	(literal "/dev/urandom")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.public.notbackedup.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal-prefix "${HOME}/Library/Logs/coreduetd.log")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(subpath-prefix "${HOME}/Library/CallHistoryDB")
+	(literal "/dev/zero")
+	(subpath "/usr/share")
+	(literal-prefix "${HOME}/Library/Logs/duetexpertd.log")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreDuet.plist")
+	(subpath-prefix "${HOME}/Library/CoreDuet")
+	(subpath "/usr/libexec")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(subpath-prefix "${HOME}/Library/DuetExpertCenter")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.postwipe.plist")
+	(subpath "/private/var/db/timezone")
+	(literal "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/EffectiveUserSettings.plist")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.spotlightui.plist")
+	(literal "/dev/aes_0")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AOSNotification.public.notbackedup.plist")
+	(extension "com.apple.sandbox.executable")
+	(literal "/dev/ptmx")
+	(subpath "/Developer")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaremote.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.message.plist")
+	(literal "/dev/random")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DuetExpertCenter.AppPredictionExpert.plist")
+	(literal "/dev/dtracehelper")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(subpath-prefix "${HOME}/Library/AddressBook")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.duetexpertd.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataMigration.plist")
+	(subpath-prefix "${HOME}/Library/Logs/CallHistory")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(subpath "/private/var/MobileAsset")
+		(extension "com.apple.assets.read"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/EffectiveUserSettings.plist$" #"^/private/var/mobile/Library/UserConfigurationProfiles/EffectiveUserSettings.plist$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/EffectiveUserSettings.plist$")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/AddressBook")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Assets")
+		(extension "com.apple.assets.read"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(vnode-type DIRECTORY)
+	(literal-prefix "${HOME}/Library/PPTDevice")
+	(vnode-type SYMLINK)
+	(literal "/private/var/run/syslog")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath-prefix "${HOME}/Library/CallHistoryDB")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaremote.plist")
+	(subpath-prefix "${HOME}/Library/CoreDuet")
+	(subpath-prefix "${HOME}/Library/DuetExpertCenter")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DuetExpertCenter.AppPredictionExpert.plist")
+	(literal-prefix "${HOME}/Library/Logs/coreduetd.log")
+	(subpath-prefix "${HOME}/Library/AddressBook")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.duetexpertd.plist")
+	(subpath-prefix "${HOME}/Library/Logs/CallHistory")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${HOME}/Library/Logs/duetexpertd.log")
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/AddressBook")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-write-create
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.mobileassetd")
+	(global-name "com.apple.calaccessd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.cmfsyncagent.embedded.auth")
+	(global-name "com.apple.spotlight.IndexAgent")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.coreduetd.batterysaver")
+	(global-name "com.apple.routined.registration")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.springboard.services")
+	(global-name "com.apple.identityservicesd.idquery.embedded.auth")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.CallHistorySyncHelper")
+	(global-name "com.apple.mediaremoted.xpc")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.imagent.embedded.auth")
+	(global-name "com.apple.marco")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.duet.expertcenter")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.telephonyutilities.callservicesdaemon.callcapabilities")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.ABDatabaseDoctor")
+	(global-name "com.apple.coreduetd.knowledge")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.corerecents.recentsd")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.coreduetd.knowledgebase")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.lsd.icons")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.icloud.findmydeviced.postwipe")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.icloud.findmydeviced.public.notbackedup")
+	(preference-domain "com.apple.DuetExpertCenter.AppPredictionExpert")
+	(preference-domain "com.apple.mediaremote")
+	(preference-domain "com.apple.mobileipod")
+	(preference-domain "com.apple.CoreDuet")
+	(preference-domain "com.apple.AOSNotification.public.notbackedup")
+	(preference-domain "com.apple.message")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.DataMigration")
+	(preference-domain "com.apple.logging")
+	(preference-domain "com.apple.duetexpertd")
+	(preference-domain "com.apple.marco")
+	(preference-domain "com.apple.spotlightui")
+	(preference-domain "com.apple.MobileAsset")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.DuetExpertCenter.AppPredictionExpert")
+	(preference-domain "com.apple.mediaremote")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.duetexpertd"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/duetexpertd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/duetexpertd.sb.xml
new file mode 100644
index 00000000..c9d99090
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/duetexpertd.sb.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/findmydeviced.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/findmydeviced.sb
new file mode 100644
index 00000000..78f0f673
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/findmydeviced.sb
@@ -0,0 +1,654 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]icloud[.]findmydeviced/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]icloud[.]findmydeviced$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]icloud[.]findmydeviced/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]icloud[.]findmydeviced$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]icloud[.]findmydeviced/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]icloud[.]findmydeviced$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]icloud[.]findmydeviced/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]icloud[.]findmydeviced$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]icloud[.]findmydeviced/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]icloud[.]findmydeviced$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]icloud[.]findmydeviced/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]icloud[.]findmydeviced$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.notbackedup.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal "/dev/urandom")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.voicetrigger.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist")
+	(literal "/usr/libexec")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AOSNotification.notbackedup.plist")
+	(literal "/dev/null")
+	(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.public.notbackedup.plist")
+	(literal "/dev/zero")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.FMIPAccounts.notbackedup.plist")
+	(literal "/dev/ptmx")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.migration.plist")
+	(extension "com.apple.sandbox.executable")
+	(subpath "/System/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoRegistry.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.postwipe.plist")
+	(literal "/private/var/empty")
+	(subpath "/private/var/db/timezone")
+	(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+	(subpath-prefix "${HOME}/Library/VoiceTrigger")
+	(literal "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/EffectiveUserSettings.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/MDM.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal "/dev/aes_0")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.FMIPAccounts.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.persistentconnection.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.backedup.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.purplebuddy.notbackedup.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.nanoprefsyncd.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.locationd.plist")
+	(subpath "/Developer")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+	(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+	(literal "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/CloudConfigurationDetails.plist")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+	(literal "/dev/random")
+	(literal "/usr/libexec/findmydeviced")
+	(literal "/dev/dtracehelper")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.support.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.watch.notbackedup.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.pairedsync.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.managedconfiguration.notbackedup.plist")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataMigration.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.purplebuddy.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/CloudConfigurationDetails.plist$" #"^/private/var/mobile/Library/UserConfigurationProfiles/CloudConfigurationDetails.plist$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/CloudConfigurationDetails.plist$")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]icloud[.]findmydeviced/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]icloud[.]findmydeviced$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]icloud[.]findmydeviced/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]icloud[.]findmydeviced$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]icloud[.]findmydeviced" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]icloud[.]findmydeviced" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]icloud[.]findmydeviced")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/EffectiveUserSettings.plist$" #"^/private/var/mobile/Library/UserConfigurationProfiles/EffectiveUserSettings.plist$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/EffectiveUserSettings.plist$")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]icloud[.]findmydeviced/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]icloud[.]findmydeviced$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]icloud[.]findmydeviced/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]icloud[.]findmydeviced$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]icloud[.]findmydeviced[.]watch" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]icloud[.]findmydeviced[.]watch")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]icloud[.]findmydeviced/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]icloud[.]findmydeviced$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]icloud[.]findmydeviced/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]icloud[.]findmydeviced$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/MDM.plist$" #"^/private/var/mobile/Library/UserConfigurationProfiles/MDM.plist$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/MDM.plist$")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+		(subpath-prefix "${HOME}")))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles")
+	(literal-prefix "${HOME}/Library/DeviceRegistry")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal-prefix "${HOME}/Library/PPTDevice")
+	(literal "/private/var/run/syslog")
+	(literal-prefix "${HOME}/Library/Caches")
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}")))))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.FMIPAccounts.notbackedup.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.watch.notbackedup.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataMigration.plist")
+	(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.purplebuddy.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.postwipe.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.notbackedup.plist")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.FMIPAccounts.plist")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.public.notbackedup.plist")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]icloud[.]findmydeviced[.]watch" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]icloud[.]findmydeviced[.]watch")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]icloud[.]findmydeviced" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]icloud[.]findmydeviced" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]icloud[.]findmydeviced")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]icloud[.]findmydeviced/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]icloud[.]findmydeviced$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]icloud[.]findmydeviced/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]icloud[.]findmydeviced$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]icloud[.]findmydeviced/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]icloud[.]findmydeviced$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]icloud[.]findmydeviced/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]icloud[.]findmydeviced$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]icloud[.]findmydeviced/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]icloud[.]findmydeviced$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]icloud[.]findmydeviced/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]icloud[.]findmydeviced$")
+		(subpath-prefix "${HOME}")))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(require-any
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.private.safe-move.send")))))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(regex #"^/private/var/mobile/Library/VoiceTrigger/SAT/[^/]+/audio/enrollment_completed$" #"^/private/var/euser[0-9]+/Library/VoiceTrigger/SAT/[^/]+/audio/enrollment_completed$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open
+	(extension "com.apple.security.exception.iokit-user-client-class")
+	(iokit-user-client-class "ProvInfoIOKitUserClient")
+	(iokit-user-client-class "AppleKeyStoreUserClient")
+	(iokit-user-client-class "RootDomainUserClient"))
+(allow iokit-get-properties)
+(allow ipc-posix-sem
+	(ipc-posix-name "findmydeviced.boot_check"))
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.nano.nanoregistry.paireddeviceregistry")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.mobileactivationd")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.marco")
+	(global-name "com.apple.absd")
+	(global-name "com.apple.PowerManagement.control")
+	(global-name "com.apple.assistant.settings")
+	(global-name "com.apple.mobile.obliteration")
+	(global-name "com.apple.fig.movie")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.nfcd.hwmanager")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.managedconfiguration.profiled")
+	(global-name "com.apple.powerlog.plxpclogger.xpc")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.nanoprefsync")
+	(global-name "com.apple.springboard.services")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.locationd.registration")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.ak.anisette.xpc")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.SBUserNotification")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.usernotification.notificationregistrar")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.coremedia.sandboxserver")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.locationd.synchronous")
+	(global-name "com.apple.apsd")
+	(global-name "com.apple.springboard.backgroundappservices")
+	(global-name "com.apple.CARenderServer")
+	(global-name "com.apple.coremedia.admin")
+	(global-name "com.apple.wifi.manager")
+	(global-name "com.apple.adid")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.coremedia.capturesource")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.usernotification.notificationscheduler")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.absinthed")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.frontboard.systemappservices")
+	(global-name "com.apple.FileCoordination")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.locationd.spi")
+	(global-name "com.apple.pairedsyncd.syncstate")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.xpcd")
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow network-outbound
+	(require-all
+		(require-not (regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
+		(require-any
+			(remote tcp "*:*")
+			(literal "/private/var/run/mDNSResponder")
+			(literal "/private/var/run/lockdown.sock")
+			(literal "/private/var/run/syslog")
+			(control-name "com.apple.network.statistics")
+			(control-name "com.apple.netsrc"))))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.NanoRegistry")
+	(preference-domain "com.apple.icloud.findmydeviced.FMIPAccounts.notbackedup")
+	(preference-domain "com.apple.icloud.findmydeviced")
+	(preference-domain "com.apple.locationd")
+	(preference-domain "com.apple.icloud.findmydeviced.postwipe")
+	(preference-domain "com.apple.icloud.findmydeviced.public.notbackedup")
+	(preference-domain "com.apple.icloud.findmydeviced.FMIPAccounts")
+	(preference-domain "com.apple.avfoundation")
+	(preference-domain "com.apple.assistant.support")
+	(preference-domain "com.apple.persistentconnection")
+	(preference-domain "com.apple.migration")
+	(preference-domain "com.apple.icloud.findmydeviced.watch.notbackedup")
+	(preference-domain "com.apple.purplebuddy")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "com.apple.voicetrigger")
+	(preference-domain "com.apple.purplebuddy.notbackedup")
+	(preference-domain "com.apple.GEO")
+	(preference-domain "com.apple.pairedsync")
+	(preference-domain "com.apple.managedconfiguration.notbackedup")
+	(preference-domain "com.apple.icloud.findmydeviced.notbackedup")
+	(preference-domain "com.apple.carrier")
+	(preference-domain "com.apple.coremedia")
+	(preference-domain "com.apple.assistant.backedup")
+	(preference-domain "com.apple.DataMigration")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.nanoprefsyncd")
+	(preference-domain "com.apple.demo-settings")
+	(preference-domain "com.apple.marco")
+	(preference-domain "com.apple.logging")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.AOSNotification.notbackedup")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.purplebuddy")
+	(preference-domain "com.apple.icloud.findmydeviced.notbackedup")
+	(preference-domain "com.apple.icloud.findmydeviced.FMIPAccounts")
+	(preference-domain "com.apple.icloud.findmydeviced.FMIPAccounts.notbackedup")
+	(preference-domain "com.apple.icloud.findmydeviced")
+	(preference-domain "com.apple.DataMigration")
+	(preference-domain "com.apple.icloud.findmydeviced.watch.notbackedup")
+	(preference-domain "com.apple.icloud.findmydeviced.postwipe")
+	(preference-domain "com.apple.icloud.findmydeviced.public.notbackedup"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/findmydeviced.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/findmydeviced.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/findmydeviced.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/fmfd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/fmfd.sb
new file mode 100644
index 00000000..736460d8
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/fmfd.sb
@@ -0,0 +1,592 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]icloud[.]fmfd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]icloud[.]fmfd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]icloud[.]fmfd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]icloud[.]fmfd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]icloud[.]fmfd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]icloud[.]fmfd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]icloud[.]fmfd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]icloud[.]fmfd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]icloud[.]fmfd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]icloud[.]fmfd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]icloud[.]fmfd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]icloud[.]fmfd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.conference.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist")
+	(literal "/usr/libexec")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.fmfd.plist")
+	(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.public.notbackedup.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.fmfd.notbackedup.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.postwipe.plist")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+	(literal "/usr/libexec/fmfd")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.da.plist")
+	(extension "com.apple.sandbox.executable")
+	(subpath "/System/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoRegistry.plist")
+	(literal "/private/var/empty")
+	(subpath "/private/var/db/timezone")
+	(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.locationd.plist")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+	(subpath "/private/var/tmp")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.pairedsync.plist")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ids.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Caches/GeoServices/tguid.bin"))
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+			(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+			(literal "/dev/random")
+			(subpath-prefix "${FRONT_USER_HOME}/Library/Caches/GeoServices")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreDuet.plist")
+			(literal "/dev/urandom")
+			(literal "/dev/ptmx")
+			(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+			(literal "/dev/aes_0")
+			(subpath "/private/var/containers/Data/System/com.apple.geod")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.persistentconnection.plist")
+			(literal "/dev/null")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AOSNotification.public.notbackedup.plist")
+			(literal "/dev/dtracehelper")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+			(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.postwipe.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+			(literal "/dev/zero")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataMigration.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+			(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.public.notbackedup.plist")
+			(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]icloud[.]fmfd" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]icloud[.]fmfd" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]icloud[.]fmfd")
+				(subpath-prefix "${FRONT_USER_HOME}"))
+			(require-all
+				(vnode-type TTY)
+				(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+				(subpath-prefix "${FRONT_USER_HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+				(extension "com.apple.sandbox.pty"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]icloud[.]fmfd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]icloud[.]fmfd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]icloud[.]fmfd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]icloud[.]fmfd$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+			(require-all
+				(vnode-type BLOCK-DEVICE)
+				(vnode-type CHARACTER-DEVICE)
+				(require-any
+					(literal "/private/etc/hosts")
+					(literal "/private/etc/group")
+					(literal "/private/etc/passwd")
+					(literal "/")
+					(literal "/private/etc/protocols")
+					(literal "/private/etc/services")
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+						(require-entitlement "com.apple.coreduetd.people"))))
+			(require-all
+				(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+				(extension "com.apple.tcc.kTCCServiceAddressBook"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/AddressBook")
+				(extension "com.apple.tcc.kTCCServiceAddressBook"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]icloud[.]fmfd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]icloud[.]fmfd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]icloud[.]fmfd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]icloud[.]fmfd$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]icloud[.]fmfd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]icloud[.]fmfd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]icloud[.]fmfd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]icloud[.]fmfd$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+		(subpath-prefix "${HOME}")))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles")
+	(literal-prefix "${HOME}/Library/DeviceRegistry")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal-prefix "${HOME}/Library/PPTDevice")
+	(literal "/private/var/run/syslog")
+	(literal-prefix "${HOME}/Library/Caches")
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}")))))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.fmfd.notbackedup.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.fmfd.plist")
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Caches/GeoServices/tguid.bin"))
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+			(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+			(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+			(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+			(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]icloud[.]fmfd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]icloud[.]fmfd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]icloud[.]fmfd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]icloud[.]fmfd$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type BLOCK-DEVICE)
+				(vnode-type CHARACTER-DEVICE)
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+				(extension "com.apple.tcc.kTCCServiceAddressBook"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/AddressBook")
+				(extension "com.apple.tcc.kTCCServiceAddressBook"))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]icloud[.]fmfd" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]icloud[.]fmfd" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]icloud[.]fmfd")
+				(subpath-prefix "${FRONT_USER_HOME}"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]icloud[.]fmfd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]icloud[.]fmfd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]icloud[.]fmfd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]icloud[.]fmfd$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]icloud[.]fmfd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]icloud[.]fmfd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]icloud[.]fmfd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]icloud[.]fmfd$")
+				(subpath-prefix "${HOME}")))))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(require-any
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.private.safe-move.send")))))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.nano.nanoregistry.paireddeviceregistry")
+	(global-name "com.apple.geod")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.icloud.fmfd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.spotlight.IndexAgent")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.cmfsyncagent.embedded.auth")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.powerlog.plxpclogger.xpc")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.ABDatabaseDoctor")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.locationd.registration")
+	(global-name "com.apple.identityservicesd.embedded.auth")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.SBUserNotification")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.locationd.synchronous")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.nanomaps.xpc.GeoServices")
+	(global-name "com.apple.apsd")
+	(global-name "com.apple.telephonyutilities.callservicesdaemon.callcapabilities")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.locationd.spi")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.identityservicesd.idquery.embedded.auth")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.pairedsyncd.syncstate")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.marco")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.xpcd")
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.ids")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.CoreDuet")
+	(preference-domain "com.apple.locationd")
+	(preference-domain "com.apple.icloud.findmydeviced.postwipe")
+	(preference-domain "com.apple.icloud.fmfd")
+	(preference-domain "com.apple.icloud.findmydeviced.public.notbackedup")
+	(preference-domain "com.apple.icloud.fmfd.notbackedup")
+	(preference-domain "com.apple.pairedsync")
+	(preference-domain "com.apple.GEO")
+	(preference-domain "com.apple.da")
+	(preference-domain "com.apple.persistentconnection")
+	(preference-domain "com.apple.carrier")
+	(preference-domain "com.apple.DataMigration")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.NanoRegistry")
+	(preference-domain "com.apple.demo-settings")
+	(preference-domain "com.apple.marco")
+	(preference-domain "com.apple.logging")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.conference")
+	(preference-domain "com.apple.AOSNotification.public.notbackedup")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.icloud.fmfd")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.icloud.fmfd.notbackedup"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/fmfd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/fmfd.sb.xml
new file mode 100644
index 00000000..c9d99090
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/fmfd.sb.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/ftp-proxy-embedded.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/ftp-proxy-embedded.sb
new file mode 100644
index 00000000..71ca0f97
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/ftp-proxy-embedded.sb
@@ -0,0 +1,137 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.MobileInternetSharing")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.pfd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.lsd.mapdb")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private")))
+(allow network-inbound)
+(allow network-bind)
+(allow network-outbound
+	(require-all
+		(require-not (regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
+		(require-any
+			(literal "/private/var/run/mDNSResponder")
+			(control-name "com.apple.network.statistics")
+			(local ip "*:*")
+			(control-name "com.apple.netsrc")
+			(literal "/private/var/run/syslog"))))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/ftp-proxy-embedded.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/ftp-proxy-embedded.sb.xml
new file mode 100644
index 00000000..cf8816c7
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/ftp-proxy-embedded.sb.xml
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="network-inbound" action="allow" />
+	<operation name="network-bind" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/gamed.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/gamed.sb
new file mode 100644
index 00000000..d78ceb2b
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/gamed.sb
@@ -0,0 +1,591 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/GameKit")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/Applications")
+	(subpath "/System/Library")
+	(literal "/dev/urandom")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.conference.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist")
+	(literal "/usr/libexec")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.accounts.exists.plist")
+	(literal "/usr/libexec/gamed")
+	(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.public.notbackedup.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+	(literal "/dev/zero")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.VideoConference.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AOSNotification.public.notbackedup.plist")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/gamed")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+	(literal "/dev/ptmx")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.accountsd.plist")
+	(subpath-prefix "${HOME}/Library/GameKit")
+	(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+	(extension "com.apple.sandbox.executable")
+	(subpath-prefix "${HOME}/Library/Logs/awd")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.postwipe.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+	(subpath "/private/var/db/timezone")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath "/private/var/containers/Bundle")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal "/dev/aes_0")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.persistentconnection.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+	(subpath-prefix "${HOME}/Library/Logs/GameKit")
+	(subpath "/Developer")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.gamed.plist")
+	(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.appleaccount.plist")
+	(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.VideoConference")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+	(literal "/dev/random")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreDuet.plist")
+	(literal "/dev/dtracehelper")
+	(subpath-prefix "${HOME}/Library/Caches/GameKit")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.gamecenter.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.springboard.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.gamed")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataMigration.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]gamed" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]gamed" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]gamed")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(debug-mode)
+		(require-any
+			(subpath "/AppleInternal/Applications")
+			(subpath "/private/var/mobile/XcodeBuiltProducts")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles$" #"^/private/var/mobile/Library/ConfigurationProfiles/" #"^/private/var/mobile/Library/UserConfigurationProfiles$" #"^/private/var/mobile/Library/UserConfigurationProfiles/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/AddressBook")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-read-metadata)
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.conference.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+	(subpath-prefix "${HOME}/Library/Caches/GameKit")
+	(subpath-prefix "${HOME}/Library/Logs/awd")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.gamecenter.plist")
+	(subpath-prefix "${HOME}/Library/GameKit")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/gamed")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(subpath-prefix "${HOME}/Library/Logs/GameKit")
+	(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.gamed")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.VideoConference")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.gamed.plist")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]gamed" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]gamed" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]gamed")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/AddressBook")
+		(extension "com.apple.tcc.kTCCServiceAddressBook")))
+(allow file-write-create
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type DIRECTORY)
+				(require-any
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.private.safe-move.send")))))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.springboard.backgroundappservices")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.audio.AudioSession")
+	(global-name "PurpleSystemEventPort")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.fairplayd.versioned")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.iTunesStore.daemon.deatchwatch")
+	(global-name "com.apple.coremedia.capturesource")
+	(global-name "com.apple.coremedia.asset")
+	(global-name "com.apple.coremedia.videocompositor")
+	(global-name "com.apple.marco")
+	(global-name "com.apple.iTunesStore.daemon-notifications")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "PurpleSystemAppPort")
+	(global-name "com.apple.spotlight.IndexAgent")
+	(global-name "com.apple.iTunesStore.daemon")
+	(global-name "com.apple.fig.movie")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.mobilemail.services.xpc")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.cmfsyncagent.embedded.auth")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.authkit.xpc")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.coremedia.assetimagegenerator")
+	(global-name "com.apple.powerlog.plxpclogger.xpc")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.ABDatabaseDoctor")
+	(global-name "com.apple.springboard.services")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.coremedia.capturesession")
+	(global-name "com.apple.telephonyutilities.callservicesdaemon.callcapabilities")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.itunesstored.xpc")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.usernotification.notificationregistrar")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.coremedia.sandboxserver")
+	(global-name "com.apple.coremedia.mutablecomposition")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.springboard.processinvalidation")
+	(global-name "com.apple.identityservicesd.idquery.embedded.auth")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.itunescloudd.xpc")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.apsd")
+	(global-name "com.apple.GameController.gamecontrollerd")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.mobile.installd")
+	(global-name "com.apple.gamecenter")
+	(global-name "com.apple.fairplayd")
+	(global-name "com.apple.coremedia.admin")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.frontboard.systemappservices")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.coremedia.endpoint.xpc")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.pegasus")
+	(global-name "com.apple.mediaserverd")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.gamecenter.gsEvents")
+	(global-name "com.apple.coremedia.recorder")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.usernotification.notificationscheduler")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.awdd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.coremedia.remaker")
+	(global-name "com.apple.xpcd")
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow network-outbound
+	(require-all
+		(require-not (regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
+		(require-any
+			(literal "/private/var/run/lockdown.sock")
+			(literal "/private/var/run/mDNSResponder")
+			(literal "/private/var/run/syslog")
+			(remote ip "*:*")
+			(control-name "com.apple.network.statistics")
+			(control-name "com.apple.netsrc"))))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "com.apple.avfoundation")
+	(preference-domain "com.apple.VideoConference")
+	(preference-domain "com.apple.coreaudio")
+	(preference-domain "com.apple.icloud.findmydeviced.postwipe")
+	(preference-domain "com.apple.icloud.findmydeviced.public.notbackedup")
+	(preference-domain "com.apple.corevideo")
+	(preference-domain "com.apple.coremedia")
+	(preference-domain "com.apple.appleaccount")
+	(preference-domain "com.apple.gamecenter")
+	(preference-domain "com.apple.mobileipod")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.CoreDuet")
+	(preference-domain "com.apple.itunesstored")
+	(preference-domain "com.apple.persistentconnection")
+	(preference-domain "com.apple.carrier")
+	(preference-domain "com.apple.gamed")
+	(preference-domain "com.apple.DataMigration")
+	(preference-domain "com.apple.springboard")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.logging")
+	(preference-domain "com.apple.demo-settings")
+	(preference-domain "com.apple.marco")
+	(preference-domain "com.apple.accountsd")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.conference")
+	(preference-domain "com.apple.AOSNotification.public.notbackedup")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.conference")
+	(preference-domain "com.apple.logging")
+	(preference-domain "com.apple.gamecenter")
+	(preference-domain "com.apple.gamed")
+	(preference-domain "com.apple.PeoplePicker"))
+(allow process-exec*
+	(literal "/usr/libexec/gamed"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/gamed.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/gamed.sb.xml
new file mode 100644
index 00000000..c3c699a4
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/gamed.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="file-read-metadata" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/geocorrectiond.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/geocorrectiond.sb
new file mode 100644
index 00000000..1f564bcf
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/geocorrectiond.sb
@@ -0,0 +1,19 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow iokit-get-properties)
+(allow mach-cross-domain-lookup)
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/geocorrectiond.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/geocorrectiond.sb.xml
new file mode 100644
index 00000000..c5c1c883
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/geocorrectiond.sb.xml
@@ -0,0 +1,37 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/geod.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/geod.sb
new file mode 100644
index 00000000..f7430a72
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/geod.sb
@@ -0,0 +1,483 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(literal "/dev/urandom")
+	(literal-prefix "${HOME}/Library/Caches/MapTiles/MapTiles.sqlitedb-journal")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GMM.plist")
+	(subpath "/private/var/containers/Data/System/com.apple.geod")
+	(subpath-prefix "${HOME}/Library/Caches/GeoServices")
+	(literal "/dev/zero")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(literal-prefix "${HOME}/Library/Caches/MapTiles")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.GeoServices")
+	(literal "/dev/ptmx")
+	(literal-prefix "${HOME}/Library/Caches/Maps/MapTiles")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(literal-prefix "${HOME}/Library/Caches/Maps/MapTiles/MapTiles.sqlitedb-wal")
+	(subpath "/System/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoRegistry.plist")
+	(literal-prefix "${HOME}/Library/Caches/Maps/MapTiles/MapTiles.sqlitedb-journal")
+	(subpath "/private/var/db/timezone")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iokit.IOMobileGraphicsFamily.plist")
+	(literal-prefix "${HOME}/Library/Caches/MapTiles/MapTiles.sqlitedb-wal")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/dev/aes_0")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(extension "com.apple.sandbox.executable")
+	(subpath-prefix "${HOME}/Library/GeoServices")
+	(literal-prefix "${HOME}/Library/Caches/Maps/MapTiles/MapTiles.sqlitedb-shm")
+	(subpath "/Developer")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+	(literal-prefix "${HOME}/Library/Caches/MapTiles/MapTiles.sqlitedb-shm")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(subpath "/private/var/tmp")
+	(literal "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/CloudConfigurationDetails.plist")
+	(literal "/dev/random")
+	(literal-prefix "${HOME}/Library/Caches/Maps/MapTiles/MapTiles.sqlitedb")
+	(literal-prefix "${HOME}/Library/Caches/MapTiles/MapTiles.sqlitedb")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal "/dev/dtracehelper")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.pairedsync.plist")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ConfigServer.plist")
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/CloudConfigurationDetails.plist$" #"^/private/var/mobile/Library/UserConfigurationProfiles/CloudConfigurationDetails.plist$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/CloudConfigurationDetails.plist$")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-read-metadata)
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${HOME}/Library/Caches/MapTiles/MapTiles.sqlitedb-journal")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GMM.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${HOME}/Library/Caches/MapTiles/MapTiles.sqlitedb")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.GeoServices")
+	(literal-prefix "${HOME}/Library/Caches/Maps/MapTiles/MapTiles.sqlitedb")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/kCFPreferencesAnyApplication.plist")
+	(literal-prefix "${HOME}/Library/Caches/Maps/MapTiles/MapTiles.sqlitedb-shm")
+	(literal-prefix "${HOME}/Library/Caches/Maps/MapTiles/MapTiles.sqlitedb-journal")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+	(literal-prefix "${HOME}/Library/Caches/Maps/MapTiles/MapTiles.sqlitedb-wal")
+	(subpath-prefix "${HOME}/Library/GeoServices")
+	(subpath-prefix "${HOME}/Library/Caches/GeoServices")
+	(literal-prefix "${HOME}/Library/Caches/MapTiles")
+	(literal-prefix "${HOME}/Library/Caches/MapTiles/MapTiles.sqlitedb-shm")
+	(subpath "/private/var/containers/Data/System/com.apple.geod")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${HOME}/Library/Caches/MapTiles/MapTiles.sqlitedb-wal")
+	(literal-prefix "${HOME}/Library/Caches/Maps/MapTiles")
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches/Maps/MapTiles"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches/MapTiles")))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal-prefix "${HOME}/Library/Caches/MapTiles/MapTiles.sqlitedb")
+	(literal-prefix "${HOME}/Library/Caches/Maps/MapTiles/MapTiles.sqlitedb")
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.nano.nanoregistry.paireddeviceregistry")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.marco")
+	(global-name "com.apple.powerlog.plxpclogger.xpc")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.springboard.backgroundappservices")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.pairedsyncd.syncstate")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.gmmd.cookie")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.PowerManagement.control")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.lsd.mapdb")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "platform-application")))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "platform-application")))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private")))
+(allow network-outbound
+	(require-all
+		(require-not (regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
+		(require-any
+			(literal "/private/var/run/lockdown.sock")
+			(remote ip "*:*")
+			(literal "/private/var/run/syslog")
+			(literal "/private/var/run/mDNSResponder")
+			(control-name "com.apple.netsrc")
+			(control-name "com.apple.network.statistics"))))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.NanoRegistry")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "com.apple.demo-settings")
+	(preference-domain "com.apple.iokit.IOMobileGraphicsFamily")
+	(preference-domain "com.apple.pairedsync")
+	(preference-domain "com.apple.GEO")
+	(preference-domain "com.apple.logging")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.GMM")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.ConfigServer")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.GEO")
+	(preference-domain "com.apple.GMM"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/geod.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/geod.sb.xml
new file mode 100644
index 00000000..e8f17749
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/geod.sb.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="file-read-metadata" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/gizmoappd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/gizmoappd.sb
new file mode 100644
index 00000000..473c7975
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/gizmoappd.sb
@@ -0,0 +1,483 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]gizmoappd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]gizmoappd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]gizmoappd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]gizmoappd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]gizmoappd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]gizmoappd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]gizmoappd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]gizmoappd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.StreamingUnzipService")
+		(subpath-prefix "${HOME}/Library/Caches/com.apple.AppConduit.staging"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]gizmoappd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]gizmoappd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]gizmoappd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]gizmoappd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/Applications")
+	(subpath "/System/Library")
+	(literal "/dev/urandom")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.UIKit.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.conference.plist")
+	(literal "/dev/zero")
+	(subpath "/usr/share")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+	(extension "com.apple.sandbox.executable")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoRegistry.plist")
+	(subpath "/private/var/db/timezone")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal "/dev/aes_0")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal "/dev/null")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.gizmoappd.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.nanoprefsyncd.plist")
+	(literal "/dev/ptmx")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.watchkit.imagecache")
+	(subpath "/private/var/containers/Bundle/Application")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+	(literal "/dev/random")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.AppConduit.staging")
+	(literal "/dev/dtracehelper")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.pairedsync.plist")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ids.plist")
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]gizmoappd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]gizmoappd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]gizmoappd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]gizmoappd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(debug-mode)
+		(require-any
+			(subpath "/AppleInternal/Applications")
+			(subpath "/private/var/mobile/XcodeBuiltProducts")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]gizmoappd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]gizmoappd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]gizmoappd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]gizmoappd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]gizmoappd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]gizmoappd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]gizmoappd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]gizmoappd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]nano-complications$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]nano-complications$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Preferences/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Preferences/")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${HOME}/Library/Caches")
+	(literal-prefix "${HOME}/Library/DeviceRegistry")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal-prefix "${HOME}/Library/PPTDevice")
+	(literal "/private/var/run/syslog")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}")))))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.watchkit.imagecache")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.AppConduit.staging")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.gizmoappd.plist")
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]gizmoappd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]gizmoappd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]gizmoappd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]gizmoappd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]gizmoappd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]gizmoappd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]gizmoappd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]gizmoappd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Preferences/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Preferences/")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]gizmoappd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]gizmoappd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]gizmoappd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]gizmoappd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.nano.nanoregistry.paireddeviceregistry")
+	(global-name "com.apple.mediaserverd")
+	(global-name "com.apple.carousel.tilenavigation")
+	(global-name "com.apple.mobile.installd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.powerlog.plxpclogger.xpc")
+	(global-name "com.apple.FileCoordination")
+	(global-name "com.apple.nanoprefsync")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.pluginkit.pkd")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.misagent")
+	(global-name "com.apple.marco")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.pairedsyncd.syncstate")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.carousel.glanceservice")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.identityservicesd.embedded.auth")
+	(global-name "com.apple.lsd.xpc")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.SBUserNotification")
+	(global-name "com.apple.lsd.modifydb")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.ProgressReporting")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.frontboard.systemappservices")
+	(global-name "com.apple.lsd.mapdb")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.cache_delete")
+	(global-name "com.apple.carousel.backlightxpc")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.system.libinfo.muser")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.nanoprefsyncd")
+	(preference-domain "com.apple.NanoRegistry")
+	(preference-domain "com.apple.UIKit")
+	(preference-domain "com.apple.demo-settings")
+	(preference-domain "com.apple.gizmoappd")
+	(preference-domain "com.apple.pairedsync")
+	(preference-domain "com.apple.ids")
+	(preference-domain "com.apple.coreaudio")
+	(preference-domain "com.apple.logging")
+	(preference-domain "com.apple.coremedia")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.conference")
+	(preference-domain "com.apple.marco")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.gizmoappd"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow signal)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/gizmoappd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/gizmoappd.sb.xml
new file mode 100644
index 00000000..14606502
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/gizmoappd.sb.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="signal" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/gputoolsd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/gputoolsd.sb
new file mode 100644
index 00000000..abce2511
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/gputoolsd.sb
@@ -0,0 +1,394 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/root/Library/Caches/com[.]apple[.]gputoolsd/" #"^/private/var/root/Library/Caches/com[.]apple[.]gputoolsd$"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/root/Library/Caches/com[.]apple[.]gputoolsd/" #"^/private/var/root/Library/Caches/com[.]apple[.]gputoolsd$"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/root/Library/Caches/com[.]apple[.]gputoolsd/" #"^/private/var/root/Library/Caches/com[.]apple[.]gputoolsd$"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal "/dev/random")
+	(subpath "/Developer")
+	(literal "/dev/urandom")
+	(literal "/dev/ptmx")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/System/Library")
+	(literal "/dev/aes_0")
+	(literal "/dev/dtracehelper")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(regex #"^/private/var/root/Library/Caches/com[.]apple[.]gputoolsd/" #"^/private/var/root/Library/Caches/com[.]apple[.]gputoolsd$")
+	(extension "com.apple.sandbox.executable")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal "/dev/zero")
+	(subpath "/usr/lib")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(subpath "/private/var/db/timezone")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]gputoolsd/" #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]gputoolsd$"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]gputoolsd/" #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]gputoolsd$")))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal "/private/var/root/Library/Caches")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal "/private/var/run/syslog")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal "/private/var/root/Library/Caches"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath "/private/var/root/Library/Caches/com.apple.opengl")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath-prefix "${FRONT_USER_HOME}/Library/GPUTools")
+	(regex #"^/private/var/root/Library/Caches/com[.]apple[.]gputoolsd/" #"^/private/var/root/Library/Caches/com[.]apple[.]gputoolsd$")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]gputoolsd/" #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]gputoolsd$"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]gputoolsd/" #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]gputoolsd$")))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal "/private/var/root/Library/Caches"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open
+	(extension "com.apple.security.exception.iokit-user-client-class")
+	(iokit-user-client-class "IOSurfaceRootUserClient")
+	(iokit-user-client-class "IOAccelSharedUserClient2")
+	(iokit-user-client-class "IOAccelSharedUserClient")
+	(iokit-user-client-class "IOAccelDevice2")
+	(iokit-user-client-class "IOAccelDevice")
+	(iokit-user-client-class "IOAccelSubmitter2")
+	(iokit-user-client-class "IOAccelContext2")
+	(iokit-user-client-class "IOAccelContext"))
+(allow iokit-get-properties)
+(allow ipc-posix-shm*)
+(allow ipc-posix-shm-read*)
+(allow ipc-posix-shm-read-data)
+(allow ipc-posix-shm-read-metadata)
+(allow ipc-posix-shm-write*)
+(allow ipc-posix-shm-write-create)
+(allow ipc-posix-shm-write-data)
+(allow ipc-posix-shm-write-unlink)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.springboard.services")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.springboard.backgroundappservices")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.gpumemd.source")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.coresymbolicationd")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.usernotification.notificationscheduler")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.appwatchdog")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.cvmsServ")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.usernotification.notificationregistrar")
+	(global-name "com.apple.frontboard.systemappservices")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.springboard.icongeneration")
+	(global-name "com.apple.lockdown.host_watcher")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow mach-priv-task-port)
+(allow network-outbound
+	(require-all
+		(require-not (regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
+		(require-any
+			(literal "/private/var/run/gputoolsdhelper.sock")
+			(local tcp "localhost:*")
+			(regex #"^/private/var/run/lockdown/checkin")
+			(literal "/private/var/run/syslog"))))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-exec*
+	(literal "/Developer/usr/libexec/gputoolsd"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow signal)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/gputoolsd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/gputoolsd.sb.xml
new file mode 100644
index 00000000..46d08f31
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/gputoolsd.sb.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="ipc-posix-shm*" action="allow" />
+	<operation name="ipc-posix-shm-read*" action="allow" />
+	<operation name="ipc-posix-shm-read-data" action="allow" />
+	<operation name="ipc-posix-shm-read-metadata" action="allow" />
+	<operation name="ipc-posix-shm-write*" action="allow" />
+	<operation name="ipc-posix-shm-write-create" action="allow" />
+	<operation name="ipc-posix-shm-write-data" action="allow" />
+	<operation name="ipc-posix-shm-write-unlink" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="mach-priv-task-port" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="signal" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/healthd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/healthd.sb
new file mode 100644
index 00000000..c7a16cd8
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/healthd.sb
@@ -0,0 +1,515 @@
+(version 1)
+(deny default)
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileAsset.plist")
+	(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db-wal")
+	(subpath "/System/Library")
+	(literal "/dev/urandom")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.conference.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist")
+	(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db-journal")
+	(subpath-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/CompanionSync/TransportLogs")
+	(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db")
+	(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+	(literal-prefix "${HOME}/Library/Logs/CompanionSync")
+	(literal-prefix "${HOME}/Library/Logs/awd/awd-healthd.log")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+	(literal "/dev/zero")
+	(subpath "/usr/share")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.public.notbackedup.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Fitness.plist")
+	(literal "/dev/ptmx")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.nanolifestyle.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.companionsync.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+	(extension "com.apple.sandbox.executable")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoRegistry.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.nanolifestyle.privacy.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.postwipe.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.healthlite.plist")
+	(subpath "/private/var/db/timezone")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreMotion.plist")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal "/dev/aes_0")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal "/dev/null")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.healthd.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AOSNotification.public.notbackedup.plist")
+	(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.nanoprefsyncd.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.locationd.plist")
+	(subpath "/Developer")
+	(subpath-prefix "${HOME}/Library/Logs/CompanionSync/TransportLogs")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+	(literal-prefix "${HOME}/Library/CompanionSyncCaches/com.apple.private.alloy.health.sync.low")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+	(subpath "/Applications/Fitness.app")
+	(subpath "/private/var/tmp")
+	(literal "/dev/random")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreDuet.plist")
+	(literal "/dev/dtracehelper")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(literal-prefix "${HOME}/Library/CompanionSyncCaches/com.apple.private.alloy.health.sync.low-wal")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(subpath-prefix "${HOME}/Library/Health")
+	(literal-prefix "${HOME}/Library/CompanionSyncCaches/com.apple.private.alloy.health.sync.low-journal")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.pairedsync.plist")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/Applications/Health.app")
+	(subpath "/usr/lib")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataMigration.plist")
+	(literal-prefix "${HOME}/Library/CompanionSyncCaches/com.apple.private.alloy.health.sync.low-shm")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ids.plist")
+	(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db-shm")
+	(literal-prefix "${HOME}/Library/CompanionSyncCaches")
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]pairedsync[.]healthd[.]syncCoordinator" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]pairedsync[.]healthd[.]syncCoordinator")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath "/private/var/MobileAsset")
+		(extension "com.apple.assets.read"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync/com[.]apple[.]private[.]alloy[.]health[.]sync" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync/nms[.]com[.]apple[.]private[.]alloy[.]health[.]sync" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync/(nms[.])?com[.]apple[.]private[.]alloy[.]health[.]sync")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]healthd" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]nanolifestyle" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]nanolifestyle[.]privacy" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]healthd" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]nanolifestyle" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]nanolifestyle[.]privacy")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/com[.]apple[.]private[.]alloy[.]health[.]sync[.]low" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/com[.]apple[.]private[.]alloy[.]health[.]sync[.]low")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/PairedSyncServiceRestrictions/com[.]apple[.]pairedsync[.]healthd[.]" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/PairedSyncServiceRestrictions/com[.]apple[.]pairedsync[.]healthd[.]")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/CrashReporter/DiagnosticLogs/HealthKit" #"^/private/var/euser[0-9]+/Library/Logs/CrashReporter/DiagnosticLogs/HealthKit")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Assets")
+		(extension "com.apple.assets.read"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/Health$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/Health/" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/Health$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/Health/")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/AddressBook")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+		(subpath-prefix "${HOME}")))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/CompanionSync")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal-prefix "${HOME}/Library/PPTDevice")
+	(literal "/private/var/run/syslog")
+	(literal-prefix "${HOME}/Library/DeviceRegistry")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs")
+	(literal-prefix "${HOME}/Library/Logs/CompanionSync")
+	(literal-prefix "${HOME}/Library/Logs/awd")
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/awd"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/Logs/CompanionSync")
+			(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs")
+			(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/CompanionSync")))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/CrashReporter")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db-wal")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.nanolifestyle.plist")
+	(literal-prefix "${HOME}/Library/CompanionSyncCaches/com.apple.private.alloy.health.sync.low-journal")
+	(literal-prefix "${HOME}/Library/Logs/CompanionSync")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Fitness.plist")
+	(subpath-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/CompanionSync/TransportLogs")
+	(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db")
+	(literal-prefix "${HOME}/Library/CompanionSyncCaches")
+	(literal-prefix "${HOME}/Library/CompanionSyncCaches/com.apple.private.alloy.health.sync.low-wal")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.healthd.plist")
+	(subpath-prefix "${HOME}/Library/Health")
+	(literal-prefix "${HOME}/Library/CompanionSyncCaches/com.apple.private.alloy.health.sync.low-shm")
+	(literal-prefix "${HOME}/Library/Logs/awd/awd-healthd.log")
+	(subpath-prefix "${HOME}/Library/Logs/CompanionSync/TransportLogs")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.nanolifestyle.privacy.plist")
+	(literal-prefix "${HOME}/Library/CompanionSyncCaches/com.apple.private.alloy.health.sync.low")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db-shm")
+	(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db-journal")
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]pairedsync[.]healthd[.]syncCoordinator" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]pairedsync[.]healthd[.]syncCoordinator")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]healthd" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]nanolifestyle" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]nanolifestyle[.]privacy" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]healthd" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]nanolifestyle" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]nanolifestyle[.]privacy")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/PairedSyncServiceRestrictions/com[.]apple[.]pairedsync[.]healthd[.]" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/PairedSyncServiceRestrictions/com[.]apple[.]pairedsync[.]healthd[.]")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/CompanionSync"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/AddressBook")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync/com[.]apple[.]private[.]alloy[.]health[.]sync" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync/nms[.]com[.]apple[.]private[.]alloy[.]health[.]sync" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync/(nms[.])?com[.]apple[.]private[.]alloy[.]health[.]sync")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/CrashReporter/DiagnosticLogs/HealthKit" #"^/private/var/euser[0-9]+/Library/Logs/CrashReporter/DiagnosticLogs/HealthKit")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/Health$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/Health/" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/Health$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/Health/")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/com[.]apple[.]private[.]alloy[.]health[.]sync[.]low" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/com[.]apple[.]private[.]alloy[.]health[.]sync[.]low")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/CompanionSyncCaches")))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/CrashReporter"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/awd"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/Logs/CompanionSync")
+			(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs")
+			(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/CompanionSync")))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$")
+		(subpath-prefix "${HOME}")))
+(allow file-write-data
+	(literal-prefix "${HOME}/Library/CompanionSyncCaches/com.apple.private.alloy.health.sync.low")
+	(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db")
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-owner
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$")
+		(subpath-prefix "${HOME}")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.mobileassetd")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.nano.nanoregistry.paireddeviceregistry")
+	(global-name "com.apple.server.bluetooth.le.att.xpc")
+	(global-name "com.apple.locationd.synchronous")
+	(global-name "com.apple.springboard.services")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.iohideventsystem")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.powerlog.plxpclogger.xpc")
+	(global-name "com.apple.FileCoordination")
+	(global-name "com.apple.ABDatabaseDoctor")
+	(global-name "com.apple.routined.registration")
+	(global-name "com.apple.nanoprefsync")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.identityservicesd.idquery.embedded.auth")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.springboard.backgroundappservices")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.marco")
+	(global-name "com.apple.telephonyutilities.callservicesdaemon.callcapabilities")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.usernotification.notificationscheduler")
+	(global-name "com.apple.pairedsyncd.syncstate")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.locationd.registration")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.identityservicesd.embedded.auth")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.PowerManagement.control")
+	(global-name "com.apple.SBUserNotification")
+	(global-name "com.apple.coreduetd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.spotlight.IndexAgent")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.awdd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.usernotification.notificationregistrar")
+	(global-name "com.apple.frontboard.systemappservices")
+	(global-name "com.apple.cmfsyncagent.embedded.auth")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.locationd.spi")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.system.libinfo.muser")
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.ids")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.demo-settings")
+	(preference-domain "com.apple.locationd")
+	(preference-domain "com.apple.icloud.findmydeviced.postwipe")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.icloud.findmydeviced.public.notbackedup")
+	(preference-domain "com.apple.nanoprefsyncd")
+	(preference-domain "com.apple.healthlite")
+	(preference-domain "com.apple.Fitness")
+	(preference-domain "com.apple.CoreMotion")
+	(preference-domain "com.apple.nanolifestyle")
+	(preference-domain "com.apple.pairedsync")
+	(preference-domain "com.apple.CoreDuet")
+	(preference-domain "com.apple.nanolifestyle.privacy")
+	(preference-domain "com.apple.GEO")
+	(preference-domain "com.apple.marco")
+	(preference-domain "com.apple.carrier")
+	(preference-domain "com.apple.companionsync")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.NanoRegistry")
+	(preference-domain "com.apple.DataMigration")
+	(preference-domain "com.apple.healthd")
+	(preference-domain "com.apple.logging")
+	(preference-domain "com.apple.MobileAsset")
+	(preference-domain "com.apple.conference")
+	(preference-domain "com.apple.AOSNotification.public.notbackedup")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.Fitness")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.healthd")
+	(preference-domain "com.apple.nanolifestyle")
+	(preference-domain "com.apple.nanolifestyle.privacy"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/healthd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/healthd.sb.xml
new file mode 100644
index 00000000..c9d99090
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/healthd.sb.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/iapd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/iapd.sb
new file mode 100644
index 00000000..fd7d8775
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/iapd.sb
@@ -0,0 +1,559 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]iapd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]iapd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]iapd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]iapd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]iapd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]iapd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]iapd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]iapd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]iapd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]iapd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]iapd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]iapd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-map-executable)
+(allow file-read*
+	(subpath-prefix "${HOME}/Media/Radio")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.TelephonyUtilities.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles")
+	(subpath-prefix "${HOME}/Library/CallHistoryDB")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.medialibrary.plist")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.iap2d")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.logging.plist")
+	(literal-prefix "${HOME}/Library/Preferences/com.apple.assistivetouchd.enabled.launchd")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/iapd")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.suggestions.plist")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.mobilegestalt.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Preferences.plist")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath "/System/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoRegistry.plist")
+	(subpath "/private/var/db/timezone")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.wifi.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.UIKit.plist")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/haywire")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.EmojiPreferences.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.backedup.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(extension "com.apple.sandbox.executable")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.support.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.pairedsync.plist")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(subpath "/private/var/tmp")
+	(subpath "/usr/sbin")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/mp")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.radios.plist")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/iap2d")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.da.plist")
+	(subpath-prefix "${HOME}/Library/Logs/CrashReporter/Panics")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath-prefix "${HOME}/Media/iTunes_Control")
+	(literal-prefix "${FRONT_USER_HOME}/Library/ExternalAccessory")
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Caches/GeoServices/tguid.bin"))
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+			(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+			(literal "/dev/random")
+			(subpath-prefix "${FRONT_USER_HOME}/Library/Caches/GeoServices")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreDuet.plist")
+			(literal "/dev/urandom")
+			(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iaptransportd.plist")
+			(literal "/dev/aes_0")
+			(subpath "/private/var/containers/Data/System/com.apple.geod")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+			(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+			(literal "/dev/null")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+			(literal "/dev/ptmx")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.homesharing.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AOSNotification.public.notbackedup.plist")
+			(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+			(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+			(literal "/dev/dtracehelper")
+			(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaremote.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.postwipe.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Accessibility.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataMigration.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iokit.IOMobileGraphicsFamily.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+			(literal "/dev/zero")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.public.notbackedup.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.videos.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iap2d.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iapd.plist")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(vnode-type TTY)
+				(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]iapd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]iapd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]iapd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]iapd$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+				(subpath-prefix "${FRONT_USER_HOME}"))
+			(require-all
+				(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+				(extension "com.apple.sandbox.pty"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]iapd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]iapd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]iapd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]iapd$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type BLOCK-DEVICE)
+				(vnode-type CHARACTER-DEVICE)
+				(require-any
+					(literal "/private/etc/hosts")
+					(literal "/private/etc/group")
+					(literal "/private/etc/passwd")
+					(literal "/")
+					(literal "/private/etc/protocols")
+					(literal "/private/etc/services")
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+						(require-entitlement "com.apple.coreduetd.people"))))
+			(require-all
+				(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+				(extension "com.apple.tcc.kTCCServiceAddressBook"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+			(require-all
+				(subpath-prefix "${HOME}/Library/AddressBook")
+				(extension "com.apple.tcc.kTCCServiceAddressBook"))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]iapd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]iapd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]iapd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]iapd$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles$" #"^/private/var/mobile/Library/ConfigurationProfiles/" #"^/private/var/mobile/Library/UserConfigurationProfiles$" #"^/private/var/mobile/Library/UserConfigurationProfiles/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ExternalAccessory/ea[.0-9]+$" #"^/private/var/euser[0-9]+/Library/ExternalAccessory/ea[.0-9]+$")
+		(subpath-prefix "${FRONT_USER_HOME}")))
+(allow file-read-metadata)
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${HOME}/Library/Preferences/com.apple.assistivetouchd.enabled.launchd")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath-prefix "${HOME}/Media/Radio")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/mp")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/haywire")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/iapd")
+	(subpath-prefix "${HOME}/Library/CallHistoryDB")
+	(subpath-prefix "${HOME}/Media/iTunes_Control")
+	(subpath-prefix "${HOME}/Library/Logs/CrashReporter/Panics")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.iap2d")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/iap2d")
+	(subpath "/private/var/tmp")
+	(require-all
+		(regex #"^/private/var/mobile/Library/ExternalAccessory/ea[.0-9]+$" #"^/private/var/euser[0-9]+/Library/ExternalAccessory/ea[.0-9]+$")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Caches/GeoServices/tguid.bin"))
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.videos.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaremote.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iap2d.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iapd.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iaptransportd.plist")
+			(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Accessibility.plist")
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+				(extension "com.apple.tcc.kTCCServiceAddressBook"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/AddressBook")
+				(extension "com.apple.tcc.kTCCServiceAddressBook"))
+			(require-all
+				(vnode-type BLOCK-DEVICE)
+				(vnode-type CHARACTER-DEVICE)
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]iapd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]iapd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]iapd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]iapd$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]iapd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]iapd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]iapd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]iapd$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]iapd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]iapd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]iapd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]iapd$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${FRONT_USER_HOME}/Library/ExternalAccessory"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.private.safe-move.send")))))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open)
+(allow iokit-set-properties)
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup)
+(allow mach-register
+	(global-name "com.apple.iaptransportd.ExternalAccessory.distributednotification.server")
+	(global-name "com.apple.iap2d.ExternalAccessory.distributednotification.server")
+	(global-name "com.apple.ExternalAccessory.distributednotification.server")
+	(require-all
+		(extension "com.apple.security.exception.mach-register.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(extension "com.apple.security.exception.mach-register.global-name")
+		(global-name-regex #".+")))
+(allow network-bind
+	(require-all
+		(regex #"^/private/var/mobile/Library/ExternalAccessory/ea[.0-9]+$" #"^/private/var/euser[0-9]+/Library/ExternalAccessory/ea[.0-9]+$")
+		(subpath-prefix "${FRONT_USER_HOME}")))
+(allow network-outbound
+	(require-all
+		(require-not (regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
+		(require-any
+			(remote udp "*:*")
+			(remote tcp "*:*")
+			(literal "/private/var/run/lockdown.sock")
+			(literal "/private/var/run/mDNSResponder")
+			(control-name "com.apple.netsrc")
+			(control-name "com.apple.network.statistics")
+			(literal "/private/var/run/syslog"))))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.Preferences")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.NanoRegistry")
+	(preference-domain "com.apple.itunesstored")
+	(preference-domain "com.apple.avfoundation")
+	(preference-domain "com.apple.iaptransportd")
+	(preference-domain "com.apple.coreaudio")
+	(preference-domain "com.apple.medialibrary")
+	(preference-domain "com.apple.suggestions")
+	(preference-domain "com.apple.assistant.support")
+	(preference-domain "com.apple.corevideo")
+	(preference-domain "com.apple.EmojiPreferences")
+	(preference-domain "com.apple.homesharing")
+	(preference-domain "com.apple.iapd")
+	(preference-domain "com.apple.mobileipod")
+	(preference-domain "com.apple.pairedsync")
+	(preference-domain "com.apple.CoreDuet")
+	(preference-domain "com.apple.mediaremote")
+	(preference-domain "com.apple.iap2d")
+	(preference-domain "com.apple.GEO")
+	(preference-domain "com.apple.da")
+	(preference-domain "com.apple.UIKit")
+	(preference-domain "com.apple.iokit.IOMobileGraphicsFamily")
+	(preference-domain "com.apple.carrier")
+	(preference-domain "com.apple.icloud.findmydeviced.public.notbackedup")
+	(preference-domain "com.apple.coremedia")
+	(preference-domain "com.apple.icloud.findmydeviced.postwipe")
+	(preference-domain "com.apple.assistant.backedup")
+	(preference-domain "com.apple.DataMigration")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.TelephonyUtilities")
+	(preference-domain "com.apple.videos")
+	(preference-domain "com.apple.demo-settings")
+	(preference-domain "com.apple.assistant.logging")
+	(preference-domain "com.apple.logging")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.Accessibility")
+	(preference-domain "com.apple.AOSNotification.public.notbackedup")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.Accessibility")
+	(preference-domain "com.apple.mobileipod")
+	(preference-domain "com.apple.iap2d")
+	(preference-domain "com.apple.iaptransportd")
+	(preference-domain "com.apple.videos")
+	(preference-domain "com.apple.iapd")
+	(preference-domain "com.apple.itunesstored")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.mediaremote"))
+(allow process-exec*
+	(literal "/System/Library/PrivateFrameworks/IAP.framework/Support/iap2d")
+	(literal "/System/Library/PrivateFrameworks/IAP.framework/Support/iapd"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-kext-load
+	(kext-bundle-id "com.apple.driver.AppleUSBAudio")
+	(kext-bundle-id "com.apple.driver.AppleUSBDeviceAudioController")
+	(kext-bundle-id "com.apple.driver.usb.IOUSBHostHIDDevice")
+	(kext-bundle-id "com.apple.driver.usb.cdc.ecm")
+	(kext-bundle-id "com.apple.driver.usb.networking")
+	(kext-bundle-id "com.apple.driver.usb.cdc.ncm")
+	(kext-bundle-id "com.apple.driver.usb.cdc"))
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/iapd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/iapd.sb.xml
new file mode 100644
index 00000000..5885e3b4
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/iapd.sb.xml
@@ -0,0 +1,43 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="file-read-metadata" action="allow" />
+	<operation name="iokit-open" action="allow" />
+	<operation name="iokit-set-properties" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="mach-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/identityservicesd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/identityservicesd.sb
new file mode 100644
index 00000000..e44936e8
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/identityservicesd.sb
@@ -0,0 +1,576 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.identityservices.deliver")
+		(subpath-prefix "${HOME}/Library/IdentityServices"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+	(literal "/bin/sh")
+	(literal "/dev/null")
+	(literal "/dev/urandom")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.da.plist")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ids.deviceproperties.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.imessage.plist")
+	(literal-prefix "${HOME}/Library/Logs/awd/awd-identityservicesd.log")
+	(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.radios.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.conference.plist")
+	(extension "com.apple.identityservices.send")
+	(literal "/dev/zero")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.facetime.bag.plist")
+	(subpath "/AppleInternal")
+	(literal "/dev/ptmx")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.identityservices.idstatuscache.plist")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.setmme")
+	(extension "com.apple.sandbox.executable")
+	(subpath "/System/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoRegistry.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.registration.plist")
+	(subpath "/private/var/db/timezone")
+	(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+	(literal "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/EffectiveUserSettings.plist")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.migration.plist")
+	(literal "/dev/aes_0")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.persistentconnection.plist")
+	(subpath-prefix "${HOME}/Library/Logs/CrashReporter")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.purplebuddy.notbackedup.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(literal "/private/var/preferences/SystemConfiguration/preferences.plist")
+	(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.imessage.bag.plist")
+	(literal-prefix "${HOME}/Library/Preferences/com.apple.ids.service.")
+	(subpath "/Developer")
+	(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ids.subservices.plist")
+	(literal "/dev/random")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+	(literal "/dev/dtracehelper")
+	(subpath-prefix "${HOME}/Library/IdentityServices")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.identityservicesd.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.pairedsync.plist")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal "/usr/local/bin/figplaySS")
+	(subpath "/usr/lib")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataMigration.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.purplebuddy.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ids.plist")
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]identityservicesd" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]identityservicesd" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]identityservicesd")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/EffectiveUserSettings.plist$" #"^/private/var/mobile/Library/UserConfigurationProfiles/EffectiveUserSettings.plist$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/EffectiveUserSettings.plist$")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle$" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/Info[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/Info[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[.]lproj$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[.]lproj$" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[^/]+[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[^/]+[.]lproj$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[^/]+[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[^/]+[.]lproj$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]bundle$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]bundle/Info[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/((.*[.]bundle/|[.]bundle/[^/]+)|.+[.]bundle/[^/]+)[.]lproj/" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/((.*[.]bundle/|[.]bundle/[^/]+)|.+[.]bundle/[^/]+)[.]lproj$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")
+	(literal-prefix "${HOME}/Library/PPTDevice")
+	(vnode-type SYMLINK)
+	(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(literal-prefix "${HOME}/Library/Logs/awd")
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/awd"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataMigration.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.identityservices.idstatuscache.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath-prefix "${HOME}/Library/Logs/CrashReporter")
+	(subpath-prefix "${HOME}/Library/IdentityServices")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.identityservicesd.plist")
+	(literal-prefix "${HOME}/Library/Logs/awd/awd-identityservicesd.log")
+	(extension "com.apple.identityservices.send")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ids.deviceproperties.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.conference.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ids.subservices.plist")
+	(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+	(literal-prefix "${HOME}/Library/Preferences/com.apple.ids.service.")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.imessage.bag.plist")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ids.plist")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.facetime.bag.plist")
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]identityservicesd" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]identityservicesd" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]identityservicesd")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people")))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/awd"))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.private.safe-move.send"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(require-any
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection"))))))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.nano.nanoregistry.paireddeviceregistry")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.server.bluetooth.le.pipe.xpc")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.fairplayd.versioned")
+	(global-name "com.apple.mediaserverd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.mobileactivationd")
+	(global-name "com.apple.server.bluetooth")
+	(global-name "com.apple.marco")
+	(global-name "com.apple.absd")
+	(global-name "com.apple.PowerManagement.control")
+	(global-name "com.apple.server.bluetooth.le.att.xpc")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.idsremoteurlconnectionagent.embedded.auth")
+	(global-name "com.apple.coreduetd")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.WirelessCoexManager")
+	(global-name "com.apple.cmfsyncagent.embedded.auth")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.powerlog.plxpclogger.xpc")
+	(global-name "com.apple.datamigrator")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.SBUserNotification")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.apsd")
+	(global-name "com.apple.mobile.keybagd.UserManager.xpc")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.imtransferservices.IMTransferAgent")
+	(global-name "com.apple.wirelessproxd")
+	(global-name "com.apple.wifi.manager")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.awdd")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.absinthed")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.idscredentialsagent.embedded.auth")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.mobile.keybagd.xpc")
+	(global-name-regex #"-idswake$" #".+-idswake$")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.pairedsyncd.syncstate")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.xpcd")
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow network-inbound
+	(local ip "*:*"))
+(allow network-outbound
+	(require-all
+		(require-not (regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
+		(require-any
+			(literal "/private/var/run/mDNSResponder")
+			(control-name "com.apple.network.statistics")
+			(literal "/private/var/run/lockdown.sock")
+			(literal "/private/var/run/syslog")
+			(remote ip "*:*")
+			(control-name "com.apple.netsrc"))))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.ids")
+	(preference-domain "com.apple.migration")
+	(preference-domain "com.apple.imessage")
+	(preference-domain "com.apple.ids.subservices")
+	(preference-domain "com.apple.purplebuddy")
+	(preference-domain "com.apple.facetime.bag")
+	(preference-domain "com.apple.pairedsync")
+	(preference-domain "com.apple.imessage.bag")
+	(preference-domain "com.apple.da")
+	(preference-domain "com.apple.registration")
+	(preference-domain "com.apple.persistentconnection")
+	(preference-domain "com.apple.purplebuddy.notbackedup")
+	(preference-domain "com.apple.carrier")
+	(preference-domain "com.apple.identityservicesd")
+	(preference-domain "com.apple.identityservices.idstatuscache")
+	(preference-domain "com.apple.DataMigration")
+	(preference-domain "com.apple.NanoRegistry")
+	(preference-domain "com.apple.ids.deviceproperties")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.demo-settings")
+	(preference-domain "com.apple.marco")
+	(preference-domain "com.apple.logging")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.conference")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.DataMigration")
+	(preference-domain "com.apple.ids")
+	(preference-domain "com.apple.ids.deviceproperties")
+	(preference-domain "com.apple.imessage.bag")
+	(preference-domain "com.apple.ids.subservices")
+	(preference-domain "com.apple.identityservicesd")
+	(preference-domain "com.apple.facetime.bag")
+	(preference-domain "com.apple.identityservices.idstatuscache")
+	(preference-domain "com.apple.conference"))
+(allow process-exec*
+	(literal "/bin/sh")
+	(literal "/usr/local/bin/figplaySS"))
+(allow process-fork)
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/identityservicesd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/identityservicesd.sb.xml
new file mode 100644
index 00000000..78d52661
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/identityservicesd.sb.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-fork" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/itunesstored.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/itunesstored.sb
new file mode 100644
index 00000000..73ea0ee5
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/itunesstored.sb
@@ -0,0 +1,569 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(subpath-prefix "${HOME}/Library/Caches/sharedCaches"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Caches/sharedCaches"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]itunesstored/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]itunesstored$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]itunesstored/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]itunesstored$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]itunesstored/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]itunesstored$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]itunesstored/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]itunesstored$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]itunesstored/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]itunesstored$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]itunesstored/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]itunesstored$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.StreamingUnzipService")
+		(subpath-prefix "${HOME}/Media/Downloads"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Caches/sharedCaches"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/Applications")
+	(subpath "/System/Library")
+	(literal "/dev/urandom")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.medialibrary.plist")
+	(literal "/usr/libexec")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal "/dev/zero")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(literal-prefix "${HOME}/Library/Caches/Checkpoint.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.homesharing.plist")
+	(subpath-prefix "${HOME}/Library/Caches/Snapshots")
+	(subpath-prefix "${HOME}/Library/Logs/com.apple.itunesstored")
+	(literal "/dev/ptmx")
+	(subpath-prefix "${HOME}/Media")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.storeServices.analytics")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.iTunesStore")
+	(subpath "/private/var/db/timezone")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iokit.IOMobileGraphicsFamily.plist")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+	(literal "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/EffectiveUserSettings.plist")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath "/private/var/containers/Bundle")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal "/dev/aes_0")
+	(subpath-prefix "${HOME}/Library/MusicLibrary")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(extension "com.apple.sandbox.executable")
+	(subpath "/usr/share")
+	(subpath "/Developer")
+	(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(subpath "/private/var/tmp")
+	(subpath-prefix "${HOME}/Library/com.apple.itunesstored")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileAsset.plist")
+	(literal "/dev/random")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+	(literal "/dev/dtracehelper")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.persistentconnection.plist")
+	(subpath-prefix "${HOME}/Library/Caches/sharedCaches")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(require-all
+		(subpath "/private/var/MobileAsset")
+		(extension "com.apple.assets.read"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]itunesstored/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]itunesstored$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]itunesstored/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]itunesstored$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]itunesstored/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]itunesstored$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]itunesstored/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]itunesstored$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(debug-mode)
+		(require-any
+			(subpath "/AppleInternal/Applications")
+			(subpath "/private/var/mobile/XcodeBuiltProducts")))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]itunesstored/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]itunesstored$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]itunesstored/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]itunesstored$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]itunesstored" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]itunesstored" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]itunesstored")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/StoreKit/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/StoreKit$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Library/StoreKit/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Library/StoreKit$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Assets")
+		(extension "com.apple.assets.read"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/EffectiveUserSettings.plist$" #"^/private/var/mobile/Library/UserConfigurationProfiles/EffectiveUserSettings.plist$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/EffectiveUserSettings.plist$")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")
+	(vnode-type SYMLINK)
+	(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(literal-prefix "${HOME}/Library/Caches")
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+	(subpath-prefix "${HOME}/Media")
+	(subpath-prefix "${HOME}/Library/Logs/com.apple.itunesstored")
+	(subpath-prefix "${HOME}/Library/MusicLibrary")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.storeServices.analytics")
+	(subpath-prefix "${HOME}/Library/Caches/sharedCaches")
+	(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.iTunesStore")
+	(literal-prefix "${HOME}/Library/Caches/Checkpoint.plist")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+	(subpath "/private/var/tmp")
+	(subpath-prefix "${HOME}/Library/com.apple.itunesstored")
+	(subpath-prefix "${HOME}/Library/Caches/Snapshots")
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]itunesstored/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]itunesstored$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]itunesstored/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]itunesstored$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]itunesstored" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]itunesstored" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]itunesstored")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/StoreKit/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/StoreKit$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Library/StoreKit/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Library/StoreKit$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]itunesstored/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]itunesstored$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]itunesstored/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]itunesstored$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]itunesstored/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]itunesstored$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]itunesstored/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]itunesstored$")
+		(subpath-prefix "${HOME}")))
+(allow file-write-create
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type DIRECTORY)
+				(require-any
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.private.safe-move.send"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches")))))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open
+	(extension "com.apple.security.exception.iokit-user-client-class")
+	(iokit-user-client-class "com_apple_driver_FairPlayIOKitUserClient")
+	(iokit-user-client-class "IOMobileFramebufferUserClient")
+	(iokit-user-client-class "AppleKeyStoreUserClient"))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.mobileassetd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.medialibraryd.xpc")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.fairplayd.versioned")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.coremedia.asset")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.absd")
+	(global-name "com.apple.PowerManagement.control")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.powerlog.plxpclogger.xpc")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.springboard.services")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.lsd.modifydb")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.ProgressReporting")
+	(global-name "com.apple.SBUserNotification")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.usernotification.notificationregistrar")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.coremedia.sandboxserver")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.apsd")
+	(global-name "com.apple.springboard.backgroundappservices")
+	(global-name "com.apple.mobile.installd")
+	(global-name "com.apple.coremedia.admin")
+	(global-name "com.apple.wifi.manager")
+	(global-name "com.apple.adid")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.biometrickitd")
+	(global-name "com.apple.AssetCacheLocatorService")
+	(global-name "com.apple.mediaartworkd.xpc")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.cache_delete")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.absinthed")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.ondemandd.itunesstored")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.mobile.keybagd.xpc")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.usernotification.notificationscheduler")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.lsd.xpc")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.mobilecheckpoint.checkpointd")
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.iokit.IOMobileGraphicsFamily")
+	(preference-domain "com.apple.itunesstored")
+	(preference-domain "com.apple.MobileAsset")
+	(preference-domain "com.apple.homesharing")
+	(preference-domain "com.apple.persistentconnection")
+	(preference-domain "com.apple.medialibrary")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.itunesstored"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/itunesstored.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/itunesstored.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/itunesstored.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/keyboard.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/keyboard.sb
new file mode 100644
index 00000000..4f5d5d43
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/keyboard.sb
@@ -0,0 +1,419 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Caches/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Caches$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Caches/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Caches$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(require-all
+				(extension "com.apple.sandbox.container")
+				(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.container")
+				(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/iTunesArtwork$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/iTunesArtwork$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.application-group")
+		(regex #"^/private/var/mobile/Containers/Shared/AppGroup/[-0-9A-Z]+/" #"^/private/var/mobile/Containers/Shared/AppGroup/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Containers/Shared/AppGroup/[-0-9A-Z]+/" #"^/private/var/euser[0-9]+/Containers/Shared/AppGroup/[-0-9A-Z]+$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.application-group")
+		(regex #"^/private/var/mobile/Containers/Shared/AppGroup/[-0-9A-Z]+/" #"^/private/var/mobile/Containers/Shared/AppGroup/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Containers/Shared/AppGroup/[-0-9A-Z]+/" #"^/private/var/euser[0-9]+/Containers/Shared/AppGroup/[-0-9A-Z]+$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+		(subpath-prefix "${HOME}")))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iokit.IOMobileGraphicsFamily.plist")
+	(literal "/dev/urandom")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Accessibility.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.UIKit.plist")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal "/dev/dtracehelper")
+	(literal "/dev/zero")
+	(subpath "/usr/share")
+	(literal "/dev/random")
+	(extension "com.apple.sandbox.executable")
+	(subpath "/System/Library")
+	(literal "/com.apple.xpc.launchd.bootstrap.plist")
+	(subpath "/private/var/db/timezone")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/dev/ptmx")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.UIStatusBar")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal "/dev/aes_0")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(require-all
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/iTunesArtwork$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/iTunesArtwork$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.application-group")
+		(regex #"^/private/var/mobile/Containers/Shared/AppGroup/[-0-9A-Z]+/" #"^/private/var/mobile/Containers/Shared/AppGroup/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Containers/Shared/AppGroup/[-0-9A-Z]+/" #"^/private/var/euser[0-9]+/Containers/Shared/AppGroup/[-0-9A-Z]+$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal "/private/var/run/syslog")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/iTunesMetadata[.]plist$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/iTunesMetadata[.]plist$")
+		(subpath-prefix "${HOME}")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(require-all
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(require-not (vnode-type BLOCK-DEVICE))
+		(require-not (vnode-type CHARACTER-DEVICE))
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people")))
+(allow file-write-create
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/Inbox/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/Inbox$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/Inbox/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/Inbox$")
+		(subpath-prefix "${HOME}")))
+(allow iokit-open
+	(extension "com.apple.security.exception.iokit-user-client-class")
+	(iokit-user-client-class "AppleJPEGDriverUserClient")
+	(iokit-user-client-class "IOAccelDevice2")
+	(iokit-user-client-class "IOAccelDevice")
+	(iokit-user-client-class "IOSurfaceSendRight")
+	(iokit-user-client-class "IOAccelSharedUserClient2")
+	(iokit-user-client-class "IOAccelContext")
+	(iokit-user-client-class "IOAccelSharedUserClient")
+	(iokit-user-client-class "IOSurfaceAcceleratorClient")
+	(iokit-user-client-class "IOSurfaceRootUserClient")
+	(iokit-user-client-class "AppleKeyStoreUserClient")
+	(iokit-user-client-class "IOMobileFramebufferUserClient")
+	(iokit-user-client-class "IOAccelSubmitter2")
+	(iokit-user-client-class "IOAccelContext2"))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.assertiond.expiration")
+	(global-name "com.apple.CARenderServer")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.iohideventsystem")
+	(global-name "PurpleSystemEventPort")
+	(global-name "com.apple.springboard.backgroundappservices")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.iphone.axserver-systemwide")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.springboard.services")
+	(global-name "com.apple.frontboard.workspace")
+	(global-name "com.apple.UIKit.statusbarserver")
+	(global-name "com.apple.gpumemd.source")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.backboard.animation-fence-arbiter")
+	(global-name "com.apple.coremedia.admin")
+	(global-name "com.apple.backboard.hid.services")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.usernotification.notificationscheduler")
+	(global-name "com.apple.backboard.display.services")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.TextInput.lexicon-server")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.UIKit.KeyboardManagement.hosted")
+	(global-name "com.apple.audio.SystemSoundServer-iOS")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.fig.movie")
+	(global-name "com.apple.backboard.TouchDeliveryPolicyServer")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.cvmsServ")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.usernotification.notificationregistrar")
+	(global-name "com.apple.frontboard.systemappservices")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.uikit.GestureServer")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.coremedia.sandboxserver")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.system.libinfo.muser")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private")))
+(allow mach-register
+	(local-name "com.apple.iphone.axserver")
+	(require-all
+		(extension "com.apple.security.exception.mach-register.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(extension "com.apple.security.exception.mach-register.global-name")
+		(global-name-regex #".+")))
+(allow network-inbound
+	(require-all
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+		(subpath-prefix "${HOME}")))
+(allow network-outbound
+	(require-all
+		(require-not (regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
+		(require-any
+			(literal "/private/var/run/syslog")
+			(require-all
+				(extension "com.apple.sandbox.container")
+				(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+				(subpath-prefix "${HOME}")))))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.UIKit")
+	(preference-domain "com.apple.iokit.IOMobileGraphicsFamily")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.Accessibility")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow process-info-pidinfo
+	(require-entitlement "com.apple.security.exception.process-info"))
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/keyboard.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/keyboard.sb.xml
new file mode 100644
index 00000000..bc9a832f
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/keyboard.sb.xml
@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/librariand.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/librariand.sb
new file mode 100644
index 00000000..787af27d
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/librariand.sb
@@ -0,0 +1,353 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension-class "com.apple.app-sandbox.read")
+			(extension-class "com.apple.librarian.ubiquity-container")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Application Support/Ubiquity/genstore")
+		(extension-class "com.apple.librarian.ubiquity-revision"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath-prefix "${HOME}/Library/Application Support/Ubiquity/genstore")
+	(literal "/dev/random")
+	(subpath-prefix "${HOME}/Library/Mobile Documents")
+	(literal "/dev/urandom")
+	(literal "/dev/ptmx")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/System/Library")
+	(literal "/dev/aes_0")
+	(literal "/dev/dtracehelper")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(extension "com.apple.sandbox.executable")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(literal-prefix "${HOME}/Library/Application Support")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(subpath "/Developer")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal "/dev/zero")
+	(subpath "/usr/lib")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(subpath "/usr/share")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.appleaccount.plist")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(subpath "/private/var/db/timezone")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.librariand.plist")
+	(subpath-prefix "${HOME}/Library/Application Support/Librarian")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/CrashReporter/DiagnosticLogs/librariand.log" #"^/private/var/euser[0-9]+/Library/Logs/CrashReporter/DiagnosticLogs/librariand.log")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-read-metadata)
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath-prefix "${HOME}/Library/Application Support/Ubiquity/genstore")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.librariand.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.appleaccount.plist")
+	(subpath-prefix "${HOME}/Library/Mobile Documents")
+	(literal-prefix "${HOME}/Library/Application Support")
+	(subpath "/private/var/tmp")
+	(subpath-prefix "${HOME}/Library/Application Support/Librarian")
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/CrashReporter/DiagnosticLogs/librariand.log" #"^/private/var/euser[0-9]+/Library/Logs/CrashReporter/DiagnosticLogs/librariand.log")
+		(subpath-prefix "${HOME}")))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/CrashReporter"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.mobile.installd")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.ubd")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.SBUserNotification")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.FileCoordination")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.lsd.icons")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.appleaccount")
+	(preference-domain "com.apple.librariand")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.appleaccount")
+	(preference-domain "com.apple.librariand"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/librariand.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/librariand.sb.xml
new file mode 100644
index 00000000..e8f17749
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/librariand.sb.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="file-read-metadata" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/limitadtrackingd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/limitadtrackingd.sb
new file mode 100644
index 00000000..d4d54c6f
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/limitadtrackingd.sb
@@ -0,0 +1,170 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal "/dev/random")
+	(literal "/usr/libexec")
+	(literal "/dev/urandom")
+	(literal "/dev/ptmx")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/System/Library")
+	(literal "/dev/aes_0")
+	(literal "/dev/dtracehelper")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.sandbox.executable")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(subpath "/Developer")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal "/dev/zero")
+	(subpath "/usr/lib")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AdLib.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(subpath "/usr/share")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(subpath "/private/var/db/timezone")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal "/usr/libexec/limitadtrackingd")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-read-metadata)
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.AdSheetPhone.management")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.frontboard.systemappservices")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.lsd.icons")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.AdLib")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/limitadtrackingd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/limitadtrackingd.sb.xml
new file mode 100644
index 00000000..e8f17749
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/limitadtrackingd.sb.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="file-read-metadata" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/lockdownd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/lockdownd.sb
new file mode 100644
index 00000000..4343b3ca
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/lockdownd.sb
@@ -0,0 +1,347 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/private/var/run/lockdown")
+	(literal "/dev/urandom")
+	(literal "/usr/libexec")
+	(literal "/private/var/run/lockdown.sock")
+	(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+	(subpath "/Applications/Preferences.app")
+	(literal "/dev/zero")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(literal-prefix "${HOME}/Library/Caches/Checkpoint.plist")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(subpath "/AppleInternal/Lockdown")
+	(literal "/usr/libexec/lockdownd")
+	(literal "/dev/ptmx")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+	(extension "com.apple.sandbox.executable")
+	(subpath "/System/Library")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(subpath "/private/var/db/timezone")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath "/private/var/root/Library/Lockdown")
+	(literal "/dev/aes_0")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(subpath-prefix "${FRONT_USER_HOME}/Media")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(literal "/private/etc/master.passwd")
+	(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+	(subpath "/Developer")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(subpath "/private/var/logs")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+	(subpath "/private/var/preferences/SystemConfiguration")
+	(literal "/dev/random")
+	(literal "/dev/dtracehelper")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal "/private/var/db/launchd.db/com.apple.launchd/overrides.plist")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/usr/share")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(regex #"^/private/var/root/Library/Preferences/com[.]apple[.]mobile[.]lockdownd[.]plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.purplebuddy.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(subpath-prefix "${FRONT_USER_HOME}/Library/Notes")
+		(vnode-type DIRECTORY))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(subpath-prefix "${FRONT_USER_HOME}/Library/Calendar")
+		(vnode-type DIRECTORY))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle$" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/Info[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/Info[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[.]lproj$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[.]lproj$" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[^/]+[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/[.]bundle/[^/]+[.]lproj$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[^/]+[.]lproj/" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]bundle/[^/]+[.]lproj$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]bundle$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]bundle/Info[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/((.*[.]bundle/|[.]bundle/[^/]+)|.+[.]bundle/[^/]+)[.]lproj/" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/((.*[.]bundle/|[.]bundle/[^/]+)|.+[.]bundle/[^/]+)[.]lproj$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.WebAppCache")
+		(vnode-type DIRECTORY))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal "/private/var/run/lockdown_first_run")
+		(vnode-type REGULAR-FILE))
+	(require-all
+		(subpath "/private/var/tmp/MediaCache")
+		(vnode-type DIRECTORY))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath-prefix "${FRONT_USER_HOME}/Library/Voicemail")
+		(vnode-type DIRECTORY))
+	(require-all
+		(subpath-prefix "${FRONT_USER_HOME}/Applications")
+		(vnode-type DIRECTORY))
+	(require-all
+		(subpath "/private/var/containers")
+		(vnode-type DIRECTORY))
+	(require-all
+		(subpath-prefix "${FRONT_USER_HOME}/Containers")
+		(vnode-type DIRECTORY))
+	(require-all
+		(subpath-prefix "${FRONT_USER_HOME}/Media")
+		(vnode-type DIRECTORY))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-metadata)
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath "/private/var/run/lockdown")
+	(subpath "/private/var/logs")
+	(subpath "/private/var/root/Library/Lockdown")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal "/private/var/run/lockdown.sock")
+	(regex #"^/private/var/root/Library/Preferences/com[.]apple[.]mobile[.]lockdownd[.]plist")
+	(subpath-prefix "${FRONT_USER_HOME}/Media")
+	(subpath "/private/var/preferences/SystemConfiguration")
+	(require-all
+		(literal "/private/var/run/lockdown_first_run")
+		(vnode-type REGULAR-FILE))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-write-create
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(literal "/private/var/db/timezone")
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open
+	(extension "com.apple.security.exception.iokit-user-client-class")
+	(iokit-user-client-class "AppleEffaceableStorageUserClient")
+	(iokit-user-client-class "com_apple_driver_FairPlayIOKitUserClient")
+	(iokit-user-client-class "AppleNANDFTLUserClient")
+	(iokit-user-client-class "AppleKeyStoreUserClient"))
+(allow iokit-set-properties
+	(iokit-property "auto-boot"))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.AOSNotification")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.mobile.notification_proxy")
+	(global-name "com.apple.mobile.installation_proxy")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.mobile.installd")
+	(global-name "com.apple.timed.xpc")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.syslog_relay")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.mobileactivationd")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.atc2")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.wifi.manager")
+	(global-name "com.apple.fairplayd.versioned")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.crash_mover")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.mobile.insecure_notification_proxy")
+	(global-name "com.apple.ait.client")
+	(global-name "com.apple.webinspector")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.mobile.assertion_agent")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.lockdown.host_watcher")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.PersistentURLTranslator.Gatekeeper")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.mobilecheckpoint.checkpointd")
+	(global-name "com.apple.streaming_zip_conduit")
+	(global-name "com.apple.symptomsd")
+	(global-name-regex #"^lockdown[.]")
+	(global-name "com.apple.afcd")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.crashreportcopymobile")
+	(global-name "com.apple.lsd.mapdb")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.atc")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow network-inbound
+	(local tcp "*:*")
+	(literal "/private/var/run/lockdown.sock")
+	(subpath "/private/var/run/lockdown"))
+(allow network-outbound
+	(require-all
+		(require-not (regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
+		(require-any
+			(literal "/private/var/run/lockbot")
+			(literal "/private/var/run/mDNSResponder")
+			(control-name "com.apple.netsrc")
+			(control-name "com.apple.network.statistics")
+			(literal "/private/var/run/syslog"))))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.carrier")
+	(preference-domain "com.apple.purplebuddy")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/lockdownd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/lockdownd.sb.xml
new file mode 100644
index 00000000..e8f17749
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/lockdownd.sb.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="file-read-metadata" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/lsuseractivityd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/lsuseractivityd.sb
new file mode 100644
index 00000000..660e72f3
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/lsuseractivityd.sb
@@ -0,0 +1,293 @@
+(version 1)
+(deny default)
+(allow distributed-notification-post)
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreservices.useractivityd.plist")
+	(subpath-prefix "${HOME}/Library/Logs/Handoff")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.conference.plist")
+	(subpath-prefix "${HOME}/Library/Logs/useractivityd")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal "/dev/dtracehelper")
+	(literal "/dev/zero")
+	(subpath "/usr/share")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreservices.useractivityd.dynamicuseractivites.plist")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal "/dev/random")
+	(literal "/dev/ptmx")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(subpath "/System/Library")
+	(subpath "/private/var/db/timezone")
+	(literal "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/EffectiveUserSettings.plist")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/dev/urandom")
+	(literal "/dev/aes_0")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(subpath-prefix "${HOME}/Library/Logs/Transport")
+	(extension "com.apple.sandbox.executable")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Sharing.plist")
+	(subpath "/Developer")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaremote.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ids.plist")
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/EffectiveUserSettings.plist$" #"^/private/var/mobile/Library/UserConfigurationProfiles/EffectiveUserSettings.plist$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/EffectiveUserSettings.plist$")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(vnode-type DIRECTORY)
+	(literal-prefix "${HOME}/Library/PPTDevice")
+	(vnode-type SYMLINK)
+	(literal "/private/var/run/syslog")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath-prefix "${HOME}/Library/Logs/Transport")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaremote.plist")
+	(subpath-prefix "${HOME}/Library/Logs/Handoff")
+	(subpath-prefix "${HOME}/Library/Logs/useractivityd")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Sharing.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreservices.useractivityd.dynamicuseractivites.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreservices.useractivityd.plist")
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people")))
+(allow file-write-create
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.CARenderServer")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.SharedWebCredentials")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.mediaremoted.xpc")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.MediaRemote.daemon")
+	(global-name "com.apple.MediaRemote.isrunning")
+	(global-name "com.apple.marco")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.sharingd.nsxpc")
+	(global-name "com.apple.MediaRemote.nowplayingserver")
+	(global-name "com.apple.backboard.hid.services")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.PowerManagement.control")
+	(global-name "com.apple.server.bluetooth")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.awdd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.identityservicesd.embedded.auth")
+	(global-name "com.apple.frontboard.systemappservices")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.ctkd.token-client")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.bird")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.logging")
+	(preference-domain "com.apple.ids")
+	(preference-domain "com.apple.mediaremote")
+	(preference-domain "com.apple.coreservices.useractivityd.dynamicuseractivites")
+	(preference-domain "com.apple.marco")
+	(preference-domain "com.apple.mobileipod")
+	(preference-domain "com.apple.coreservices.useractivityd")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.conference")
+	(preference-domain "com.apple.Sharing")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.Sharing")
+	(preference-domain "com.apple.coreservices.useractivityd.dynamicuseractivites")
+	(preference-domain "com.apple.mediaremote")
+	(preference-domain "com.apple.coreservices.useractivityd"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/lsuseractivityd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/lsuseractivityd.sb.xml
new file mode 100644
index 00000000..4627e68a
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/lsuseractivityd.sb.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="distributed-notification-post" action="allow" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/mDNSResponder.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/mDNSResponder.sb
new file mode 100644
index 00000000..29a0adc1
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/mDNSResponder.sb
@@ -0,0 +1,131 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(regex #"^/private/var/tmp/mds/[0-9]+/" #"^/private/var/tmp/mds/[0-9]+$")
+	(regex #"^/private/var/db/mds/[0-9]+/" #"^/private/var/db/mds/[0-9]+$")
+	(literal "/dev/dtracehelper")
+	(literal "/Library/Managed Preferences")
+	(literal "/private/var/run/mDNSResponder")
+	(literal "/private/var/Managed Preferences/mobile")
+	(literal "/private/var/Managed Preferences/mobile/com.apple.mDNSResponder.plist")
+	(literal "/dev/null")
+	(literal "/dev/urandom")
+	(literal "/private/var/Library/Preferences/")
+	(regex #"^/private/var/folders/[^/]+/[^/]+/-Caches-/mds/" #"^/private/var/folders/[^/]+/[^/]+/-Caches-/mds$")
+	(literal "/dev/random")
+	(regex #"^/private/var/folders/[^/]+/[^/]+/C/mds/" #"^/private/var/folders/[^/]+/[^/]+/C/mds$")
+	(literal "/dev/zero")
+	(require-all
+		(file-mode #o0004)
+		(require-any
+			(subpath "/System")
+			(subpath "/usr/lib")
+			(subpath "/usr/share")
+			(subpath "/private/var/db/dyld"))))
+(allow file-read-data
+	(literal "/private/var/db/crls/crlcache.db")
+	(subpath "/private/var/tmp/mds")
+	(subpath "/private/var/db/mds")
+	(literal "/Library/Keychains/System.keychain")
+	(require-all
+		(require-not (regex #"^/Library/Keychains/"))
+		(require-any
+			(literal "/usr/sbin")
+			(literal "/usr/sbin/mDNSResponder")
+			(regex #"^/Library/Preferences/[.]GlobalPreferences[.]" #"^/Library/Preferences/ByHost/[.]GlobalPreferences[.]")
+			(literal "/private/etc")
+			(literal "/Library/Preferences/SystemConfiguration/com.apple.PowerManagement.plist")
+			(literal "/Library/Preferences/SystemConfiguration/com.apple.nat.plist")
+			(literal "/dev/console")
+			(literal "/Library/Preferences/com.apple.crypto.plist")
+			(literal "/private/var/preferences/SystemConfiguration/preferences.plist")
+			(literal "/Library/Preferences/com.apple.mDNSResponder.plist")
+			(literal "/private/etc/hosts")
+			(literal "/Library/Preferences/SystemConfiguration/preferences.plist")
+			(regex #"^/Library/Preferences/com[.]apple[.]security[.]")
+			(literal "/Library/Security/Trust Settings/Admin.plist"))))
+(allow file-read-metadata)
+(allow file-write*
+	(regex #"^/private/var/tmp/mds/[0-9]+/" #"^/private/var/tmp/mds/[0-9]+$")
+	(regex #"^/private/var/db/mds/[0-9]+/" #"^/private/var/db/mds/[0-9]+$")
+	(literal "/private/var/run/mDNSResponder")
+	(regex #"^/private/var/folders/[^/]+/[^/]+/-Caches-/mds/" #"^/private/var/folders/[^/]+/[^/]+/-Caches-/mds$")
+	(regex #"^/private/var/folders/[^/]+/[^/]+/C/mds/" #"^/private/var/folders/[^/]+/[^/]+/C/mds$")
+	(require-all
+		(regex #"^/cores/")
+		(require-not (file-mode #o0000))))
+(allow file-write-data
+	(literal "/dev/console")
+	(literal "/dev/dtracehelper")
+	(literal "/dev/null")
+	(literal "/dev/zero"))
+(allow iokit-open
+	(iokit-user-client-class "NVEthernetUserClientMDNS")
+	(iokit-user-client-class "mDNSOffloadUserClient")
+	(iokit-user-client-class "RootDomainUserClient")
+	(iokit-user-client-class "wlDNSOffloadUserClient"))
+(allow iokit-get-properties)
+(allow ipc-posix-shm*)
+(allow ipc-posix-shm-read*)
+(allow ipc-posix-shm-read-data)
+(allow ipc-posix-shm-read-metadata)
+(allow ipc-posix-shm-write*)
+(allow ipc-posix-shm-write-create)
+(allow ipc-posix-shm-write-data)
+(allow ipc-posix-shm-write-unlink)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.awdd")
+	(global-name "com.apple.bsd.dirhelper")
+	(global-name "com.apple.server.bluetooth")
+	(global-name "com.apple.snhelper")
+	(global-name "com.apple.ocspd")
+	(global-name "com.apple.system.DirectoryService.libinfo_v1")
+	(global-name "com.apple.mDNSResponderHelper")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.CoreServices.coreservicesd")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.SecurityServer")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.coreservices.quarantine-resolver")
+	(global-name "com.apple.wifi.manager")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.awacs")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.PowerManagement.control")
+	(global-name "com.apple.distributed_notifications.2")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.webcontentfilter.dns")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.blued"))
+(allow mach-register
+	(global-name "com.apple.d2d.ipc"))
+(allow network*)
+(allow network-inbound)
+(allow network-bind)
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow sysctl-read)
+(allow system-privilege)
+(allow system-socket)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/mDNSResponder.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/mDNSResponder.sb.xml
new file mode 100644
index 00000000..fdb457a2
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/mDNSResponder.sb.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="file-read-metadata" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="ipc-posix-shm*" action="allow" />
+	<operation name="ipc-posix-shm-read*" action="allow" />
+	<operation name="ipc-posix-shm-read-data" action="allow" />
+	<operation name="ipc-posix-shm-read-metadata" action="allow" />
+	<operation name="ipc-posix-shm-write*" action="allow" />
+	<operation name="ipc-posix-shm-write-create" action="allow" />
+	<operation name="ipc-posix-shm-write-data" action="allow" />
+	<operation name="ipc-posix-shm-write-unlink" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="network*" action="allow" />
+	<operation name="network-inbound" action="allow" />
+	<operation name="network-bind" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+	<operation name="system-socket" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/mediaanalysisd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/mediaanalysisd.sb
new file mode 100644
index 00000000..5e3f9eac
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/mediaanalysisd.sb
@@ -0,0 +1,612 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(subpath-prefix "${HOME}/Media/DCIM")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(subpath-prefix "${HOME}/Media/PhotoData")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-only")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-only")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(subpath-prefix "${HOME}/Media/PhotoData")
+			(subpath-prefix "${HOME}/Media/PhotoStreamsData")
+			(subpath-prefix "${HOME}/Media/DCIM")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(subpath-prefix "${HOME}/Media")
+		(extension "com.apple.avasset.read-only")
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(subpath-prefix "${HOME}/Media/PhotoStreamsData")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/System/Library")
+	(subpath-prefix "${HOME}/Media/MediaAnalysis")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal-prefix "${HOME}/Library/Caches/Checkpoint.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileslideshow.plist")
+	(subpath "/private/var/db/timezone")
+	(subpath "/Library/Audio/Tunings/Generic/AU")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.UIKit.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(subpath-prefix "${HOME}/Media/PhotoData")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.VideoProcessing.plist")
+	(extension "com.apple.sandbox.executable")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(subpath-prefix "${HOME}/Media/Memories/MediaAnalysis")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/private/var/tmp")
+	(subpath-prefix "${HOME}/Media/PhotoStreamsData")
+	(subpath-prefix "${HOME}/Media/DCIM")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaanalysis.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/usr/share")
+	(subpath "/usr/local/lib")
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(require-not (subpath-prefix "${HOME}/Library/FairPlay"))
+		(require-not (literal "/usr/sbin/fairplayd"))
+		(require-not (subpath-prefix "${HOME}/Media"))
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iokit.IOMobileGraphicsFamily.plist")
+			(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+			(literal "/dev/random")
+			(literal "/dev/urandom")
+			(literal "/dev/aes_0")
+			(literal "/dev/dtracehelper")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+			(literal "/dev/ptmx")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+			(require-all
+				(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Logs/CrashReporter/DiagnosticLogs/com.apple.photos" #"^/private/var/euser[0-9]+/Library/Logs/CrashReporter/DiagnosticLogs/com.apple.photos")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+				(subpath-prefix "${FRONT_USER_HOME}"))
+			(require-all
+				(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+				(extension "com.apple.sandbox.pty"))
+			(require-all
+				(vnode-type TTY)
+				(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(vnode-type BLOCK-DEVICE)
+				(vnode-type CHARACTER-DEVICE)
+				(require-any
+					(literal "/private/etc/hosts")
+					(literal "/private/etc/group")
+					(literal "/private/etc/passwd")
+					(literal "/")
+					(literal "/private/etc/protocols")
+					(literal "/private/etc/services")
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+						(require-entitlement "com.apple.coreduetd.people"))))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(subpath-prefix "${HOME}/Media/PhotoData/Thumbnails")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(subpath-prefix "${HOME}/Media")
+		(extension "com.apple.avasset.read-only")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(subpath-prefix "${HOME}/Media/PhotoData/Sync/FaceAlbumThumbnails")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(subpath-prefix "${HOME}/Media/PhotoData/Metadata")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite-journal")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite-shm")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${HOME}/Media/PhotoData/syncInfo.plist")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite-wal")
+		(extension "com.apple.tcc.kTCCServicePhotos")))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal-prefix "${HOME}/Media/MediaAnalysis")
+	(literal-prefix "${HOME}/Media/Memories")
+	(literal-prefix "${HOME}/Media")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs")
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}/Media/PhotoData")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/CrashReporter"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Media/MediaAnalysis")
+			(literal-prefix "${HOME}/Media/Memories")))
+	(require-all
+		(literal-prefix "${HOME}/Media/PhotoData/Thumbnails")
+		(extension "com.apple.tcc.kTCCServicePhotos")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaanalysis.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.VideoProcessing.plist")
+	(subpath-prefix "${HOME}/Media/MediaAnalysis")
+	(subpath-prefix "${HOME}/Media/Memories/MediaAnalysis")
+	(subpath "/private/var/tmp")
+	(require-all
+		(require-not (subpath-prefix "${HOME}/Media"))
+		(require-any
+			(require-all
+				(regex #"^/private/var/mobile/Library/Logs/CrashReporter/DiagnosticLogs/com.apple.photos" #"^/private/var/euser[0-9]+/Library/Logs/CrashReporter/DiagnosticLogs/com.apple.photos")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+			(require-all
+				(vnode-type BLOCK-DEVICE)
+				(vnode-type CHARACTER-DEVICE)
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people")))))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Media/MediaAnalysis")
+			(literal-prefix "${HOME}/Media/Memories")))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/CrashReporter"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(literal-prefix "${HOME}/Media/Memories")
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open
+	(extension "com.apple.security.exception.iokit-user-client-class")
+	(iokit-user-client-class "AppleJPEGDriverUserClient")
+	(iokit-user-client-class "IOSurfaceSendRight")
+	(iokit-user-client-class "IOSurfaceRootUserClient")
+	(iokit-user-client-class "IOSurfaceAcceleratorClient")
+	(iokit-user-client-class "AppleKeyStoreUserClient")
+	(iokit-user-client-class "IOMobileFramebufferUserClient"))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.coremedia.remaker")
+	(global-name "com.apple.mobilecheckpoint.checkpointd")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.coremedia.mutablecomposition")
+	(global-name "com.apple.xpc.activity.unmanaged")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.CARenderServer")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.coremedia.admin")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.PersistentURLTranslator.Gatekeeper")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.coremedia.asset")
+	(global-name "com.apple.coremedia.assetimagegenerator")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.pluginkit.pkd")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.coremedia.compressionsession")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.assetsd.changehub")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.ctkd.token-client")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.coremedia.sandboxserver")
+	(global-name "com.apple.lsd.icons")
+	(require-all
+		(global-name "com.apple.coremedia.assetimagegenerator")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.mediaserverd")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.pegasus")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.audio.AudioSession")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.asset")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.springboard.backgroundappservices")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(global-name "com.apple.coremedia.recorder")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.sandboxserver")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.itunescloudd.xpc")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.coremedia.videocompositor")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.capturesession")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.capturesource")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.endpoint.xpc")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.fig.movie")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.coremedia.admin")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.remaker")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.mediaanalysis")
+	(preference-domain "com.apple.UIKit")
+	(preference-domain "com.apple.VideoProcessing")
+	(preference-domain "com.apple.iokit.IOMobileGraphicsFamily")
+	(preference-domain "com.apple.mobileslideshow")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(preference-domain "com.apple.mobileipod")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.avfoundation")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.coremedia")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.itunesstored")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.coreaudio")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.corevideo")
+		(extension "com.apple.tcc.kTCCServicePhotos")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.VideoProcessing")
+	(preference-domain "com.apple.mediaanalysis"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/mediaanalysisd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/mediaanalysisd.sb.xml
new file mode 100644
index 00000000..c9d99090
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/mediaanalysisd.sb.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/mediaserverd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/mediaserverd.sb
new file mode 100644
index 00000000..bbcc4f01
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/mediaserverd.sb
@@ -0,0 +1,852 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]mediaserverd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]mediaserverd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]mediaserverd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]mediaserverd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]mediaserverd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]mediaserverd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]mediaserverd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]mediaserverd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.rtcreporting.upload")
+		(subpath-prefix "${HOME}/Library/Caches/com.apple.VideoConference/logs/mediaserverd"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]mediaserverd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]mediaserverd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]mediaserverd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]mediaserverd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.conference.plist")
+	(subpath "/System/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Accessibility.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileAsset.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.settings.bluetooth.audio-route.plist")
+	(subpath-prefix "${HOME}/Library/Logs/awd")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+	(subpath-prefix "${HOME}/Library/Logs/CrashReporter/VoiceTrigger")
+	(subpath "/Library")
+	(subpath-prefix "${HOME}/Media/DCIM")
+	(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+	(literal "/AppleInternal/Library/Conference/Environments.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.voicetrigger.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.voicetrigger.notbackedup.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.bag.plist")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(subpath "/private/var/wireless/Library/Logs/awd")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.rtcreporting.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.facetime.bag.plist")
+	(subpath-prefix "${HOME}/Media/Purchases")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+	(extension "com.apple.mediaserverd.read")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.preferences.sounds.plist")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/mediaserverd")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.locationd.plist")
+	(literal-prefix "${HOME}/Library/Logs/AirPlay.log")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.VideoConference.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.preferences-sounds.plist")
+	(subpath-prefix "${HOME}/Library/Fonts")
+	(subpath "/usr/local/share/firmware/isp")
+	(extension "com.apple.mediaserverd.read-write")
+	(subpath-prefix "${HOME}/Media/Downloads")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoRegistry.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+	(subpath "/private/var/logs/mediaserverd")
+	(subpath "/private/var/db/timezone")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iokit.IOMobileGraphicsFamily.plist")
+	(subpath-prefix "${HOME}/Media/iTunes_Control/Ringtones")
+	(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.audio.virtualaudio.plist")
+	(subpath-prefix "${HOME}/Library/VoiceTrigger")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreMotion.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+	(literal-prefix "${HOME}/Library/Caches/CoreMotion/CoreMotion.log")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.pairedsync.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.facetime.plist")
+	(subpath-prefix "${HOME}/Media/PhotoStreamsData")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.airplay.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.imessage.bag.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreanimation.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.da.plist")
+	(subpath-prefix "${HOME}/Media/Podcasts")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.backedup.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.celestial.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.VideoProcessing.plist")
+	(extension "com.apple.sandbox.executable")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.support.plist")
+	(subpath-prefix "${HOME}/Media/PhotoData/Sync")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+	(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.VideoConference")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.public.plist")
+	(subpath-prefix "${HOME}/Media/PhotoData/CPLAssets")
+	(subpath "/private/var/tmp")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.audio.penguin.plist")
+	(subpath "/usr/sbin")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+	(subpath-prefix "${HOME}/Media/PhotoData/Mutations")
+	(literal "/AppleInternal/Library/Preferences/com.apple.airplay.dashboard.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.springboard.plist")
+	(subpath-prefix "${HOME}/Media/PhotoData/OutboundSharingTmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaremote.plist")
+	(subpath "/usr/local/lib")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath-prefix "${HOME}/Media/Recordings")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.mobilegestalt.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+	(subpath-prefix "${HOME}/Media/iTunes_Control/Music")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ids.plist")
+	(require-all
+		(subpath "/private/var/MobileAsset")
+		(extension "com.apple.assets.read"))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Caches/GeoServices/tguid.bin"))
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+			(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+			(literal "/dev/random")
+			(subpath-prefix "${FRONT_USER_HOME}/Library/Caches/GeoServices")
+			(literal "/dev/urandom")
+			(literal "/dev/ptmx")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.persistentconnection.plist")
+			(literal "/dev/aes_0")
+			(literal "/dev/dtracehelper")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+			(subpath "/private/var/containers/Data/System/com.apple.geod")
+			(literal "/dev/null")
+			(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+			(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+			(literal "/dev/zero")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+			(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+			(require-all
+				(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(vnode-type TTY)
+				(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]mediaserverd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]mediaserverd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]mediaserverd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]mediaserverd$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+			(require-all
+				(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+				(subpath-prefix "${FRONT_USER_HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]mediaserverd" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]mediaserverd" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]mediaserverd")
+				(subpath-prefix "${FRONT_USER_HOME}"))
+			(require-all
+				(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+				(extension "com.apple.sandbox.pty"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mediaserverd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mediaserverd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mediaserverd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mediaserverd$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(vnode-type BLOCK-DEVICE)
+				(vnode-type CHARACTER-DEVICE)
+				(require-any
+					(literal "/private/etc/hosts")
+					(literal "/private/etc/group")
+					(literal "/private/etc/passwd")
+					(literal "/")
+					(literal "/private/etc/protocols")
+					(literal "/private/etc/services")
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+						(require-entitlement "com.apple.coreduetd.people"))))
+			(require-all
+				(vnode-type DIRECTORY)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mediaserverd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mediaserverd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mediaserverd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mediaserverd$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Assets")
+		(extension "com.apple.assets.read")))
+(allow file-read-data
+	(require-all
+		(regex #"^/private/var/mobile/Library/ExternalAccessory/ea[.0-9]+$" #"^/private/var/euser[0-9]+/Library/ExternalAccessory/ea[.0-9]+$")
+		(subpath-prefix "${FRONT_USER_HOME}")))
+(allow file-read-metadata)
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.facetime.plist")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/mediaserverd")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath-prefix "${HOME}/Media/Downloads")
+	(subpath-prefix "${HOME}/Media/PhotoData/Mutations")
+	(literal-prefix "${HOME}/Library/Logs/AirPlay.log")
+	(subpath-prefix "${HOME}/Library/Logs/awd")
+	(subpath-prefix "${HOME}/Library/VoiceTrigger")
+	(subpath-prefix "${HOME}/Media/Podcasts")
+	(subpath-prefix "${HOME}/Media/iTunes_Control/Music")
+	(subpath-prefix "${HOME}/Library/Logs/CrashReporter/VoiceTrigger")
+	(extension "com.apple.mediaserverd.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+	(subpath-prefix "${HOME}/Media/Recordings")
+	(subpath-prefix "${HOME}/Media/PhotoData/OutboundSharingTmp")
+	(subpath-prefix "${HOME}/Media/DCIM")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.celestial.plist")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(literal-prefix "${HOME}/Library/Caches/CoreMotion/CoreMotion.log")
+	(subpath-prefix "${HOME}/Media/PhotoData/Sync")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.conference.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.audio.penguin.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.bag.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.voicetrigger.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.voicetrigger.notbackedup.plist")
+	(subpath "/private/var/logs/mediaserverd")
+	(subpath "/private/var/wireless/Library/Logs/awd")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.audio.virtualaudio.plist")
+	(subpath-prefix "${HOME}/Media/iTunes_Control/Ringtones")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.imessage.bag.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+	(subpath-prefix "${HOME}/Library/Caches/com.apple.VideoConference")
+	(subpath-prefix "${HOME}/Media/Purchases")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+	(subpath-prefix "${HOME}/Media/PhotoData/CPLAssets")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.public.plist")
+	(subpath-prefix "${HOME}/Media/PhotoStreamsData")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.airplay.plist")
+	(extension "com.apple.mediaserverd.read")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.facetime.bag.plist")
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Caches/GeoServices/tguid.bin"))
+		(require-any
+			(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+			(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+			(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]mediaserverd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]mediaserverd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]mediaserverd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]mediaserverd$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+			(require-all
+				(vnode-type DIRECTORY)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mediaserverd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mediaserverd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mediaserverd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mediaserverd$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type BLOCK-DEVICE)
+				(vnode-type CHARACTER-DEVICE)
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]mediaserverd" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]mediaserverd" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]mediaserverd")
+				(subpath-prefix "${FRONT_USER_HOME}"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mediaserverd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mediaserverd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mediaserverd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]mediaserverd$")
+				(subpath-prefix "${HOME}")))))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Logs/CrashReporter"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches/CoreMotion"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.private.safe-move.send"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Logs"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(require-any
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches")))))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(regex #"^/private/var/mobile/Library/ExternalAccessory/ea[.0-9]+$" #"^/private/var/euser[0-9]+/Library/ExternalAccessory/ea[.0-9]+$")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open
+	(extension "com.apple.security.exception.iokit-user-client-class")
+	(iokit-user-client-class "AppleKeyStoreUserClient")
+	(iokit-user-client-class "IOAccelDevice")
+	(iokit-user-client-class "IOSurfaceSendRight")
+	(iokit-user-client-class "IOAudio2DeviceUserClient")
+	(iokit-user-client-class "com_apple_audio_IOBorealisOwlUserClient")
+	(iokit-user-client-class "IOMobileFramebufferUserClient")
+	(iokit-user-client-class "AppleD5500UserClient")
+	(iokit-user-client-class "AppleVXD375UserClient")
+	(iokit-user-client-class "IOAccelContext2")
+	(iokit-user-client-class "AppleH2CamInUserClient")
+	(iokit-user-client-class "AppleVXE380UserClient")
+	(iokit-user-client-class "IOReportUserClient")
+	(iokit-user-client-class "AppleVXD390UserClient")
+	(iokit-user-client-class "IOAccelSharedUserClient")
+	(iokit-user-client-class "AppleH4CamInUserClient")
+	(iokit-user-client-class "IOSurfaceAcceleratorClient")
+	(iokit-user-client-class "AppleVXD393UserClient")
+	(iokit-user-client-class "IOSurfaceRootUserClient")
+	(iokit-user-client-class "AppleH6CamInUserClient")
+	(iokit-user-client-class "H3H264VideoEncoderDriverUserClient")
+	(iokit-user-client-class "RootDomainUserClient")
+	(iokit-user-client-class "AppleSPUHIDDriverUserClient")
+	(iokit-user-client-class "IOAccessoryManagerUserClient")
+	(iokit-user-client-class "IOAccelContext")
+	(iokit-user-client-class "AppleSRSDriverUserClient")
+	(iokit-user-client-class "IOAudioCodecsUserClient")
+	(iokit-user-client-class "AppleH3CamInUserClient")
+	(iokit-user-client-class "AppleUSBHostInterfaceUserClient")
+	(iokit-user-client-class "AppleAVEUserClient")
+	(iokit-user-client-class "IOAudio2TransformerUserClient")
+	(iokit-user-client-class "IOAccelSubmitter2")
+	(iokit-user-client-class "IOAccelSharedUserClient2")
+	(iokit-user-client-class "com_apple_driver_FairPlayIOKitUserClient")
+	(iokit-user-client-class "IOAccelDevice2")
+	(iokit-user-client-class "IOStreamAudioUserClient")
+	(iokit-user-client-class "IOUSBDeviceInterfaceUserClient")
+	(iokit-user-client-class "IOHIDResourceDeviceUserClient")
+	(iokit-user-client-class "AppleJPEGDriverUserClient")
+	(iokit-user-client-class "IOHIDLibUserClient"))
+(allow iokit-set-properties)
+(allow iokit-get-properties)
+(allow ipc-posix-shm*
+	(ipc-posix-name-regex #"^stack-logs")
+	(ipc-posix-name-regex #"^OA-")
+	(ipc-posix-name "shm_pcm_audio_acl")
+	(ipc-posix-name-regex #"^AppleAURemoteIO[.]." #"^AppleAURemoteIO[.].+")
+	(ipc-posix-name "shm_pcm_audio_sco_write")
+	(ipc-posix-name-regex #"^[0-9A-F][0-9A-F]:+[0-9A-F][0-9A-F]-tacl$")
+	(ipc-posix-name-regex #"^shm_notif[.][^.]+[.][RW]$")
+	(ipc-posix-name-regex #"^com[.]apple[.]audio[.]abl[.]")
+	(ipc-posix-name-regex #"^AppleAudioQueue[.]." #"^AppleAudioQueue[.].+")
+	(ipc-posix-name "shm_pcm_audio_sco_read")
+	(ipc-posix-name-regex #"^AppleABL[.]." #"^AppleABL[.].+")
+	(ipc-posix-name-regex #"^/FSM-"))
+(allow ipc-posix-shm-read*
+	(ipc-posix-name-regex #"^gdt-[0-9A-Za-z]+-c$" #"^gdt-[0-9A-Za-z]+-s$")
+	(ipc-posix-name "apple.shm.notification_center")
+	(ipc-posix-name-regex #"^apple[.]shm[.]cfprefsd[.]"))
+(allow ipc-posix-shm-write-data
+	(ipc-posix-name-regex #"^gdt-[0-9A-Za-z]+-c$" #"^gdt-[0-9A-Za-z]+-s$"))
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.pairedsyncd.syncstate")
+	(global-name "com.apple.nano.nanoregistry.paireddeviceregistry")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coremedia.virtualdisplayserver")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.audio.SystemSoundServer-iOS")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "PurpleSystemEventPort")
+	(global-name "com.apple.rtcreportingd")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.fairplayd.versioned")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.mobileactivationd")
+	(global-name "com.apple.iTunesStore.daemon.deatchwatch")
+	(global-name "com.apple.backboard.animation-fence-arbiter")
+	(global-name "com.apple.MediaRemote.daemon")
+	(global-name "com.apple.coresymbolicationd")
+	(global-name "com.apple.marco")
+	(global-name "com.apple.iTunesStore.daemon-notifications")
+	(global-name "com.apple.audio.AURemoteIOServer")
+	(global-name "PurpleSystemAppPort")
+	(global-name "com.apple.PowerManagement.control")
+	(global-name "com.apple.iap2d.distributednotification.server")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.idsremoteurlconnectionagent.embedded.auth")
+	(global-name "com.apple.coreduetd")
+	(global-name "com.apple.iTunesStore.daemon")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.MediaRemote.isrunning")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.powerlog.plxpclogger.xpc")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.mediaremoted.xpc")
+	(global-name "com.apple.springboard.services")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.gpumemd.source")
+	(global-name "com.apple.iap2d.ExternalAccessory.distributednotification.server")
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.locationd.registration")
+	(global-name "com.apple.MediaRemote.nowplayingserver")
+	(global-name "com.apple.identityservicesd.embedded.auth")
+	(global-name "com.apple.iaptransportd.ExternalAccessory.distributednotification.server")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.iap2d.xpc")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.SBUserNotification")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.mobileassetd")
+	(global-name "com.apple.usernotification.notificationregistrar")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.b184_monitord")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.locationd.synchronous")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.WirelessCoexManager")
+	(global-name "com.apple.wifi.manager")
+	(global-name "com.apple.springboard.backgroundappservices")
+	(global-name "com.apple.nanomaps.xpc.GeoServices")
+	(global-name "com.apple.apsd")
+	(global-name "com.apple.carkit.service")
+	(global-name "com.apple.audio.AudioQueueServer")
+	(global-name "com.apple.securekeyvaultd")
+	(global-name "com.apple.lskdd")
+	(global-name "com.apple.wirelessproxd")
+	(global-name "com.apple.PersistentURLTranslator.Gatekeeper")
+	(global-name "com.apple.iapd.distributednotification.server")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.iapd.xpc")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.backboard.hid.services")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.frontboard.systemappservices")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.geod")
+	(global-name "com.apple.awdd")
+	(global-name "com.apple.NetworkLinkConditioner")
+	(global-name "com.apple.iaptransportd.xpc")
+	(global-name "com.apple.lskdmsed")
+	(global-name "com.apple.cvmsServ")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.locationd.spi")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.server.bluetooth")
+	(global-name "com.apple.pegasus")
+	(global-name "com.apple.CARenderServer")
+	(global-name "com.apple.filesystems.userfsd")
+	(global-name "com.apple.iohideventsystem")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.audio.AUPBRegistrar")
+	(global-name "com.apple.BTServer.le")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.usernotification.notificationscheduler")
+	(global-name "com.apple.backboard.display.services")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.timed.xpc")
+	(global-name "com.apple.internal.mediaserverdtracerd")
+	(global-name "com.apple.springboard.processinvalidation")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.b184_mcu_commd")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.ExternalAccessory.distributednotification.server")
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow mach-register
+	(global-name "com.apple.midiserver.io")
+	(global-name-regex #"^com[.]apple[.]coremedia[.]")
+	(require-all
+		(extension "com.apple.security.exception.mach-register.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(extension "com.apple.security.exception.mach-register.global-name")
+		(global-name-regex #".+")))
+(allow network-inbound
+	(local tcp "*:*"))
+(allow network-outbound
+	(require-all
+		(require-not (regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
+		(require-any
+			(literal "/private/var/run/lockdown.sock")
+			(literal "/private/var/run/mDNSResponder")
+			(remote udp "*:*")
+			(remote tcp "*:*")
+			(control-name "com.apple.network.statistics")
+			(control-name "com.apple.netsrc")
+			(literal "/private/var/run/syslog")
+			(require-all
+				(regex #"^/private/var/mobile/Library/ExternalAccessory/ea[.0-9]+$" #"^/private/var/euser[0-9]+/Library/ExternalAccessory/ea[.0-9]+$")
+				(subpath-prefix "${FRONT_USER_HOME}")))))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(preference-domain "com.apple.NanoRegistry")
+	(preference-domain "com.apple.demo-settings")
+	(preference-domain "com.apple.ids")
+	(preference-domain "com.apple.assistant.support")
+	(preference-domain "com.apple.itunesstored")
+	(preference-domain "com.apple.avfoundation")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.locationd")
+	(preference-domain "com.apple.VideoConference")
+	(preference-domain "com.apple.coreaudio")
+	(preference-domain "com.apple.iokit.IOMobileGraphicsFamily")
+	(preference-domain "com.apple.audio.penguin")
+	(preference-domain "com.apple.corevideo")
+	(preference-domain "com.apple.audio.virtualaudio")
+	(preference-domain "com.apple.mediaaccessibility")
+	(preference-domain "com.apple.VideoProcessing")
+	(preference-domain "com.apple.persistentconnection")
+	(preference-domain "com.apple.mobileipod")
+	(preference-domain "com.apple.facetime.bag")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "com.apple.voicetrigger")
+	(preference-domain "com.apple.celestial")
+	(preference-domain "com.apple.mediaremote")
+	(preference-domain "com.apple.imessage.bag")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.coreanimation")
+	(preference-domain "com.apple.GEO")
+	(preference-domain "com.apple.da")
+	(preference-domain "com.apple.pairedsync")
+	(preference-domain "com.apple.assistant")
+	(preference-domain "com.apple.preferences-sounds")
+	(preference-domain "com.apple.springboard")
+	(preference-domain "com.apple.voicetrigger.notbackedup")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.coremedia")
+	(preference-domain "com.apple.rtcreporting")
+	(preference-domain "com.apple.assistant.backedup")
+	(preference-domain "com.apple.preferences.sounds")
+	(preference-domain "com.apple.coremedia.bag")
+	(preference-domain "com.apple.mediaaccessibility.public")
+	(preference-domain "com.apple.conference")
+	(preference-domain "com.apple.carrier")
+	(preference-domain "com.apple.settings.bluetooth.audio-route")
+	(preference-domain "com.apple.airplay")
+	(preference-domain "com.apple.marco")
+	(preference-domain "com.apple.logging")
+	(preference-domain "com.apple.CoreMotion")
+	(preference-domain "com.apple.facetime")
+	(preference-domain "com.apple.MobileAsset")
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.Accessibility")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.airplay")
+	(preference-domain "com.apple.conference")
+	(preference-domain "com.apple.mediaaccessibility.public")
+	(preference-domain "com.apple.avfoundation")
+	(preference-domain "com.apple.facetime.bag")
+	(preference-domain "com.apple.coremedia.bag")
+	(preference-domain "com.apple.voicetrigger.notbackedup")
+	(preference-domain "com.apple.celestial")
+	(preference-domain "com.apple.audio.virtualaudio")
+	(preference-domain "com.apple.facetime")
+	(preference-domain "com.apple.coreaudio")
+	(preference-domain "com.apple.coremedia")
+	(preference-domain "com.apple.voicetrigger")
+	(preference-domain "com.apple.audio.penguin")
+	(preference-domain "com.apple.imessage.bag"))
+(allow process-exec*
+	(literal "/usr/sbin/mediaserverd")
+	(require-all
+		(literal "/usr/bin/syslog")
+		(debug-mode))
+	(require-all
+		(literal "/usr/bin/trace")
+		(debug-mode)))
+(allow process-fork
+	(debug-mode))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
+(allow system-suspend-resume)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/mediaserverd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/mediaserverd.sb.xml
new file mode 100644
index 00000000..889d903e
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/mediaserverd.sb.xml
@@ -0,0 +1,43 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="file-read-metadata" action="allow" />
+	<operation name="iokit-set-properties" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+	<operation name="system-suspend-resume" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/mobile-house-arrest.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/mobile-house-arrest.sb
new file mode 100644
index 00000000..3f500282
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/mobile-house-arrest.sb
@@ -0,0 +1,435 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Caches/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Caches$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Caches/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Caches$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(require-all
+				(extension "com.apple.sandbox.container")
+				(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/iTunesArtwork$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/iTunesArtwork$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.container")
+				(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/System/Library")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(subpath "/usr/share")
+	(subpath "/private/var/db/timezone")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.sandbox.executable")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(require-all
+		(require-not (subpath "/usr/libexec/Contents"))
+		(require-any
+			(literal "/Library/Preferences/SystemConfiguration/com.apple.afc.DeviceInfo.plist")
+			(literal "/private/etc/master.passwd")
+			(literal "/dev/random")
+			(literal "/dev/urandom")
+			(literal "/dev/ptmx")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+			(literal "/dev/aes_0")
+			(literal "/usr/libexec")
+			(literal "/dev/dtracehelper")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.afc.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+			(literal "/usr/libexec/mobile_house_arrest")
+			(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+			(require-all
+				(extension "com.apple.sandbox.container")
+				(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+				(extension "com.apple.sandbox.pty"))
+			(require-all
+				(extension "com.apple.sandbox.container")
+				(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/iTunesArtwork$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/iTunesArtwork$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.container")
+				(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(vnode-type TTY)
+				(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+				(subpath-prefix "${FRONT_USER_HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+			(require-all
+				(extension "com.apple.sandbox.container")
+				(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type BLOCK-DEVICE)
+				(vnode-type CHARACTER-DEVICE)
+				(require-any
+					(literal "/private/etc/hosts")
+					(literal "/private/etc/group")
+					(literal "/private/etc/passwd")
+					(literal "/")
+					(literal "/private/etc/protocols")
+					(literal "/private/etc/services")
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+						(require-entitlement "com.apple.coreduetd.people"))))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode)))
+(allow file-read-data
+	(require-all
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/GeoJSON$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/GeoJSON$")
+		(subpath-prefix "${HOME}")))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal "/private/var/run/syslog")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/iTunesMetadata[.]plist$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/iTunesMetadata[.]plist$")
+		(subpath-prefix "${HOME}")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people")))
+(allow file-write-create
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/Inbox/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/Inbox$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/Inbox/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/Inbox$")
+		(subpath-prefix "${HOME}")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.FileCoordination")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.lsd.icons")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/mobile-house-arrest.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/mobile-house-arrest.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/mobile-house-arrest.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/mobileassetd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/mobileassetd.sb
new file mode 100644
index 00000000..ae1cfc58
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/mobileassetd.sb
@@ -0,0 +1,507 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/mobileassetd/" #"^/private/var/mobile/Library/Caches/mobileassetd$" #"^/private/var/euser[0-9]+/Library/Caches/mobileassetd/" #"^/private/var/euser[0-9]+/Library/Caches/mobileassetd$")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/mobileassetd/" #"^/private/var/mobile/Library/Caches/mobileassetd$" #"^/private/var/euser[0-9]+/Library/Caches/mobileassetd/" #"^/private/var/euser[0-9]+/Library/Caches/mobileassetd$")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/root/Library/Caches/mobileassetd/" #"^/private/var/root/Library/Caches/mobileassetd$"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/root/Library/Caches/mobileassetd/" #"^/private/var/root/Library/Caches/mobileassetd$"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/mobileassetd/" #"^/private/var/mobile/Library/Caches/mobileassetd$" #"^/private/var/euser[0-9]+/Library/Caches/mobileassetd/" #"^/private/var/euser[0-9]+/Library/Caches/mobileassetd$")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.assets.read")
+		(require-any
+			(subpath-prefix "${FRONT_USER_HOME}/Library/Assets")
+			(literal-prefix "${FRONT_USER_HOME}/Library/VoiceServices")
+			(subpath-prefix "${FRONT_USER_HOME}/Library/VoiceServices/Assets")
+			(subpath "/private/var/MobileAsset")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/root/Library/Caches/mobileassetd/" #"^/private/var/root/Library/Caches/mobileassetd$"))
+	(require-all
+		(extension-class "com.apple.StreamingUnzipService")
+		(require-any
+			(subpath-prefix "${FRONT_USER_HOME}/Library/Assets")
+			(literal-prefix "${FRONT_USER_HOME}/Library/VoiceServices")
+			(subpath-prefix "${FRONT_USER_HOME}/Library/VoiceServices/Assets")
+			(subpath "/private/var/MobileAsset"))))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileAsset.plist")
+	(subpath "/System/Library")
+	(literal "/dev/urandom")
+	(literal "/usr/libexec/mobileassetd")
+	(literal "/usr/libexec")
+	(regex #"^/private/var/root/Library/Cookies$" #"^/private/var/root/Library/Cookies/Cookies[.]binarycookies")
+	(literal "/")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(subpath "/private/var/MobileAsset")
+	(literal "/dev/zero")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal "/dev/ptmx")
+	(literal "/private/var/root/Library/Preferences/com.apple.WebFoundation.plist")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(subpath-prefix "${FRONT_USER_HOME}/Library/VoiceServices/Assets")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AssetCacheLocator.plist")
+	(subpath-prefix "${FRONT_USER_HOME}/Library/Assets")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/dev/aes_0")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/root/Library/Caches/mobileassetd/" #"^/private/var/root/Library/Caches/mobileassetd$")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(literal "/private/etc/master.passwd")
+	(extension "com.apple.sandbox.executable")
+	(literal-prefix "${FRONT_USER_HOME}/Library/VoiceServices")
+	(subpath "/AppleInternal/Library/PreinstalledAssets")
+	(subpath "/Developer")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(subpath "/private/var/tmp")
+	(literal "/dev/random")
+	(literal "/dev/dtracehelper")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(subpath "/private/var/db/timezone")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.mobilegestalt.plist")
+	(regex #"^/private/var/root/Library/Preferences/com[.]apple[.]MobileAsset[.]plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+")
+		(subpath-prefix "${HOME}")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/mobileassetd/" #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/mobileassetd$"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/mobileassetd/" #"^/private/var/mobile/Library/Caches/mobileassetd$" #"^/private/var/euser[0-9]+/Library/Caches/mobileassetd/" #"^/private/var/euser[0-9]+/Library/Caches/mobileassetd$")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/mobileassetd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/mobileassetd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/mobileassetd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/mobileassetd$")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/mobileassetd/" #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/mobileassetd$"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/mobileassetd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/mobileassetd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/mobileassetd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/mobileassetd$")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-metadata)
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/VoiceServices")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileAsset.plist")
+	(regex #"^/private/var/root/Library/Caches/mobileassetd/" #"^/private/var/root/Library/Caches/mobileassetd$")
+	(regex #"^/private/var/root/Library/Cookies$" #"^/private/var/root/Library/Cookies/Cookies[.]binarycookies")
+	(subpath "/private/var/MobileAsset")
+	(subpath-prefix "${FRONT_USER_HOME}/Library/VoiceServices/Assets")
+	(regex #"^/private/var/root/Library/Preferences/com[.]apple[.]MobileAsset[.]plist")
+	(subpath "/private/var/tmp")
+	(subpath-prefix "${FRONT_USER_HOME}/Library/Assets")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/mobileassetd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/mobileassetd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/mobileassetd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/mobileassetd$")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/mobileassetd/" #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/mobileassetd$"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/mobileassetd/" #"^/private/var/mobile/Library/Caches/mobileassetd$" #"^/private/var/euser[0-9]+/Library/Caches/mobileassetd/" #"^/private/var/euser[0-9]+/Library/Caches/mobileassetd$")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+")
+		(subpath-prefix "${HOME}")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/mobileassetd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/mobileassetd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/mobileassetd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/mobileassetd$")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/mobileassetd/" #"^/private/var/root/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/mobileassetd$"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal "/private/var/root/Library/Caches"))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.private.safe-move.send"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${FRONT_USER_HOME}/Library/Caches")))))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.AssetCacheLocatorService")
+	(global-name "com.apple.PowerManagement.control")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.lsd.mapdb")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.cache_delete")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.system.libinfo.muser")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "platform-application")))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "platform-application")))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.MobileAsset")
+	(preference-domain "com.apple.itunesstored")
+	(preference-domain "com.apple.AssetCacheLocator")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.MobileAsset"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
+(allow system-sched)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/mobileassetd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/mobileassetd.sb.xml
new file mode 100644
index 00000000..feb04958
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/mobileassetd.sb.xml
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="file-read-metadata" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+	<operation name="system-sched" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nanomaild.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nanomaild.sb
new file mode 100644
index 00000000..0a12bdf9
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nanomaild.sb
@@ -0,0 +1,422 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nanomaild/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nanomaild$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nanomaild/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nanomaild$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nanomaild/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nanomaild$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nanomaild/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nanomaild$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nanomaild/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nanomaild$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nanomaild/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nanomaild$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/System/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Accessibility.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.conference.plist")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal "/dev/dtracehelper")
+	(literal "/dev/zero")
+	(subpath "/usr/share")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoMailKitClient.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+	(literal "/dev/random")
+	(literal "/dev/ptmx")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath "/private/var/db/timezone")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iokit.IOMobileGraphicsFamily.plist")
+	(subpath-prefix "${HOME}/Library/NanoMailKit")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(literal "/dev/urandom")
+	(literal "/dev/aes_0")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.da.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.sandbox.executable")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoMail.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/private/var/tmp")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ids.plist")
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nanomaild/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nanomaild$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nanomaild/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nanomaild$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]nanomaild/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]nanomaild$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]nanomaild/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]nanomaild$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]nanomaild/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]nanomaild$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]nanomaild/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]nanomaild$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(vnode-type DIRECTORY)
+	(literal-prefix "${HOME}/Library/PPTDevice")
+	(literal-prefix "${HOME}/Library/Caches")
+	(vnode-type SYMLINK)
+	(literal "/private/var/run/syslog")
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoMailKitClient.plist")
+	(subpath "/private/var/tmp")
+	(subpath-prefix "${HOME}/Library/NanoMailKit")
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nanomaild/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nanomaild$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nanomaild/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nanomaild$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]nanomaild/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]nanomaild$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]nanomaild/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]nanomaild$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]nanomaild/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]nanomaild$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]nanomaild/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]nanomaild$")
+		(subpath-prefix "${HOME}")))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.CARenderServer")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.marco")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.identityservicesd.embedded.auth")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.frontboard.systemappservices")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.lsd.icons")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.ids")
+	(preference-domain "com.apple.da")
+	(preference-domain "com.apple.NanoMailKitClient")
+	(preference-domain "com.apple.demo-settings")
+	(preference-domain "com.apple.marco")
+	(preference-domain "com.apple.logging")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.iokit.IOMobileGraphicsFamily")
+	(preference-domain "com.apple.conference")
+	(preference-domain "com.apple.Accessibility")
+	(preference-domain "com.apple.NanoMail")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.NanoMailKitClient"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nanomaild.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nanomaild.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nanomaild.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nanomapscd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nanomapscd.sb
new file mode 100644
index 00000000..2519f062
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nanomapscd.sb
@@ -0,0 +1,616 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]MapsSupport/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]MapsSupport$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]MapsSupport/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]MapsSupport$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]MapsSupport/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]MapsSupport$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]MapsSupport/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]MapsSupport$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]MapsSupport/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]MapsSupport$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]MapsSupport/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]MapsSupport$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.conference.plist")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal-prefix "${HOME}/Library/Logs/awd/awd-nanomapscd.log")
+	(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+	(subpath "/usr/share")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.nanoprefsyncd.plist")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath "/System/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoRegistry.plist")
+	(subpath "/private/var/db/timezone")
+	(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(extension "com.apple.sandbox.executable")
+	(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.locationd.plist")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MapsSupport.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.pairedsync.plist")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ids.plist")
+	(require-all
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Maps/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Maps$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Maps/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Maps$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoMaps$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoMaps/" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/PairedSyncServiceRestrictions$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/PairedSyncServiceRestrictions/" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/(NanoMap|PairedSyncServiceRestriction)s$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/(NanoMap|PairedSyncServiceRestriction)s/")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Caches/GeoServices/tguid.bin"))
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+			(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+			(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db-wal")
+			(subpath-prefix "${FRONT_USER_HOME}/Library/Caches/GeoServices")
+			(literal "/dev/urandom")
+			(literal "/dev/ptmx")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.nanoprefsyncd.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.companionsync.plist")
+			(literal "/dev/aes_0")
+			(subpath "/private/var/containers/Data/System/com.apple.geod")
+			(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db-journal")
+			(subpath-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/CompanionSync/TransportLogs")
+			(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db")
+			(literal "/dev/random")
+			(literal "/private/var/preferences/com.apple.networkd.plist")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+			(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+			(literal "/dev/null")
+			(subpath-prefix "${HOME}/Library/Logs/CompanionSync/TransportLogs")
+			(literal "/dev/zero")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+			(literal "/private/var/preferences/com.apple.security.plist")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+			(literal "/dev/dtracehelper")
+			(literal-prefix "${HOME}/Library/Logs/CompanionSync")
+			(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db-shm")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(vnode-type TTY)
+				(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+				(subpath-prefix "${FRONT_USER_HOME}"))
+			(require-all
+				(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+				(extension "com.apple.sandbox.pty"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MapsSupport/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MapsSupport$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MapsSupport/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MapsSupport$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]MapsSupport/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]MapsSupport$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]MapsSupport/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]MapsSupport$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type BLOCK-DEVICE)
+				(vnode-type CHARACTER-DEVICE)
+				(require-any
+					(literal "/private/etc/hosts")
+					(literal "/private/etc/group")
+					(literal "/private/etc/passwd")
+					(literal "/")
+					(literal "/private/etc/protocols")
+					(literal "/private/etc/services")
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+						(require-entitlement "com.apple.coreduetd.people"))))
+			(require-all
+				(vnode-type DIRECTORY)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MapsSupport/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MapsSupport$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MapsSupport/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MapsSupport$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync/com[.]apple[.]private[.]alloy[.]maps[.]sync" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync/nms[.]com[.]apple[.]private[.]alloy[.]maps[.]sync" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync/(nms[.])?com[.]apple[.]private[.]alloy[.]maps[.]sync")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]private[.]alloy[.]maps[.]sync[.]syncCoordinator" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]private[.]alloy[.]maps[.]sync[.]syncCoordinator")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+		(subpath-prefix "${HOME}")))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles")
+	(literal-prefix "${HOME}/Library/Logs/CompanionSync")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/CompanionSync")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs")
+	(literal-prefix "${HOME}/Library/PPTDevice")
+	(literal "/private/var/run/syslog")
+	(literal-prefix "${HOME}/Library/DeviceRegistry")
+	(literal-prefix "${HOME}/Library/Caches")
+	(literal-prefix "${HOME}/Library/Logs/awd")
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/awd"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/Logs/CompanionSync")
+			(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs")
+			(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/CompanionSync")))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$")
+		(subpath-prefix "${HOME}")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MapsSupport.plist")
+	(literal-prefix "${HOME}/Library/Logs/awd/awd-nanomapscd.log")
+	(subpath "/private/var/tmp")
+	(require-all
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Maps/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Maps$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Maps/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Maps$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Caches/GeoServices/tguid.bin"))
+		(require-any
+			(subpath-prefix "${HOME}/Library/Logs/CompanionSync/TransportLogs")
+			(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db")
+			(subpath-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/CompanionSync/TransportLogs")
+			(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db-wal")
+			(literal-prefix "${HOME}/Library/Logs/CompanionSync")
+			(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db-shm")
+			(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db-journal")
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync/com[.]apple[.]private[.]alloy[.]maps[.]sync" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync/nms[.]com[.]apple[.]private[.]alloy[.]maps[.]sync" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync/(nms[.])?com[.]apple[.]private[.]alloy[.]maps[.]sync")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MapsSupport/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MapsSupport$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MapsSupport/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MapsSupport$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]MapsSupport/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]MapsSupport$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]MapsSupport/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]MapsSupport$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type BLOCK-DEVICE)
+				(vnode-type CHARACTER-DEVICE)
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MapsSupport/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MapsSupport$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MapsSupport/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MapsSupport$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Logs/CompanionSync"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]private[.]alloy[.]maps[.]sync[.]syncCoordinator" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]private[.]alloy[.]maps[.]sync[.]syncCoordinator")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoMaps$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoMaps/" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/PairedSyncServiceRestrictions$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/PairedSyncServiceRestrictions/" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/(NanoMap|PairedSyncServiceRestriction)s$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/(NanoMap|PairedSyncServiceRestriction)s/")
+		(subpath-prefix "${HOME}")))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/awd"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/Logs/CompanionSync")
+			(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs")
+			(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/CompanionSync")))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches")))
+(allow file-write-data
+	(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db")
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-owner
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$")
+		(subpath-prefix "${HOME}")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.Maps.SpringBoard")
+	(global-name "com.apple.nano.nanoregistry.paireddeviceregistry")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.marco")
+	(global-name "com.apple.Maps.gsEvents")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.Maps.IPC")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.nanoprefsync")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.identityservicesd.embedded.auth")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.locationd.synchronous")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.nanomaps.xpc.GeoServices")
+	(global-name "com.apple.routined.registration")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.geod")
+	(global-name "com.apple.awdd")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.locationd.registration")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.frontboard.systemappservices")
+	(global-name "com.apple.FileCoordination")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.locationd.spi")
+	(global-name "com.apple.pairedsyncd.syncstate")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.xpcd")
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.NanoRegistry")
+	(preference-domain "com.apple.demo-settings")
+	(preference-domain "com.apple.locationd")
+	(preference-domain "com.apple.pairedsync")
+	(preference-domain "com.apple.GEO")
+	(preference-domain "com.apple.ids")
+	(preference-domain "com.apple.MapsSupport")
+	(preference-domain "com.apple.nanoprefsyncd")
+	(preference-domain "com.apple.logging")
+	(preference-domain "com.apple.carrier")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.conference")
+	(preference-domain "com.apple.companionsync")
+	(preference-domain "com.apple.marco")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.MapsSupport"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nanomapscd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nanomapscd.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nanomapscd.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nanomapsgd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nanomapsgd.sb
new file mode 100644
index 00000000..7bfa8ea4
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nanomapsgd.sb
@@ -0,0 +1,543 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]NanoMaps/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]NanoMaps$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]NanoMaps/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]NanoMaps$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]NanoMaps/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]NanoMaps$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]NanoMaps/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]NanoMaps$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]NanoMaps/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]NanoMaps$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]NanoMaps/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]NanoMaps$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${HOME}/Library/Logs/awd/awd-nanomapsgd.log")
+	(subpath "/System/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.conference.plist")
+	(subpath "/usr/share")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoRegistry.plist")
+	(subpath "/private/var/db/timezone")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+	(subpath-prefix "${HOME}/Library/Maps")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.sandbox.executable")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.nanoprefsyncd.plist")
+	(subpath "/Developer")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+	(subpath "/Applications/NanoMaps.app")
+	(literal-prefix "${HOME}/Library/MapsHistory.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.pairedsync.plist")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoMaps.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ids.plist")
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoMaps$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoMaps/" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/PairedSyncServiceRestrictions$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/PairedSyncServiceRestrictions/" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/(NanoMap|PairedSyncServiceRestriction)s$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/(NanoMap|PairedSyncServiceRestriction)s/")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Caches/GeoServices/tguid.bin"))
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+			(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+			(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db-wal")
+			(subpath-prefix "${FRONT_USER_HOME}/Library/Caches/GeoServices")
+			(literal "/dev/urandom")
+			(literal "/dev/ptmx")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.companionsync.plist")
+			(literal "/dev/aes_0")
+			(literal "/dev/dtracehelper")
+			(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db-journal")
+			(subpath-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/CompanionSync/TransportLogs")
+			(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db")
+			(literal "/dev/random")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+			(subpath "/private/var/containers/Data/System/com.apple.geod")
+			(literal "/dev/null")
+			(subpath-prefix "${HOME}/Library/Logs/CompanionSync/TransportLogs")
+			(literal "/dev/zero")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+			(literal-prefix "${HOME}/Library/Logs/CompanionSync")
+			(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db-shm")
+			(require-all
+				(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(vnode-type TTY)
+				(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]NanoMaps/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]NanoMaps$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]NanoMaps/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]NanoMaps$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]NanoMaps/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]NanoMaps$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]NanoMaps/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]NanoMaps$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+				(extension "com.apple.sandbox.pty"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]NanoMaps/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]NanoMaps$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]NanoMaps/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]NanoMaps$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+			(require-all
+				(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+				(subpath-prefix "${FRONT_USER_HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type BLOCK-DEVICE)
+				(vnode-type CHARACTER-DEVICE)
+				(require-any
+					(literal "/private/etc/hosts")
+					(literal "/private/etc/group")
+					(literal "/private/etc/passwd")
+					(literal "/")
+					(literal "/private/etc/protocols")
+					(literal "/private/etc/services")
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+						(require-entitlement "com.apple.coreduetd.people"))))
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync/com[.]apple[.]private[.]alloy[.]maps[.]sync" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync/nms[.]com[.]apple[.]private[.]alloy[.]maps[.]sync" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync/(nms[.])?com[.]apple[.]private[.]alloy[.]maps[.]sync")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode)))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${HOME}/Library/Logs/CompanionSync")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/CompanionSync")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs")
+	(literal-prefix "${HOME}/Library/PPTDevice")
+	(literal "/private/var/run/syslog")
+	(literal-prefix "${HOME}/Library/DeviceRegistry")
+	(literal-prefix "${HOME}/Library/Caches")
+	(literal-prefix "${HOME}/Library/Logs/awd")
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/awd"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/Logs/CompanionSync")
+			(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs")
+			(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/CompanionSync")))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$")
+		(subpath-prefix "${HOME}")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath-prefix "${HOME}/Library/Maps")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${HOME}/Library/Logs/awd/awd-nanomapsgd.log")
+	(literal-prefix "${HOME}/Library/MapsHistory.plist")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoMaps.plist")
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Caches/GeoServices/tguid.bin"))
+		(require-any
+			(subpath-prefix "${HOME}/Library/Logs/CompanionSync/TransportLogs")
+			(subpath-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/CompanionSync/TransportLogs")
+			(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db-wal")
+			(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db")
+			(literal-prefix "${HOME}/Library/Logs/CompanionSync")
+			(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db-shm")
+			(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db-journal")
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync/com[.]apple[.]private[.]alloy[.]maps[.]sync" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync/nms[.]com[.]apple[.]private[.]alloy[.]maps[.]sync" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync/(nms[.])?com[.]apple[.]private[.]alloy[.]maps[.]sync")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]NanoMaps/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]NanoMaps$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]NanoMaps/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]NanoMaps$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type BLOCK-DEVICE)
+				(vnode-type CHARACTER-DEVICE)
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]NanoMaps/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]NanoMaps$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]NanoMaps/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]NanoMaps$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]NanoMaps/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]NanoMaps$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]NanoMaps/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]NanoMaps$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Logs/CompanionSync"))))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoMaps$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoMaps/" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/PairedSyncServiceRestrictions$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/PairedSyncServiceRestrictions/" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/(NanoMap|PairedSyncServiceRestriction)s$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/(NanoMap|PairedSyncServiceRestriction)s/")
+		(subpath-prefix "${HOME}")))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/awd"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/Logs/CompanionSync")
+			(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs")
+			(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/CompanionSync")))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches")))
+(allow file-write-data
+	(literal-prefix "${HOME}/Library/Logs/CompanionSync/statistics.db")
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-owner
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/CompanionSync$")
+		(subpath-prefix "${HOME}")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.nano.nanoregistry.paireddeviceregistry")
+	(global-name "com.apple.audio.SystemSoundServer-iOS")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.nanomaps.xpc.GeoServices")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.marco")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.pairedsyncd.syncstate")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.identityservicesd.embedded.auth")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.SBUserNotification")
+	(global-name "com.apple.idsremoteurlconnectionagent.embedded.auth")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.geod")
+	(global-name "com.apple.awdd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.frontboard.systemappservices")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.lsd.icons")
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.nanoprefsyncd")
+	(preference-domain "com.apple.NanoRegistry")
+	(preference-domain "com.apple.demo-settings")
+	(preference-domain "com.apple.pairedsync")
+	(preference-domain "com.apple.ids")
+	(preference-domain "com.apple.GEO")
+	(preference-domain "com.apple.coreaudio")
+	(preference-domain "com.apple.logging")
+	(preference-domain "com.apple.marco")
+	(preference-domain "com.apple.companionsync")
+	(preference-domain "com.apple.coremedia")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.conference")
+	(preference-domain "com.apple.NanoMaps")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.NanoMaps"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nanomapsgd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nanomapsgd.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nanomapsgd.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/navd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/navd.sb
new file mode 100644
index 00000000..cd3fc633
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/navd.sb
@@ -0,0 +1,532 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]MapsSupport/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]MapsSupport$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]MapsSupport/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]MapsSupport$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]MapsSupport/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]MapsSupport$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]MapsSupport/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]MapsSupport$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]MapsSupport/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]MapsSupport$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]MapsSupport/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]MapsSupport$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/System/Library")
+	(literal "/dev/null")
+	(literal "/dev/urandom")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+	(subpath "/private/var/containers/Data/System/com.apple.geod")
+	(subpath-prefix "${HOME}/Library/Caches/GeoServices")
+	(literal "/dev/zero")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+	(literal "/dev/ptmx")
+	(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoRegistry.plist")
+	(subpath "/private/var/db/timezone")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+	(literal "/dev/aes_0")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(extension "com.apple.sandbox.executable")
+	(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+	(subpath-prefix "${FRONT_USER_HOME}/Library/Caches/GeoServices")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.locationd.plist")
+	(subpath "/Developer")
+	(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+	(literal "/dev/random")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+	(literal "/dev/dtracehelper")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MapsSupport.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.persistentconnection.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.pairedsync.plist")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]MapsSupport" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]MapsSupport" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]MapsSupport")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MapsSupport/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MapsSupport$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MapsSupport/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MapsSupport$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]MapsSupport/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]MapsSupport$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]MapsSupport/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]MapsSupport$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MapsSupport/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MapsSupport$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MapsSupport/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MapsSupport$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")
+	(literal-prefix "${HOME}/Library/DeviceRegistry")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal "/private/var/run/syslog")
+	(literal-prefix "${HOME}/Library/Caches")
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}")))))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MapsSupport.plist")
+	(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+	(subpath-prefix "${HOME}/Library/Caches/GeoServices")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+	(subpath "/private/var/tmp")
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]MapsSupport/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]MapsSupport$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]MapsSupport/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]MapsSupport$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MapsSupport/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MapsSupport$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MapsSupport/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MapsSupport$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]MapsSupport" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]MapsSupport" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]MapsSupport")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MapsSupport/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MapsSupport$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MapsSupport/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]MapsSupport$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.private.safe-move.send"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches")))))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.nano.nanoregistry.paireddeviceregistry")
+	(global-name "com.apple.geod")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.PowerManagement.control")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.powerlog.plxpclogger.xpc")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.locationd.registration")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.routined.registration")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.locationd.synchronous")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.nanomaps.xpc.GeoServices")
+	(global-name "com.apple.apsd")
+	(global-name "com.apple.wifi.manager")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.locationd.spi")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.pairedsyncd.syncstate")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.xpcd")
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.NanoRegistry")
+	(preference-domain "com.apple.demo-settings")
+	(preference-domain "com.apple.locationd")
+	(preference-domain "com.apple.pairedsync")
+	(preference-domain "com.apple.GEO")
+	(preference-domain "com.apple.persistentconnection")
+	(preference-domain "com.apple.MapsSupport")
+	(preference-domain "com.apple.logging")
+	(preference-domain "com.apple.carrier")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/navd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/navd.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/navd.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/network-filter.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/network-filter.sb
new file mode 100644
index 00000000..56d89a0e
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/network-filter.sb
@@ -0,0 +1,296 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.application-group")
+		(regex #"^/private/var/mobile/Containers/Shared/AppGroup/[-0-9A-Z]+/" #"^/private/var/mobile/Containers/Shared/AppGroup/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Containers/Shared/AppGroup/[-0-9A-Z]+/" #"^/private/var/euser[0-9]+/Containers/Shared/AppGroup/[-0-9A-Z]+$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.application-group")
+		(regex #"^/private/var/mobile/Containers/Shared/AppGroup/[-0-9A-Z]+/" #"^/private/var/mobile/Containers/Shared/AppGroup/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Containers/Shared/AppGroup/[-0-9A-Z]+/" #"^/private/var/euser[0-9]+/Containers/Shared/AppGroup/[-0-9A-Z]+$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(require-all
+				(extension "com.apple.sandbox.container")
+				(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/iTunesArtwork$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/iTunesArtwork$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.container")
+				(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.executable")))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/System/Library")
+	(literal "/dev/urandom")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal "/dev/dtracehelper")
+	(literal "/dev/zero")
+	(subpath "/usr/share")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal "/dev/random")
+	(literal "/com.apple.xpc.launchd.bootstrap.plist")
+	(subpath "/private/var/db/timezone")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(extension "com.apple.sandbox.executable")
+	(literal "/dev/ptmx")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal "/dev/aes_0")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(require-all
+		(extension "com.apple.sandbox.application-group")
+		(regex #"^/private/var/mobile/Containers/Shared/AppGroup/[-0-9A-Z]+/" #"^/private/var/mobile/Containers/Shared/AppGroup/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Containers/Shared/AppGroup/[-0-9A-Z]+/" #"^/private/var/euser[0-9]+/Containers/Shared/AppGroup/[-0-9A-Z]+$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/iTunesArtwork$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/iTunesArtwork$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal "/private/var/run/syslog")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/iTunesMetadata[.]plist$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/iTunesMetadata[.]plist$")
+		(subpath-prefix "${HOME}")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(require-all
+		(require-not (vnode-type BLOCK-DEVICE))
+		(require-not (vnode-type CHARACTER-DEVICE))
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people")))
+(allow file-write-create
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "PurpleSystemEventPort")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.assertiond.expiration")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.lsd.icons")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/network-filter.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/network-filter.sb.xml
new file mode 100644
index 00000000..bc9a832f
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/network-filter.sb.xml
@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nfcd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nfcd.sb
new file mode 100644
index 00000000..05f9ca0c
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nfcd.sb
@@ -0,0 +1,314 @@
+(version 1)
+(deny default)
+(allow file-ioctl
+	(literal "/dev/tty.stockholm")
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0"))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal "/usr/libexec")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal "/dev/dtracehelper")
+	(literal-prefix "${HOME}/Library/Logs/awd/awd-nfcd.log")
+	(literal "/dev/zero")
+	(subpath "/usr/share")
+	(literal "/dev/random")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.stockholm.awd.plist")
+	(subpath "/System/Library")
+	(literal "/dev/tty.stockholm")
+	(subpath "/private/var/db/timezone")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Duet.plist")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/dev/urandom")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.sandbox.executable")
+	(literal "/dev/ptmx")
+	(subpath "/usr/lib")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.stockholm.plist")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${HOME}/Library/Logs/AppleSSE.log")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal "/dev/aes_0")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal "/usr/libexec/nfcd")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/nfcd.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/CrashReporter/DiagnosticLogs/NearField" #"^/private/var/euser[0-9]+/Library/Logs/CrashReporter/DiagnosticLogs/NearField")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(literal-prefix "${HOME}/Library/Logs/awd")
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/CrashReporter"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/awd")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${HOME}/Library/Logs/AppleSSE.log")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.stockholm.awd.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/nfcd.plist")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${HOME}/Library/Logs/awd/awd-nfcd.log")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.stockholm.plist")
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/CrashReporter/DiagnosticLogs/NearField" #"^/private/var/euser[0-9]+/Library/Logs/CrashReporter/DiagnosticLogs/NearField")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/CrashReporter"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/awd")))
+(allow file-write-data
+	(literal "/dev/tty.stockholm")
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open
+	(extension "com.apple.security.exception.iokit-user-client-class")
+	(iokit-user-client-class "AppleCredentialManagerUserClient")
+	(iokit-user-client-class "AppleStockholmControlUserClient")
+	(iokit-user-client-class "AppleKeyStoreUserClient")
+	(iokit-user-client-class "RootDomainUserClient")
+	(iokit-user-client-class "AppleSSEUserClient"))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.powerlog.plxpclogger.xpc")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.PowerManagement.control")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.coreduetd")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.awdd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.lsd.icons")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow network-outbound
+	(require-all
+		(require-not (regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
+		(require-any
+			(control-name "com.apple.uart.stockholm")
+			(literal "/private/var/run/syslog"))))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.Duet")
+	(preference-domain "com.apple.stockholm.awd")
+	(preference-domain "com.apple.stockholm")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "nfcd")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.stockholm")
+	(preference-domain "nfcd")
+	(preference-domain "com.apple.stockholm.awd"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
+(allow system-socket
+	(socket-domain AF_SYSTEM))
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nfcd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nfcd.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nfcd.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nlcd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nlcd.sb
new file mode 100644
index 00000000..4a4afac1
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nlcd.sb
@@ -0,0 +1,68 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.pfd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.lsd.icons")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
+(allow system-socket)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nlcd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nlcd.sb.xml
new file mode 100644
index 00000000..c8ed3bf5
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nlcd.sb.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+	<operation name="system-socket" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nointernet.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nointernet.sb
new file mode 100644
index 00000000..600155c5
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nointernet.sb
@@ -0,0 +1,6 @@
+(version 1)
+(allow default)
+(deny network*
+	(local ip "*:*"))
+(deny network-outbound
+	(regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nointernet.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nointernet.sb.xml
new file mode 100644
index 00000000..fa56c88d
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nointernet.sb.xml
@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nsurlsessiond.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nsurlsessiond.sb
new file mode 100644
index 00000000..8cea1cdb
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nsurlsessiond.sb
@@ -0,0 +1,569 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(subpath-prefix "${HOME}/Library/Caches/com.apple.nsurlsessiond")
+			(require-all
+				(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Caches/com[.]apple[.]nsurlsessiond" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Caches/com[.]apple[.]nsurlsessiond")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Containers/Shared/AppGroup/[-0-9A-Z]+/Library/Caches/com[.]apple[.]nsurlsessiond" #"^/private/var/euser[0-9]+/Containers/Shared/AppGroup/[-0-9A-Z]+/Library/Caches/com[.]apple[.]nsurlsessiond")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/System/Library")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(subpath "/usr/share")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.sandbox.executable")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(subpath "/private/var/db/timezone")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(require-all
+		(require-not (subpath "/private/var/logs/MobileLibraryLogs"))
+		(require-not (subpath "/private/var/logs/MobileMediaFactoryLogs"))
+		(require-not (subpath "/private/var/logs/WirelessLibraryLogs"))
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mt.plist")
+			(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+			(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+			(literal "/private/var/preferences/com.apple.security.plist")
+			(subpath-prefix "${HOME}/Library/com.apple.nsurlsessiond")
+			(subpath-prefix "${HOME}/Media/Downloads")
+			(literal "/usr/libexec")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+			(subpath-prefix "${HOME}/Library/Logs/com.apple.nsurlsessiond")
+			(literal "/private/var/preferences/com.apple.networkd.plist")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Duet.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+			(subpath-prefix "${HOME}/Library/Cookies")
+			(subpath-prefix "${HOME}/Library/Caches/com.apple.nsurlsessiond")
+			(subpath "/private/var/tmp")
+			(literal "/usr/libexec/nsurlsessiond")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.nsurlsessiond.plist")
+			(require-all
+				(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Caches/com[.]apple[.]nsurlsessiond" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Caches/com[.]apple[.]nsurlsessiond")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(require-any
+					(extension "com.apple.nsurlsessiond.readonly")
+					(require-all
+						(regex #"^/private/var/mobile/Library/com[.]apple[.]nsurlsessiond/[^/]+/[^/]+/Uploads/" #"^/private/var/euser[0-9]+/Library/com[.]apple[.]nsurlsessiond/[^/]+/[^/]+/Uploads/")
+						(subpath-prefix "${HOME}"))))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]nsurlsessiond/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]nsurlsessiond$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]nsurlsessiond/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]nsurlsessiond$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Logs/CrashReporter/DiagnosticLogs/com.apple.nsurlsessiond" #"^/private/var/euser[0-9]+/Library/Logs/CrashReporter/DiagnosticLogs/com.apple.nsurlsessiond")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/ConfigurationProfiles$" #"^/private/var/mobile/Library/ConfigurationProfiles/" #"^/private/var/mobile/Library/UserConfigurationProfiles$" #"^/private/var/mobile/Library/UserConfigurationProfiles/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/")
+				(subpath-prefix "${FRONT_USER_HOME}"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]nsurlsessiond/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]nsurlsessiond$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]nsurlsessiond/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]nsurlsessiond$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.coremedia"))
+				(require-any
+					(literal "/dev/random")
+					(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+					(literal "/dev/urandom")
+					(literal "/dev/ptmx")
+					(literal "/dev/aes_0")
+					(literal "/dev/dtracehelper")
+					(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+					(literal "/dev/null")
+					(literal "/dev/zero")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+					(require-all
+						(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+						(require-entitlement "com.apple.bulletinboard.dataprovider"))
+					(require-all
+						(vnode-type TTY)
+						(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+						(subpath-prefix "${FRONT_USER_HOME}"))
+					(require-all
+						(extension "com.apple.sandbox.system-container")
+						(require-entitlement "com.apple.security.system-container"))
+					(require-all
+						(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+						(extension "com.apple.sandbox.pty"))
+					(require-all
+						(extension "com.apple.sandbox.system-group")
+						(require-any
+							(require-entitlement "com.apple.security.system-groups")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+							(require-entitlement "com.apple.security.system-group-containers")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+					(require-all
+						(vnode-type BLOCK-DEVICE)
+						(vnode-type CHARACTER-DEVICE)
+						(require-any
+							(literal "/private/etc/hosts")
+							(literal "/private/etc/group")
+							(literal "/private/etc/passwd")
+							(literal "/")
+							(literal "/private/etc/protocols")
+							(literal "/private/etc/services")
+							(require-all
+								(literal-prefix "${HOME}/Library/CoreDuet/People")
+								(require-entitlement "com.apple.coreduetd.people"))
+							(require-all
+								(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+								(require-entitlement "com.apple.coreduetd.people"))
+							(require-all
+								(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+								(require-entitlement "com.apple.coreduetd.people"))
+							(require-all
+								(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+								(require-entitlement "com.apple.coreduetd.people"))
+							(require-all
+								(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+								(require-entitlement "com.apple.coreduetd.people"))))
+					(require-all
+						(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+						(require-entitlement "com.apple.bulletinboard.dataprovider"))
+					(require-all
+						(extension "com.apple.sandbox.system-container")
+						(require-entitlement "com.apple.security.system-container"))
+					(require-all
+						(extension "com.apple.sandbox.system-group")
+						(require-any
+							(require-entitlement "com.apple.security.system-groups")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+							(require-entitlement "com.apple.security.system-group-containers")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Containers/Shared/AppGroup/[-0-9A-Z]+/Library/Caches/com[.]apple[.]nsurlsessiond" #"^/private/var/euser[0-9]+/Containers/Shared/AppGroup/[-0-9A-Z]+/Library/Caches/com[.]apple[.]nsurlsessiond")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode)))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter")
+	(literal-prefix "${HOME}/Library/Caches")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/CrashReporter"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(require-all
+		(require-not (subpath "/private/var/logs/MobileLibraryLogs"))
+		(require-not (subpath "/private/var/logs/MobileMediaFactoryLogs"))
+		(require-not (subpath "/private/var/logs/WirelessLibraryLogs"))
+		(require-any
+			(subpath-prefix "${HOME}/Media/Downloads")
+			(subpath-prefix "${HOME}/Library/Caches/com.apple.nsurlsessiond")
+			(subpath-prefix "${HOME}/Library/Logs/com.apple.nsurlsessiond")
+			(subpath "/private/var/tmp")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.nsurlsessiond.plist")
+			(subpath-prefix "${HOME}/Library/com.apple.nsurlsessiond")
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+			(require-all
+				(regex #"^/private/var/mobile/Containers/Shared/AppGroup/[-0-9A-Z]+/Library/Caches/com[.]apple[.]nsurlsessiond" #"^/private/var/euser[0-9]+/Containers/Shared/AppGroup/[-0-9A-Z]+/Library/Caches/com[.]apple[.]nsurlsessiond")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Caches/com[.]apple[.]nsurlsessiond" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Caches/com[.]apple[.]nsurlsessiond")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type BLOCK-DEVICE)
+				(vnode-type CHARACTER-DEVICE)
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]nsurlsessiond/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]nsurlsessiond$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]nsurlsessiond/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]nsurlsessiond$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]nsurlsessiond/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]nsurlsessiond$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]nsurlsessiond/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]nsurlsessiond$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Logs/CrashReporter/DiagnosticLogs/com.apple.nsurlsessiond" #"^/private/var/euser[0-9]+/Library/Logs/CrashReporter/DiagnosticLogs/com.apple.nsurlsessiond")
+				(subpath-prefix "${HOME}")))))
+(allow file-write-create
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(require-any
+			(extension "com.apple.nsurlsessiond.readonly")
+			(require-all
+				(regex #"^/private/var/mobile/Library/com[.]apple[.]nsurlsessiond/[^/]+/[^/]+/Uploads/" #"^/private/var/euser[0-9]+/Library/com[.]apple[.]nsurlsessiond/[^/]+/[^/]+/Uploads/")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/CrashReporter"))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.private.safe-move.send"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches"))))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(require-any
+			(extension "com.apple.nsurlsessiond.readonly")
+			(require-all
+				(regex #"^/private/var/mobile/Library/com[.]apple[.]nsurlsessiond/[^/]+/[^/]+/Uploads/" #"^/private/var/euser[0-9]+/Library/com[.]apple[.]nsurlsessiond/[^/]+/[^/]+/Uploads/")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.coremedia.asset")
+	(global-name "com.apple.PowerManagement.control")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.coreduetd")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.powerlog.plxpclogger.xpc")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.fig.movie")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.coremedia.sandboxserver")
+	(global-name "com.apple.ocspd")
+	(global-name "com.apple.frontboard.systemappservices")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.mobile.keybagd.UserManager.xpc")
+	(global-name "com.apple.coremedia.admin")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.awdd")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.mobile.keybagd.xpc")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.lsd.xpc")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.coremedia.assetdownloader")
+	(global-name "com.apple.trustd")
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(require-not (global-name "com.apple.CARenderServer"))
+		(require-any
+			(global-name "com.apple.system.libinfo.muser")
+			(global-name "com.apple.ctkd.token-client")
+			(global-name "com.apple.lsd.open")
+			(global-name "com.apple.cfprefsd.daemon")
+			(global-name "com.apple.lsd")
+			(global-name "com.apple.cfprefsd.agent")
+			(global-name "com.apple.lsd.advertisingidentifiers")
+			(global-name "com.apple.diagnosticd")
+			(global-name "com.apple.tccd")
+			(global-name "com.apple.distributed_notifications@1v3")
+			(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+			(global-name "com.apple.lsd.mapdb")
+			(global-name "com.apple.system.logger")
+			(local-name "com.apple.cfprefsd.agent")
+			(global-name "com.apple.system.notification_center")
+			(global-name "com.apple.xpcd")
+			(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+			(global-name "com.apple.assertiond.processassertionconnection")
+			(global-name "com.apple.duetknowledged.activity")
+			(global-name "com.apple.lsd.openurl")
+			(global-name "com.apple.managedconfiguration.profiled.public")
+			(global-name "com.apple.containermanagerd")
+			(global-name "com.apple.mobilegestalt.xpc")
+			(global-name "com.apple.appsupport.cplogd")
+			(global-name "com.apple.aggregated")
+			(global-name "com.apple.lsd.icons")
+			(require-all
+				(global-name "com.apple.bulletinboard.dataproviderconnection")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(global-name "com.apple.itunesstored.xpc")
+				(require-entitlement "com.apple.itunesstored.private"))
+			(require-all
+				(global-name "com.apple.coreduetd.people")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "com.apple.avfoundation")
+	(preference-domain "com.apple.mt")
+	(preference-domain "com.apple.Duet")
+	(preference-domain "com.apple.coreaudio")
+	(preference-domain "com.apple.nsurlsessiond")
+	(preference-domain "com.apple.coremedia")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.nsurlsessiond"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nsurlsessiond.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nsurlsessiond.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nsurlsessiond.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nsurlstoraged.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nsurlstoraged.sb
new file mode 100644
index 00000000..679836f5
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nsurlstoraged.sb
@@ -0,0 +1,384 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileAsset.plist")
+	(subpath "/System/Library")
+	(literal "/dev/urandom")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal "/dev/dtracehelper")
+	(literal "/dev/zero")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.nsurlstoraged.plist")
+	(literal-prefix "${HOME}/Containers")
+	(subpath "/usr/libexec")
+	(literal-prefix "${HOME}")
+	(subpath "/private/var/db/timezone")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${HOME}/Applications")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(literal "/private/etc/master.passwd")
+	(extension "com.apple.sandbox.executable")
+	(literal "/dev/ptmx")
+	(subpath "/Developer")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(subpath "/private/var/tmp")
+	(literal "/dev/random")
+	(extension "com.apple.nsurlstorage.extension-cache")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(subpath "/private/var/containers")
+	(literal "/dev/aes_0")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(require-all
+		(subpath "/private/var/MobileAsset")
+		(extension "com.apple.assets.read"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Assets")
+		(extension "com.apple.assets.read"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-metadata)
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(extension "com.apple.nsurlstorage.extension-cache")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.nsurlstoraged.plist")
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-write-create
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.mobileassetd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.lsd.mapdb")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.lsd.icons")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow network-outbound
+	(require-all
+		(require-not (regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
+		(require-any
+			(literal "/private/var/run/mDNSResponder")
+			(control-name "com.apple.network.statistics")
+			(control-name "com.apple.netsrc")
+			(literal "/private/var/run/syslog"))))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.nsurlstoraged")
+	(preference-domain "com.apple.MobileAsset")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.nsurlstoraged"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nsurlstoraged.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nsurlstoraged.sb.xml
new file mode 100644
index 00000000..e8f17749
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/nsurlstoraged.sb.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="file-read-metadata" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/online-auth-agent.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/online-auth-agent.sb
new file mode 100644
index 00000000..2ce04dff
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/online-auth-agent.sb
@@ -0,0 +1,304 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/private/var/containers/Bundle")
+	(subpath "/System/Library")
+	(literal "/dev/urandom")
+	(literal "/usr/libexec")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal "/dev/dtracehelper")
+	(literal "/dev/zero")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(literal "/dev/random")
+	(subpath "/private/var/db/timezone")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/private/etc/master.passwd")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(extension "com.apple.sandbox.executable")
+	(literal "/dev/ptmx")
+	(subpath "/Developer")
+	(subpath "/private/var/MobileDevice")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileAsset.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal "/dev/aes_0")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(require-all
+		(subpath "/private/var/MobileAsset")
+		(extension "com.apple.assets.read"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Assets")
+		(extension "com.apple.assets.read"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath "/private/var/MobileDevice")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-write-create
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open
+	(extension "com.apple.security.exception.iokit-user-client-class")
+	(iokit-user-client-class "AppleKeyStoreUserClient")
+	(iokit-user-client-class "IOAESAcceleratorUserClient"))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.mobileassetd")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.lsd.mapdb")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "platform-application")))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "platform-application")))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private")))
+(allow network-outbound
+	(require-all
+		(require-not (regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
+		(require-any
+			(remote ip "*:*")
+			(literal "/private/var/run/mDNSResponder")
+			(control-name "com.apple.netsrc")
+			(control-name "com.apple.network.statistics")
+			(literal "/private/var/run/syslog"))))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.MobileAsset")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/online-auth-agent.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/online-auth-agent.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/online-auth-agent.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/passd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/passd.sb
new file mode 100644
index 00000000..1e7ab80c
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/passd.sb
@@ -0,0 +1,786 @@
+(version 1)
+(deny default)
+(allow distributed-notification-post)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]passd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]passd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]passd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]passd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]passd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]passd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]passd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]passd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]passd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]passd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]passd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]passd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(extension "com.apple.librarian.ubiquity-container")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.keyboard.plist")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+	(subpath "/System/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoRegistry.plist")
+	(subpath "/private/var/db/timezone")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(extension "com.apple.sandbox.executable")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.biometrickitd.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.pairedsync.plist")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Caches/GeoServices/tguid.bin"))
+		(require-any
+			(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+			(literal "/dev/urandom")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+			(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+			(subpath "/private/var/containers/Data/System/com.apple.geod")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Passbook.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+			(literal "/dev/zero")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Accessibility.plist")
+			(literal "/private/var/preferences/com.apple.security.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AOSNotification.public.notbackedup.plist")
+			(subpath-prefix "${HOME}/Library/Passes")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+			(literal "/dev/random")
+			(literal "/dev/ptmx")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.public.notbackedup.plist")
+			(subpath-prefix "${HOME}/Library/Fonts")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.accountsd.plist")
+			(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.postwipe.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iokit.IOMobileGraphicsFamily.plist")
+			(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+			(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+			(subpath-prefix "${HOME}/Library/Cookies")
+			(literal "/dev/aes_0")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.persistentconnection.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+			(literal "/private/var/preferences/com.apple.networkd.plist")
+			(subpath-prefix "${FRONT_USER_HOME}/Library/Caches/GeoServices")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.locationd.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.stockholm.plist")
+			(literal-prefix "${HOME}/Library/Caches/com.apple.pep.configuration.plist")
+			(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AdLib.plist")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.appleaccount.plist")
+			(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+			(subpath-prefix "${HOME}/Library/Caches/PassKit")
+			(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+			(subpath "/private/var/tmp")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+			(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreDuet.plist")
+			(literal "/dev/dtracehelper")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.passd.plist")
+			(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.LocalAuthentication.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataMigration.plist")
+			(literal "/dev/null")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.purplebuddy.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ConfigServer.plist")
+			(require-all
+				(subpath-prefix "${HOME}/Library/Application Support/Ubiquity/genstore")
+				(extension "com.apple.librarian.ubiquity-revision"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+				(extension "com.apple.tcc.kTCCServiceAddressBook"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]passd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]passd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]passd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]passd$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(vnode-type TTY)
+				(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+				(subpath-prefix "${FRONT_USER_HOME}"))
+			(require-all
+				(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+				(extension "com.apple.sandbox.pty"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+				(extension "com.apple.revisiond.revision"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type BLOCK-DEVICE)
+				(vnode-type CHARACTER-DEVICE)
+				(require-any
+					(literal "/private/etc/hosts")
+					(literal "/private/etc/group")
+					(literal "/private/etc/passwd")
+					(literal "/")
+					(literal "/private/etc/protocols")
+					(literal "/private/etc/services")
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+						(require-entitlement "com.apple.coreduetd.people"))))
+			(require-all
+				(vnode-type DIRECTORY)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]passd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]passd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]passd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]passd$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+			(require-all
+				(subpath-prefix "${HOME}/Library/Application Support/CloudDocs/session/r")
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.clouddocs.version"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]passd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]passd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]passd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]passd$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/Mobile Documents")
+				(require-any
+					(extension "com.apple.librarian.ubiquity-container")
+					(require-entitlement "com.apple.private.librarian.container-proxy")))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]passd" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]passd" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]passd")
+				(subpath-prefix "${FRONT_USER_HOME}"))
+			(require-all
+				(vnode-type SYMLINK)
+				(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+				(extension "com.apple.revisiond.revision"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/AddressBook")
+				(extension "com.apple.tcc.kTCCServiceAddressBook"))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+				(extension "com.apple.revisiond.revision"))
+			(require-all
+				(vnode-type SYMLINK)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode)))
+(allow file-read-metadata)
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Caches/GeoServices/tguid.bin"))
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.stockholm.plist")
+			(subpath "/private/var/tmp")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.passd.plist")
+			(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Passbook.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/kCFPreferencesAnyApplication.plist")
+			(subpath-prefix "${HOME}/Library/Cookies")
+			(subpath-prefix "${HOME}/Library/Passes")
+			(literal-prefix "${HOME}/Library/Caches/com.apple.pep.configuration.plist")
+			(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+			(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+			(subpath-prefix "${HOME}/Library/Caches/PassKit")
+			(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+			(require-all
+				(subpath-prefix "${HOME}/Library/Mobile Documents")
+				(require-any
+					(extension "com.apple.librarian.ubiquity-container")
+					(require-entitlement "com.apple.private.librarian.container-proxy")))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]passd" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]passd" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]passd")
+				(subpath-prefix "${FRONT_USER_HOME}"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]passd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]passd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]passd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]passd$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type BLOCK-DEVICE)
+				(vnode-type CHARACTER-DEVICE)
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(vnode-type SYMLINK)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+				(extension "com.apple.tcc.kTCCServiceAddressBook"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/AddressBook")
+				(extension "com.apple.tcc.kTCCServiceAddressBook"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]passd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]passd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]passd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]passd$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]passd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]passd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]passd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]passd$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(subpath "/private/var/.DocumentRevisions-V100/staging")
+				(extension "com.apple.revisiond.staging"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(require-any
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.private.safe-move.send")))))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open
+	(extension "com.apple.security.exception.iokit-user-client-class")
+	(iokit-user-client-class "AppleKeyStoreUserClient")
+	(iokit-user-client-class "IOSurfaceAcceleratorClient")
+	(iokit-user-client-class "IOMobileFramebufferUserClient")
+	(iokit-user-client-class "IOSurfaceRootUserClient")
+	(iokit-user-client-class "AppleJPEGDriverUserClient"))
+(allow iokit-set-properties
+	(iokit-property "reportStatusMessages"))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.nano.nanoregistry.paireddeviceregistry")
+	(global-name "com.apple.geod")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.seld.tsmmanager")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.nfcd.hwmanager")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.springboard.services")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.CoreAuthentication.daemon")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.usernotification.notificationregistrar")
+	(global-name "com.apple.seld")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.nfcd")
+	(global-name "com.apple.springboard.backgroundappservices")
+	(global-name "com.apple.nanomaps.xpc.GeoServices")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.CARenderServer")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.iohideventsystem")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.usernotification.notificationscheduler")
+	(global-name "com.apple.pairedsyncd.syncstate")
+	(global-name "com.apple.biometrickitd")
+	(global-name "com.apple.trustd")
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(require-not (global-name "com.apple.pluginkit.pkd"))
+		(require-any
+			(global-name "com.apple.AdSheetPhone.analytics")
+			(global-name "com.apple.SBUserNotification")
+			(global-name "com.apple.distributed_notifications@1v3")
+			(global-name "com.apple.passes.usage")
+			(global-name "com.apple.springboard.backgroundappservices")
+			(global-name "com.apple.nesessionmanager")
+			(global-name "com.apple.cfprefsd.agent")
+			(global-name "com.apple.lsd.advertisingidentifiers")
+			(global-name "com.apple.securityd")
+			(global-name "com.apple.icloud.findmydeviced")
+			(global-name "com.apple.cloudd")
+			(global-name "com.apple.quicklook.ThumbnailsAgent")
+			(global-name "com.apple.coremedia.asset")
+			(global-name "com.apple.SystemConfiguration.configd")
+			(global-name "com.apple.librariand")
+			(global-name "com.apple.PowerManagement.control")
+			(global-name "com.apple.FileCoordination")
+			(global-name "com.apple.spotlight.IndexAgent")
+			(global-name "com.apple.fig.movie")
+			(global-name "com.apple.accountsd.accountmanager")
+			(global-name "com.apple.lsd.openurl")
+			(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+			(global-name "com.apple.cmfsyncagent.embedded.auth")
+			(global-name "com.apple.FileProvider")
+			(global-name "com.apple.system.libinfo.muser")
+			(global-name "com.apple.SystemConfiguration.helper")
+			(global-name "com.apple.coremedia.assetimagegenerator")
+			(global-name "com.apple.powerlog.plxpclogger.xpc")
+			(global-name "com.apple.GSSCred")
+			(global-name "com.apple.FSEvents")
+			(global-name "com.apple.cookied")
+			(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+			(global-name "com.apple.commcenter.cupolicy.xpc")
+			(global-name "com.apple.cfnetwork.cfnetworkagent")
+			(global-name "com.apple.assertiond.applicationstateconnection")
+			(global-name "com.apple.ctkd.token-client")
+			(global-name "com.apple.locationd.registration")
+			(global-name "com.apple.coremedia.capturesession")
+			(global-name "com.apple.telephonyutilities.callservicesdaemon.callcapabilities")
+			(global-name "com.apple.duetknowledged.activity")
+			(global-name "com.apple.symptomsd")
+			(global-name "com.apple.managedconfiguration.profiled.public")
+			(global-name "com.apple.nehelper")
+			(global-name "com.apple.itunesstored.xpc")
+			(global-name "com.apple.diagnosticd")
+			(global-name "com.apple.containermanagerd")
+			(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+			(global-name "com.apple.tccd")
+			(global-name "com.apple.aggregated")
+			(global-name "com.apple.coremedia.sandboxserver")
+			(local-name "com.apple.cfprefsd.agent")
+			(global-name "com.apple.SystemConfiguration.NetworkInformation")
+			(global-name "com.apple.system.logger")
+			(global-name "com.apple.lsd.open")
+			(global-name "com.apple.itunescloudd.xpc")
+			(global-name "com.apple.locationd.synchronous")
+			(global-name "com.apple.apsd")
+			(global-name "com.apple.springboard.carditemscontroller")
+			(global-name "com.apple.coremedia.recorder")
+			(global-name "com.apple.lsd")
+			(global-name "com.apple.coremedia.videocompositor")
+			(global-name "com.apple.coremedia.admin")
+			(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+			(global-name "com.apple.lsd.mapdb")
+			(global-name "com.apple.bird.token")
+			(global-name "com.apple.assertiond.processassertionconnection")
+			(global-name "com.apple.coremedia.capturesource")
+			(global-name "com.apple.nsurlsessiond")
+			(global-name "com.apple.revisiond")
+			(global-name "com.apple.usymptomsd")
+			(global-name "com.apple.coremedia.endpoint.xpc")
+			(global-name "com.apple.cfprefsd.daemon")
+			(global-name "com.apple.lsd.icons")
+			(global-name "com.apple.bird")
+			(global-name "com.apple.mediaserverd")
+			(global-name "com.apple.pegasus")
+			(global-name "com.apple.audio.AudioSession")
+			(global-name "com.apple.networkd")
+			(global-name "com.apple.frontboard.systemappservices")
+			(global-name "com.apple.identityservicesd.idquery.embedded.auth")
+			(global-name "com.apple.commcenter.xpc")
+			(global-name "com.apple.SystemConfiguration.PPPController")
+			(global-name "com.apple.locationd.spi")
+			(global-name "com.apple.system.notification_center")
+			(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+			(global-name "com.apple.lsd.xpc")
+			(global-name "com.apple.nsurlstorage-cache")
+			(global-name "com.apple.corerecents.recentsd")
+			(global-name "com.apple.ABDatabaseDoctor")
+			(global-name "com.apple.mobilegestalt.xpc")
+			(global-name "com.apple.trustd")
+			(global-name "com.apple.appsupport.cplogd")
+			(global-name "com.apple.coremedia.remaker")
+			(global-name "com.apple.xpcd")
+			(require-all
+				(global-name "com.apple.ak.auth.xpc")
+				(require-any
+					(require-entitlement "com.apple.authkit.client")
+					(require-entitlement "com.apple.authkit.client.internal")
+					(require-entitlement "com.apple.authkit.client.private")
+					(require-entitlement "platform-application")))
+			(require-all
+				(global-name "com.apple.itunesstored.xpc")
+				(require-entitlement "com.apple.itunesstored.private"))
+			(require-all
+				(global-name "com.apple.bulletinboard.dataproviderconnection")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(global-name "com.apple.ak.anisette.xpc")
+				(require-any
+					(require-entitlement "com.apple.authkit.client")
+					(require-entitlement "com.apple.authkit.client.internal")
+					(require-entitlement "com.apple.authkit.client.private")
+					(require-entitlement "platform-application")))
+			(require-all
+				(global-name "com.apple.networkd_privileged")
+				(require-entitlement "com.apple.networkd_privileged"))
+			(require-all
+				(global-name "com.apple.coreduetd.people")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.mobileipod")
+	(preference-domain "com.apple.itunesstored")
+	(preference-domain "com.apple.icloud.findmydeviced.postwipe")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.locationd")
+	(preference-domain "com.apple.AdLib")
+	(preference-domain "com.apple.coreaudio")
+	(preference-domain "com.apple.iokit.IOMobileGraphicsFamily")
+	(preference-domain "com.apple.icloud.findmydeviced.public.notbackedup")
+	(preference-domain "com.apple.avfoundation")
+	(preference-domain "com.apple.corevideo")
+	(preference-domain "com.apple.ConfigServer")
+	(preference-domain "com.apple.appleaccount")
+	(preference-domain "com.apple.persistentconnection")
+	(preference-domain "com.apple.purplebuddy")
+	(preference-domain "com.apple.stockholm")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.CoreDuet")
+	(preference-domain "com.apple.passd")
+	(preference-domain "com.apple.GEO")
+	(preference-domain "com.apple.Passbook")
+	(preference-domain "com.apple.pairedsync")
+	(preference-domain "com.apple.keyboard")
+	(preference-domain "com.apple.carrier")
+	(preference-domain "com.apple.coremedia")
+	(preference-domain "com.apple.DataMigration")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.NanoRegistry")
+	(preference-domain "com.apple.demo-settings")
+	(preference-domain "com.apple.accountsd")
+	(preference-domain "com.apple.biometrickitd")
+	(preference-domain "com.apple.logging")
+	(preference-domain "com.apple.LocalAuthentication")
+	(preference-domain "com.apple.Accessibility")
+	(preference-domain "com.apple.AOSNotification.public.notbackedup")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.stockholm")
+	(preference-domain "com.apple.Passbook")
+	(preference-domain "com.apple.passd")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.PeoplePicker"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/passd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/passd.sb.xml
new file mode 100644
index 00000000..b8d494ee
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/passd.sb.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="distributed-notification-post" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="file-read-metadata" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/pfd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/pfd.sb
new file mode 100644
index 00000000..a2d5429e
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/pfd.sb
@@ -0,0 +1,160 @@
+(version 1)
+(deny default)
+(allow file-ioctl
+	(literal "/dev/pfm")
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0"))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal "/dev/random")
+	(subpath "/Developer")
+	(literal "/dev/urandom")
+	(literal "/dev/ptmx")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/System/Library")
+	(literal "/dev/aes_0")
+	(literal "/dev/dtracehelper")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.sandbox.executable")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal "/dev/zero")
+	(literal "/dev/pfm")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(subpath "/usr/share")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(subpath "/private/var/db/timezone")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write-data
+	(literal "/dev/pfm")
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(literal "/dev/random")
+		(literal "/dev/urandom")
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow iokit-get-properties)
+(allow ipc-posix-shm-read-data
+	(ipc-posix-name "apple.shm.notification_center"))
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/pfd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/pfd.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/pfd.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/printd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/printd.sb
new file mode 100644
index 00000000..35e4d9c7
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/printd.sb
@@ -0,0 +1,459 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]printd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]printd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]printd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]printd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]printd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]printd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]printd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]printd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]printd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]printd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]printd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]printd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iokit.IOMobileGraphicsFamily.plist")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal "/dev/dtracehelper")
+	(literal "/dev/zero")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(literal "/dev/random")
+	(subpath "/System/Library")
+	(subpath-prefix "${HOME}/Library/com.apple.printd")
+	(subpath "/private/var/db/timezone")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/dev/urandom")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.printd.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(extension "com.apple.sandbox.executable")
+	(literal "/dev/ptmx")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+	(subpath-prefix "${HOME}/Library/Fonts")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(subpath "/private/var/run/printd")
+	(literal "/dev/aes_0")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]printd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]printd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]printd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]printd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]printd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]printd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]printd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]printd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]printd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]printd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]printd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]printd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-metadata)
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/private/var/run/printd")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.printd.plist")
+	(subpath-prefix "${HOME}/Library/com.apple.printd")
+	(subpath "/private/var/tmp")
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]printd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]printd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]printd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]printd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]printd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]printd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]printd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]printd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]printd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]printd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]printd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]printd$")
+		(subpath-prefix "${HOME}")))
+(allow file-write-create
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.private.safe-move.send")))))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open
+	(extension "com.apple.security.exception.iokit-user-client-class")
+	(iokit-user-client-class "IOMobileFramebufferUserClient")
+	(iokit-user-client-class "IOSurfaceAcceleratorClient")
+	(iokit-user-client-class "AppleKeyStoreUserClient")
+	(iokit-user-client-class "IOSurfaceRootUserClient")
+	(iokit-user-client-class "AppleJPEGDriverUserClient"))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.springboard.services")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.springboard.backgroundappservices")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.wifi.manager")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.usernotification.notificationscheduler")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.notificationcenter.widgetcontrollerconnection")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.PowerManagement.control")
+	(global-name "com.apple.SBUserNotification")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.PersistentURLTranslator.Gatekeeper")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.usernotification.notificationregistrar")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "platform-application")))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "platform-application")))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private")))
+(allow network-inbound
+	(local tcp "*:*"))
+(allow network-outbound
+	(require-all
+		(require-not (regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
+		(require-any
+			(literal "/private/var/run/lockdown.sock")
+			(literal "/private/var/run/mDNSResponder")
+			(literal "/private/var/run/syslog")
+			(remote tcp "*:*")
+			(control-name "com.apple.network.statistics")
+			(control-name "com.apple.netsrc"))))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.iokit.IOMobileGraphicsFamily")
+	(preference-domain "com.apple.printd")
+	(preference-domain "com.apple.coremedia")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.printd"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/printd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/printd.sb.xml
new file mode 100644
index 00000000..e8f17749
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/printd.sb.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="file-read-metadata" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/ptpd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/ptpd.sb
new file mode 100644
index 00000000..154e16e3
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/ptpd.sb
@@ -0,0 +1,239 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/System/Library")
+	(literal "/dev/urandom")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Accessibility.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.UIKit.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal "/dev/zero")
+	(literal-prefix "${HOME}/Library/Caches/Checkpoint.plist")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal "/dev/random")
+	(subpath-prefix "${HOME}/Media")
+	(literal-prefix "${HOME}/Library/Logs/ptpd.log")
+	(subpath "/private/var/db/timezone")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iokit.IOMobileGraphicsFamily.plist")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/Photos")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.sandbox.executable")
+	(literal "/dev/ptmx")
+	(subpath "/Developer")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ImageCaptureFramework.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+	(literal "/dev/dtracehelper")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal "/dev/aes_0")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileslideshow.plist")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/usr/share")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(regex #"^/private/var/mobile" #"^/private/var/euser[0-9]+")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter")
+	(literal "/private/var/run/syslog")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs")
+			(literal-prefix "${HOME}/Library/Logs/CrashReporter")))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ImageCaptureFramework.plist")
+	(subpath-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs/Photos")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath-prefix "${HOME}/Media")
+	(literal-prefix "${HOME}/Library/Logs/ptpd.log")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileslideshow.plist")
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs")
+			(literal-prefix "${HOME}/Library/Logs/CrashReporter")))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open)
+(allow iokit-set-properties)
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup)
+(allow network-outbound
+	(require-all
+		(require-not (regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
+		(require-any
+			(literal "/private/var/run/lockdown.sock")
+			(literal "/private/var/run/syslog"))))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.UIKit")
+	(preference-domain "com.apple.mobileslideshow")
+	(preference-domain "com.apple.ImageCaptureFramework")
+	(preference-domain "com.apple.iokit.IOMobileGraphicsFamily")
+	(preference-domain "com.apple.coremedia")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.Accessibility")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.ImageCaptureFramework")
+	(preference-domain "com.apple.mobileslideshow"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/ptpd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/ptpd.sb.xml
new file mode 100644
index 00000000..7f2c4ab6
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/ptpd.sb.xml
@@ -0,0 +1,43 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-open" action="allow" />
+	<operation name="iokit-set-properties" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="mach-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/quicklookd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/quicklookd.sb
new file mode 100644
index 00000000..70f9b816
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/quicklookd.sb
@@ -0,0 +1,1151 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(extension-class "com.apple.quicklook.readonly")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(subpath "/private/var/tmp/MediaCache")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(subpath "/private/var/MobileAsset")
+		(extension "com.apple.assets.read")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(subpath "/private/var/tmp")
+		(require-any
+			(extension-class "com.apple.app-sandbox.read")
+			(extension-class "com.apple.app-sandbox.read-write")
+			(extension-class "com.apple.mediaserverd.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(subpath-prefix "${HOME}/Media")
+		(extension "com.apple.avasset.read-only")
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-only")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-only")
+				(extension "com.apple.tcc.kTCCServicePhotos"))))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.quicklook.readonly")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(require-all
+				(subpath-prefix "${HOME}/Library/OnDemandResources/AssetPacks")
+				(extension "com.apple.odr-assets"))
+			(require-all
+				(subpath "/private/var/containers/Data/System/com.apple.ondemandd/Library/AssetPacks")
+				(extension "com.apple.odr-assets"))))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]quicklook[.]quicklookd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]quicklook[.]quicklookd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]quicklook[.]quicklookd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]quicklook[.]quicklookd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(require-all
+				(subpath-prefix "${HOME}/Library/OnDemandResources/AssetPacks")
+				(extension "com.apple.odr-assets"))
+			(require-all
+				(subpath "/private/var/containers/Data/System/com.apple.ondemandd/Library/AssetPacks")
+				(extension "com.apple.odr-assets"))))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(extension "com.apple.librarian.ubiquity-container")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Assets")
+		(extension "com.apple.assets.read")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]quicklook[.]quicklookd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]quicklook[.]quicklookd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]quicklook[.]quicklookd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]quicklook[.]quicklookd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]quicklook[.]quicklookd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]quicklook[.]quicklookd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]quicklook[.]quicklookd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]quicklook[.]quicklookd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.app-sandbox.read-write")))
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(subpath "/System/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.medialibrary.plist")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+	(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.public.notbackedup.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+	(subpath "/usr/share")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+	(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-journal")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreDuet.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoRegistry.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.quicklook.quicklookd.plist")
+	(subpath "/private/var/db/timezone")
+	(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.pairedsync.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-wal")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.homesharing.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AOSNotification.public.notbackedup.plist")
+	(extension "com.apple.sandbox.executable")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(subpath "/AppleInternal/Library/Frameworks/TypologyRecording.framework")
+	(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(extension "com.apple.quicklook.readonly")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataMigration.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileslideshow.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.postwipe.plist")
+	(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-shm")
+	(subpath "/usr/lib")
+	(literal-prefix "${HOME}/Media/iTunes_Control/iTunes")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+	(require-all
+		(require-not (subpath "/System/Library/Carrier Bundles"))
+		(require-not (subpath-prefix "${HOME}/Library/Carrier Bundles"))
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaremote.plist")
+			(subpath "/private/var/tmp/MediaCache")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+			(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+			(literal-prefix "${HOME}/Library/Caches/Checkpoint.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+			(require-all
+				(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(subpath-prefix "${HOME}/Media/PhotoData/Thumbnails")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(subpath-prefix "${HOME}/Media")
+				(extension "com.apple.avasset.read-only")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite-shm")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(subpath-prefix "${HOME}/Media/PhotoData/Metadata")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(literal-prefix "${HOME}/Media/PhotoData/syncInfo.plist")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(subpath-prefix "${HOME}/Media/PhotoData/Sync/FaceAlbumThumbnails")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite-journal")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(require-not (subpath-prefix "${HOME}/Library/FairPlay"))
+				(require-not (literal "/usr/sbin/fairplayd"))
+				(require-not (subpath-prefix "${HOME}/Media"))
+				(require-any
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.plist")
+					(subpath-prefix "${HOME}/Library/WebClips")
+					(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+					(literal "/dev/urandom")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileAsset.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+					(literal-prefix "${HOME}/Library/Preferences/com.apple.dataaccess.launchd")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.keyboard.plist")
+					(literal "/private/var/preferences/SystemConfiguration/com.apple.accounts.exists.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Sharing.plist")
+					(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+					(subpath "/Library/Dictionaries")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.UIKit.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebKit.plist")
+					(literal "/dev/zero")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Accessibility.plist")
+					(subpath-prefix "${HOME}/Media/Safari")
+					(literal "/private/var/preferences/com.apple.security.plist")
+					(subpath-prefix "${HOME}/Library/Caches/com.apple.IconsCache")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AOSNotification.public.notbackedup.plist")
+					(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+					(subpath-prefix "${HOME}/Library/Caches/com.apple.keyboards")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.preferences.sounds.plist")
+					(literal "/private/var/preferences/SystemConfiguration/com.apple.twitter.plist")
+					(literal "/private/var/preferences/SystemConfiguration/com.apple.radios.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.SpeakSelection.plist")
+					(subpath-prefix "${HOME}/Library/Fonts")
+					(literal-prefix-regex "${HOME}/Library/Preferences/com[.]apple[.]quicklook[.]quicklookd.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.aggregated.plist")
+					(literal-prefix "${HOME}/Library/Caches/DateFormats.plist")
+					(extension "com.apple.app-sandbox.read")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+					(subpath-prefix "${HOME}/Library/Assets/com_apple_MobileAsset_VoiceServicesVocalizerVoice")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+					(literal "/com.apple.xpc.launchd.bootstrap.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iokit.IOMobileGraphicsFamily.plist")
+					(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MapKit.internal.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreMotion.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iapd.plist")
+					(subpath-prefix "${HOME}/Library/WebKit")
+					(subpath-prefix "${HOME}/Library/Caches/com.apple.UIStatusBar")
+					(subpath-prefix "${HOME}/Library/Cookies")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.assistant.support.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mt.plist")
+					(literal "/private/var/preferences/SystemConfiguration/com.apple.facebook.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.EmojiPreferences.plist")
+					(subpath "/AppleInternal/Library/Frameworks/RadarCompose.framework")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreanimation.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.da.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+					(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+					(literal-prefix "${HOME}/Library/Caches/com.apple.itunesstored/url-resolution.plist")
+					(literal "/private/var/preferences/com.apple.networkd.plist")
+					(extension "com.apple.app-sandbox.read-write")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.nanoprefsyncd.plist")
+					(subpath-prefix "${HOME}/Library/VoiceServices/Assets")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.locationd.plist")
+					(subpath-prefix "${HOME}/Library/Dictionaries")
+					(literal "/dev/aes_0")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.telephonyutilities.dialassist.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.voiceservices.plist")
+					(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataAccess.BehaviorOptions.plist")
+					(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+					(subpath "/private/var/tmp")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.videos.plist")
+					(literal "/dev/random")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.public.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.youtubeframework.plist")
+					(literal "/dev/dtracehelper")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.InputModePreferences.plist")
+					(literal "/private/var/preferences/SystemConfiguration/com.apple.linkedin.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Preferences.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebUI.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist")
+					(literal "/dev/null")
+					(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+					(literal "/private/var/preferences/SystemConfiguration/com.apple.sinaweibo.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+					(literal-prefix "${HOME}/Library/Keyboard/LocalDictionary")
+					(literal "/dev/ptmx")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.VoiceOverTouch.plist")
+					(require-all
+						(subpath-prefix "${HOME}/Library/Application Support/CloudDocs/session/r")
+						(vnode-type REGULAR-FILE)
+						(extension "com.apple.clouddocs.version"))
+					(require-all
+						(subpath-prefix "${HOME}/Library/Assets")
+						(extension "com.apple.assets.read"))
+					(require-all
+						(vnode-type TTY)
+						(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+					(require-all
+						(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+						(extension "com.apple.sandbox.pty"))
+					(require-all
+						(regex #"^/private/var/mobile/Documents/com[.]apple[.]quicklook[.]quicklookd[.]settings$" #"^/private/var/mobile/Documents/com[.]apple[.]quicklook[.]quicklookd[.]settings/" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.]quicklook[.]quicklookd[.]settings$" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.]quicklook[.]quicklookd[.]settings/")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(vnode-type SYMLINK)
+						(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+						(extension "com.apple.revisiond.revision"))
+					(require-all
+						(subpath-prefix "${HOME}/Library/Application Support/Ubiquity/genstore")
+						(extension "com.apple.librarian.ubiquity-revision"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]quicklook[.]quicklookd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]quicklook[.]quicklookd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]quicklook[.]quicklookd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]quicklook[.]quicklookd$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(extension "com.apple.sandbox.system-container")
+						(require-entitlement "com.apple.security.system-container"))
+					(require-all
+						(vnode-type REGULAR-FILE)
+						(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+						(extension "com.apple.revisiond.revision"))
+					(require-all
+						(vnode-type REGULAR-FILE)
+						(subpath "/private/var/.DocumentRevisions-V100/staging")
+						(extension "com.apple.revisiond.staging"))
+					(require-all
+						(extension "com.apple.sandbox.system-group")
+						(require-any
+							(require-entitlement "com.apple.security.system-group-containers")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+							(require-entitlement "com.apple.security.system-groups")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+					(require-all
+						(subpath "/private/var/MobileAsset")
+						(extension "com.apple.assets.read"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]quicklook[.]quicklookd[.]savedState/" #"^/private/var/euser[0-9]+/Library/Saved Application State/com[.]apple[.]quicklook[.]quicklookd[.]savedState/")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(extension "com.apple.sandbox.system-container")
+						(require-entitlement "com.apple.security.system-container"))
+					(require-all
+						(subpath "/private/var/containers/Data/System/com.apple.ondemandd/Library/AssetPacks")
+						(extension "com.apple.odr-assets"))
+					(require-all
+						(vnode-type BLOCK-DEVICE)
+						(vnode-type CHARACTER-DEVICE)
+						(require-any
+							(literal "/private/etc/hosts")
+							(literal "/private/etc/group")
+							(literal "/private/etc/passwd")
+							(literal "/")
+							(literal "/private/etc/protocols")
+							(literal "/private/etc/services")
+							(require-all
+								(literal-prefix "${HOME}/Library/CoreDuet/People")
+								(require-entitlement "com.apple.coreduetd.people"))
+							(require-all
+								(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+								(require-entitlement "com.apple.coreduetd.people"))
+							(require-all
+								(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+								(require-entitlement "com.apple.coreduetd.people"))
+							(require-all
+								(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+								(require-entitlement "com.apple.coreduetd.people"))
+							(require-all
+								(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+								(require-entitlement "com.apple.coreduetd.people"))))
+					(require-all
+						(vnode-type REGULAR-FILE)
+						(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]quicklook[.]quicklookd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]quicklook[.]quicklookd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]quicklook[.]quicklookd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]quicklook[.]quicklookd$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+						(require-entitlement "com.apple.bulletinboard.dataprovider"))
+					(require-all
+						(extension "com.apple.sandbox.system-group")
+						(require-any
+							(require-entitlement "com.apple.security.system-groups")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+							(require-entitlement "com.apple.security.system-group-containers")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+					(require-all
+						(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+						(require-entitlement "com.apple.bulletinboard.dataprovider"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+						(subpath-prefix "${FRONT_USER_HOME}"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+						(extension "com.apple.revisiond.revision"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]quicklook[.]quicklookd-" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]quicklook[.]quicklookd/" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]quicklook[.]quicklookd$" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]quicklook[.]quicklookd-" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]quicklook[.]quicklookd/" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]quicklook[.]quicklookd$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(subpath-prefix "${HOME}/Library/Mobile Documents")
+						(require-any
+							(extension "com.apple.librarian.ubiquity-container")
+							(require-entitlement "com.apple.private.librarian.container-proxy")))
+					(require-all
+						(regex #"^/private/var/mobile/Library/SyncedPreferences/com[.]apple[.]quicklook[.]quicklookd[.]plist" #"^/private/var/mobile/Library/SyncedPreferences/com[.]apple[.]quicklook[.]quicklookd-.+[.]plist" #"^/private/var/euser[0-9]+/Library/SyncedPreferences/com[.]apple[.]quicklook[.]quicklookd-.*[.]plist")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(subpath-prefix "${HOME}/Library/OnDemandResources/AssetPacks")
+						(extension "com.apple.odr-assets"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/[.]GlobalPreferences$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/[.]GlobalPreferences$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(subpath "/private/var/.DocumentRevisions-V100/staging")
+						(extension "com.apple.revisiond.staging"))
+					(require-all
+						(vnode-type SYMLINK)
+						(subpath "/private/var/.DocumentRevisions-V100/staging")
+						(extension "com.apple.revisiond.staging"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]quicklook[.]quicklookd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]quicklook[.]quicklookd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]quicklook[.]quicklookd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]quicklook[.]quicklookd$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+						(subpath-prefix "${HOME}"))))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite-wal")
+				(extension "com.apple.tcc.kTCCServicePhotos"))))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/AddressBook")
+		(extension "com.apple.tcc.kTCCServiceAddressBook")))
+(allow file-read-metadata)
+(allow file-read-xattr
+	(literal-prefix "${HOME}/Library/Caches"))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-shm")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+	(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-wal")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.quicklook.quicklookd.plist")
+	(subpath "/private/var/tmp/MediaCache")
+	(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb")
+	(literal-prefix "${HOME}/Media/iTunes_Control/iTunes")
+	(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb-journal")
+	(require-all
+		(require-not (subpath-prefix "${HOME}/Media"))
+		(require-any
+			(subpath-prefix "${HOME}/Library/WebKit")
+			(subpath-prefix "${HOME}/Library/WebClips")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Preferences.plist")
+			(subpath-prefix "${HOME}/Library/Cookies")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.youtubeframework.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+			(subpath-prefix "${HOME}/Media/Safari")
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/WebKit/LocalStorage"))
+			(require-all
+				(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.springboard.plist"))
+				(require-not (literal-prefix "${HOME}/Library/Caches/DateFormats.plist"))
+				(require-any
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.EmojiPreferences.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Preferences.plist")
+					(subpath-prefix "${HOME}/Library/Caches/com.apple.keyboards")
+					(literal-prefix "${HOME}/Library/Preferences/com.apple.dataaccess.launchd")
+					(literal-prefix-regex "${HOME}/Library/Preferences/com[.]apple[.]quicklook[.]quicklookd.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaaccessibility.public.plist")
+					(extension "com.apple.app-sandbox.read-write")
+					(subpath "/private/var/tmp")
+					(literal-prefix "${HOME}/Library/Keyboard/LocalDictionary")
+					(require-all
+						(extension "com.apple.sandbox.system-group")
+						(require-any
+							(require-entitlement "com.apple.security.system-groups")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+							(require-entitlement "com.apple.security.system-group-containers")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+					(require-all
+						(extension "com.apple.sandbox.system-container")
+						(require-entitlement "com.apple.security.system-container"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]quicklook[.]quicklookd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]quicklook[.]quicklookd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]quicklook[.]quicklookd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]quicklook[.]quicklookd$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]quicklook[.]quicklookd[.]savedState/" #"^/private/var/euser[0-9]+/Library/Saved Application State/com[.]apple[.]quicklook[.]quicklookd[.]savedState/")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(subpath-prefix "${HOME}/Library/Mobile Documents")
+						(require-any
+							(extension "com.apple.librarian.ubiquity-container")
+							(require-entitlement "com.apple.private.librarian.container-proxy")))
+					(require-all
+						(regex #"^/private/var/mobile/Documents/com[.]apple[.]quicklook[.]quicklookd[.]settings$" #"^/private/var/mobile/Documents/com[.]apple[.]quicklook[.]quicklookd[.]settings/" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.]quicklook[.]quicklookd[.]settings$" #"^/private/var/euser[0-9]+/Documents/com[.]apple[.]quicklook[.]quicklookd[.]settings/")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(vnode-type REGULAR-FILE)
+						(subpath "/private/var/.DocumentRevisions-V100/staging")
+						(extension "com.apple.revisiond.staging"))
+					(require-all
+						(vnode-type BLOCK-DEVICE)
+						(vnode-type CHARACTER-DEVICE)
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(vnode-type REGULAR-FILE)
+						(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]quicklook[.]quicklookd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]quicklook[.]quicklookd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]quicklook[.]quicklookd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]quicklook[.]quicklookd$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(vnode-type SYMLINK)
+						(subpath "/private/var/.DocumentRevisions-V100/staging")
+						(extension "com.apple.revisiond.staging"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]quicklook[.]quicklookd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]quicklook[.]quicklookd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]quicklook[.]quicklookd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]quicklook[.]quicklookd$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]quicklook[.]quicklookd-" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]quicklook[.]quicklookd/" #"^/private/var/mobile/Library/Caches/Snapshots/com[.]apple[.]quicklook[.]quicklookd$" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]quicklook[.]quicklookd-" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]quicklook[.]quicklookd/" #"^/private/var/euser[0-9]+/Library/Caches/Snapshots/com[.]apple[.]quicklook[.]quicklookd$")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(vnode-type DIRECTORY)
+						(subpath "/private/var/.DocumentRevisions-V100/staging")
+						(extension "com.apple.revisiond.staging"))))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/WebKit/Databases"))))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/AddressBook")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Media/iTunes_Control/iTunes")))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.Accessibility.plist"))
+		(require-not (literal-prefix "${HOME}/Library/Preferences/com.apple.UIKit.plist"))
+		(require-any
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.private.safe-move.send"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches/Snapshots"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(regex #"^/private/var/mobile/Library/Saved Application State/com[.]apple[.]quicklook[.]quicklookd[.]savedState" #"^/private/var/euser[0-9]+/Library/Saved Application State/com[.]apple[.]quicklook[.]quicklookd[.]savedState")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Saved Application State"))))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches/com.apple.DictionaryServices")))
+(allow file-write-data
+	(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/MediaLibrary.sqlitedb")
+	(literal-prefix "${HOME}/Library/WebKit/Databases/Databases.db")
+	(literal-prefix "${HOME}/Library/WebKit/LocalStorage/StorageTracker.db")
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open
+	(extension "com.apple.security.exception.iokit-user-client-class")
+	(iokit-user-client-class "AppleKeyStoreUserClient")
+	(iokit-user-client-class "IOAccelDevice2")
+	(iokit-user-client-class "IOAccelSharedUserClient2")
+	(iokit-user-client-class "IOSurfaceSendRight")
+	(iokit-user-client-class "IOAccelContext")
+	(iokit-user-client-class "IOAccelSharedUserClient")
+	(iokit-user-client-class "IOSurfaceAcceleratorClient")
+	(iokit-user-client-class "IOAccelDevice")
+	(iokit-user-client-class "IOMobileFramebufferUserClient")
+	(iokit-user-client-class "IOSurfaceRootUserClient")
+	(iokit-user-client-class "IOAccelSubmitter2")
+	(iokit-user-client-class "AppleJPEGDriverUserClient")
+	(iokit-user-client-class "IOAccelContext2"))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.pairedsyncd.syncstate")
+	(global-name "com.apple.nano.nanoregistry.paireddeviceregistry")
+	(global-name "com.apple.springboard.backgroundappservices")
+	(global-name "com.apple.audio.AudioSession")
+	(global-name "PurpleSystemEventPort")
+	(global-name "com.apple.medialibraryd.xpc")
+	(global-name "com.apple.mediaserverd")
+	(global-name "PurpleSystemAppPort")
+	(global-name "com.apple.spotlight.IndexAgent")
+	(global-name "com.apple.fig.movie")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.cmfsyncagent.embedded.auth")
+	(global-name "com.apple.calaccessd")
+	(global-name "com.apple.coremedia.assetimagegenerator")
+	(global-name "com.apple.springboard.services")
+	(global-name "com.apple.coremedia.admin")
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.coremedia.sandboxserver")
+	(global-name "com.apple.coremedia.capturesession")
+	(global-name "com.apple.telephonyutilities.callservicesdaemon.callcapabilities")
+	(global-name "com.apple.ABDatabaseDoctor")
+	(global-name "com.apple.usernotification.notificationregistrar")
+	(global-name "com.apple.coremedia.mutablecomposition")
+	(global-name "com.apple.coremedia.remaker")
+	(global-name "com.apple.itunescloudd.xpc")
+	(global-name "com.apple.coremedia.recorder")
+	(global-name "com.apple.coremedia.videocompositor")
+	(global-name "com.apple.pegasus")
+	(global-name "com.apple.coremedia.capturesource")
+	(global-name "com.apple.usernotification.notificationscheduler")
+	(local-name "com.apple.iphone.axserver")
+	(global-name "com.apple.coremedia.endpoint.xpc")
+	(global-name "com.apple.identityservicesd.idquery.embedded.auth")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.itunesstored.xpc")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.coremedia.asset")
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(require-not (global-name "com.apple.networkd"))
+		(require-any
+			(global-name "com.apple.mobile.keybagd.xpc")
+			(global-name "com.apple.WebBookmarks.webbookmarksd")
+			(global-name "com.apple.distributed_notifications@1v3")
+			(global-name "com.apple.mobileassetd")
+			(global-name "com.apple.UIKit.KeyboardManagement")
+			(global-name "com.apple.audio.SystemSoundServer-iOS")
+			(global-name "com.apple.nesessionmanager")
+			(global-name "com.apple.audio.AudioSession")
+			(global-name "com.apple.cfprefsd.agent")
+			(global-name "com.apple.lsd.advertisingidentifiers")
+			(global-name "com.apple.tccd")
+			(global-name "com.apple.frontboard.workspace")
+			(global-name "com.apple.UIKit.statusbarserver")
+			(global-name-regex #"^com[.]apple[.]uikit[.]viewservice[.].+")
+			(global-name "com.apple.duetknowledged.activity")
+			(global-name "com.apple.FileProvider")
+			(global-name "com.apple.backboard.animation-fence-arbiter")
+			(global-name "com.apple.MediaRemote.daemon")
+			(global-name "com.apple.marco")
+			(global-name "com.apple.UIKit.pasteboardd")
+			(global-name "ScripterServer")
+			(global-name "com.apple.librariand")
+			(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+			(global-name "UIASTNotificationCenter")
+			(global-name "com.apple.UIKit.KeyboardManagement.hosted")
+			(global-name "com.apple.symptomsd")
+			(global-name "com.apple.lsd.openurl")
+			(global-name "com.apple.assetsd.changehub")
+			(global-name "com.apple.frontboard.systemappservices")
+			(global-name "com.apple.lsd.mapdb")
+			(global-name "com.apple.uikit.GestureServer")
+			(global-name "com.apple.system.libinfo.muser")
+			(global-name "com.apple.webfilterd")
+			(global-name "com.apple.SystemConfiguration.helper")
+			(global-name "com.apple.coremedia.endpoint.xpc")
+			(global-name "com.apple.assertiond.applicationstateconnection")
+			(global-name "com.apple.powerlog.plxpclogger.xpc")
+			(global-name "com.apple.assertiond.extension")
+			(global-name "com.apple.nanoprefsync")
+			(global-name "com.apple.springboard.services")
+			(global-name "com.apple.TextInput.lexicon-server")
+			(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+			(global-name "com.apple.MediaRemote.nowplayingserver")
+			(global-name "com.apple.airplaydiagnostics.server")
+			(global-name "com.apple.coremedia.admin")
+			(global-name "com.apple.iohideventsystem")
+			(global-name "com.apple.commcenter.cupolicy.xpc")
+			(global-name "com.apple.coremedia.capturesession")
+			(global-name "com.apple.ctkd.token-client")
+			(global-name "com.apple.locationd.registration")
+			(global-name "com.apple.system.notification_center")
+			(global-name "com.apple.backboard.display.services")
+			(global-name "com.apple.managedconfiguration.profiled.public")
+			(global-name "com.apple.itunesstored.xpc")
+			(global-name "com.apple.diagnosticd")
+			(global-name "com.apple.containermanagerd")
+			(global-name "com.apple.TextInput")
+			(global-name "com.apple.SBUserNotification")
+			(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+			(global-name "com.apple.usernotification.notificationregistrar")
+			(global-name "com.apple.quicklook.ThumbnailsAgent")
+			(global-name "com.apple.TextInput.rdt")
+			(local-name "com.apple.cfprefsd.agent")
+			(global-name "com.apple.ondemandd.client")
+			(local-name-regex #"^com[.]apple[.]assistant[.]contextprovider[.]")
+			(global-name "com.apple.aggregated")
+			(global-name "com.apple.SystemConfiguration.configd")
+			(global-name "com.apple.SystemConfiguration.NetworkInformation")
+			(global-name "com.apple.assistant.dictation")
+			(global-name "com.apple.lsd.open")
+			(global-name "com.apple.itunescloudd.xpc")
+			(global-name "com.apple.locationd.synchronous")
+			(global-name "com.apple.springboard.backgroundappservices")
+			(global-name "com.apple.audio.AudioQueueServer")
+			(global-name "com.apple.mediaremoted.xpc")
+			(global-name "com.apple.gpumemd.source")
+			(global-name "com.apple.PersistentURLTranslator.Gatekeeper")
+			(global-name "com.apple.TextInput.shortcuts")
+			(global-name "com.apple.coremedia.assetimagegenerator")
+			(global-name "com.apple.MediaRemote.isrunning")
+			(global-name "com.apple.coremedia.videocompositor")
+			(global-name "com.apple.bird.token")
+			(global-name "com.apple.backboard.hid.services")
+			(global-name "com.apple.assertiond.processassertionconnection")
+			(global-name "com.apple.coremedia.capturesource")
+			(global-name "com.apple.dictationd.recognition")
+			(global-name "com.apple.revisiond")
+			(global-name "com.apple.usymptomsd")
+			(global-name "com.apple.accessibility.gax.backboard")
+			(global-name "com.apple.backboard.TouchDeliveryPolicyServer")
+			(global-name "com.apple.usernotification.notificationscheduler")
+			(global-name "com.apple.securityd")
+			(global-name "com.apple.voiceservices.keepalive")
+			(global-name "com.apple.lsd.icons")
+			(global-name "com.apple.bird")
+			(global-name "com.apple.cfprefsd.daemon")
+			(global-name "com.apple.safarifetcherd")
+			(global-name "com.apple.voiceservices.tts")
+			(global-name "com.apple.assistant.settings")
+			(global-name "com.apple.mediaserverd")
+			(global-name "com.apple.pegasus")
+			(global-name "com.apple.assertiond.expiration")
+			(global-name "com.apple.CARenderServer")
+			(global-name "com.apple.webinspector")
+			(global-name "com.apple.FileCoordination")
+			(global-name "com.apple.lsd")
+			(global-name "com.apple.coremedia.recorder")
+			(global-name "com.apple.pluginkit.pkd")
+			(global-name "com.apple.fig.movie")
+			(global-name "com.apple.commcenter.xpc")
+			(global-name "com.apple.coremedia.sandboxserver")
+			(global-name "com.apple.SystemConfiguration.PPPController")
+			(global-name "com.apple.accessibility.AXBackBoardServer")
+			(global-name "com.apple.locationd.spi")
+			(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+			(global-name "com.apple.system.logger")
+			(global-name "com.apple.sharingd.nsxpc")
+			(global-name "com.apple.cvmsServ")
+			(global-name "com.apple.coremedia.asset")
+			(global-name "com.apple.iphone.axserver-systemwide")
+			(global-name "com.apple.audio.AURemoteIOServer")
+			(global-name "com.apple.mobilegestalt.xpc")
+			(global-name "com.apple.trustd")
+			(global-name "com.apple.appsupport.cplogd")
+			(global-name "com.apple.xpcd")
+			(global-name "com.apple.coremedia.remaker")
+			(global-name "com.apple.sharingd")
+			(global-name "com.apple.mobilecheckpoint.checkpointd")
+			(require-all
+				(global-name "com.apple.springboard.statusbarservices")
+				(require-entitlement "com.apple.springboard.statusbarstyleoverrides"))
+			(require-all
+				(global-name "com.apple.springboard.backgroundappservices")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(global-name "com.apple.coremedia.capturesession")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(global-name "com.apple.itunesstored.xpc")
+				(require-entitlement "com.apple.itunesstored.private"))
+			(require-all
+				(global-name "com.apple.itunesstored.xpc")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(global-name "com.apple.coremedia.endpoint.xpc")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(global-name "com.apple.coremedia.remaker")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(global-name "com.apple.pegasus")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(global-name "com.apple.itunescloudd.xpc")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(global-name "com.apple.bulletinboard.dataproviderconnection")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(global-name "com.apple.coremedia.admin")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(global-name "com.apple.coremedia.assetimagegenerator")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(global-name "com.apple.coreduetd.people")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(global-name "com.apple.audio.AudioSession")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(global-name "com.apple.coremedia.videocompositor")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(global-name "com.apple.coremedia.capturesource")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(global-name "com.apple.mediaserverd")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(global-name "com.apple.coremedia.asset")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(global-name "com.apple.fig.movie")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(global-name "com.apple.coremedia.sandboxserver")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(global-name "com.apple.coremedia.recorder")
+				(extension "com.apple.tcc.kTCCServicePhotos"))))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow network-outbound
+	(require-all
+		(require-not (regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
+		(require-any
+			(literal "/private/var/run/lockdown.sock")
+			(literal "/private/var/run/mDNSResponder")
+			(literal "/private/var/run/printd")
+			(literal "/private/var/run/syslog")
+			(control-name "com.apple.network.statistics")
+			(control-name "com.apple.netsrc"))))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(preference-domain "com.apple.NanoRegistry")
+	(preference-domain "com.apple.demo-settings")
+	(preference-domain "com.apple.Preferences")
+	(preference-domain "com.apple.UIKit")
+	(preference-domain "com.apple.mobileipod")
+	(preference-domain "com.apple.avfoundation")
+	(preference-domain "com.apple.homesharing")
+	(preference-domain "com.apple.mobileslideshow")
+	(preference-domain "com.apple.icloud.findmydeviced.postwipe")
+	(preference-domain "com.apple.keyboard")
+	(preference-domain "com.apple.icloud.findmydeviced.public.notbackedup")
+	(preference-domain "com.apple.mt")
+	(preference-domain "com.apple.assistant.support")
+	(preference-domain "com.apple.corevideo")
+	(preference-domain "com.apple.mediaaccessibility.public")
+	(preference-domain "com.apple.MapKit.internal")
+	(preference-domain "com.apple.voiceservices")
+	(preference-domain "com.apple.logging")
+	(preference-domain "com.apple.WebKit")
+	(preference-domain ".GlobalPreferences")
+	(preference-domain "com.apple.preferences.sounds")
+	(preference-domain "com.apple.mediaaccessibility")
+	(preference-domain "com.apple.telephonyutilities.dialassist")
+	(preference-domain "com.apple.mediaremote")
+	(preference-domain "com.apple.SpeakSelection")
+	(preference-domain "com.apple.youtubeframework")
+	(preference-domain "com.apple.CoreMotion")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.CoreDuet")
+	(preference-domain "com.apple.Sharing")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.coreanimation")
+	(preference-domain "com.apple.GEO")
+	(preference-domain "com.apple.iapd")
+	(preference-domain "com.apple.da")
+	(preference-domain "com.apple.pairedsync")
+	(preference-domain "com.apple.iokit.IOMobileGraphicsFamily")
+	(preference-domain "com.apple.MobileAsset")
+	(preference-domain "com.apple.WebUI")
+	(preference-domain "com.apple.carrier")
+	(preference-domain "com.apple.medialibrary")
+	(preference-domain "com.apple.DataAccess.BehaviorOptions")
+	(preference-domain "com.apple.locationd")
+	(preference-domain "com.apple.assistant")
+	(preference-domain "com.apple.EmojiPreferences")
+	(preference-domain "com.apple.coremedia")
+	(preference-domain "com.apple.InputModePreferences")
+	(preference-domain "com.apple.quicklook.quicklookd")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.coreaudio")
+	(preference-domain "com.apple.videos")
+	(preference-domain "com.apple.DataMigration")
+	(preference-domain "com.apple.marco")
+	(preference-domain "com.apple.nanoprefsyncd")
+	(preference-domain "com.apple.itunesstored")
+	(preference-domain "com.apple.aggregated")
+	(preference-domain "com.apple.VoiceOverTouch")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.Accessibility")
+	(preference-domain "com.apple.AOSNotification.public.notbackedup")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(preference-domain "com.apple.itunesstored")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.avfoundation")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.coremedia")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.mobileipod")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.coreaudio")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.corevideo")
+		(extension "com.apple.tcc.kTCCServicePhotos")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.quicklook.quicklookd")
+	(preference-domain "com.apple.mediaaccessibility.public")
+	(preference-domain "com.apple.Preferences")
+	(preference-domain "com.apple.EmojiPreferences")
+	(preference-domain "com.apple.youtubeframework")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "com.apple.PeoplePicker"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/quicklookd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/quicklookd.sb.xml
new file mode 100644
index 00000000..c3c699a4
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/quicklookd.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="file-read-metadata" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/racoon.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/racoon.sb
new file mode 100644
index 00000000..1289c178
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/racoon.sb
@@ -0,0 +1,120 @@
+(version 1)
+(deny default)
+(allow file-ioctl
+	(literal "/dev/aes_0")
+	(literal "/dev/sha1_0")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.ipsec.plist")
+	(subpath "/private/etc/racoon")
+	(subpath "/private/var/run/racoon")
+	(literal "/dev/dtracehelper")
+	(literal "/private/etc/master.passwd"))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal "/dev/aes_0")
+	(literal "/dev/sha1_0")
+	(literal "/dev/random")
+	(literal "/dev/urandom")
+	(subpath "/private/var/Managed Preferences/mobile")
+	(literal "/dev/dtracehelper")
+	(subpath "/private/var/root")
+	(literal "/Library/Managed Preferences/mobile")
+	(literal "/private/var/db/icu")
+	(literal "/private/var/run/racoon.sock")
+	(literal "/private/etc/master.passwd")
+	(subpath "/usr/share")
+	(subpath "/private/etc/racoon")
+	(literal "/private/var/run/racoon.pid")
+	(subpath "/private/var/preferences")
+	(literal "/dev/null")
+	(subpath "/private/var/run/racoon")
+	(literal "/dev/zero")
+	(literal "/Library/Preferences")
+	(subpath "/private/var/db/timezone")
+	(literal "/private/var/log/racoon.log")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(literal "/Library/Managed Preferences")
+	(require-all
+		(file-mode #o0004)
+		(require-any
+			(subpath "/System")
+			(subpath "/usr/lib")
+			(subpath "/usr/sbin")
+			(subpath "/usr/share")))
+	(require-all
+		(file-mode #o0004)
+		(require-any
+			(subpath "/System")
+			(subpath "/usr/lib")
+			(subpath "/usr/share")
+			(subpath "/private/var/db/dyld"))))
+(allow file-read-metadata
+	(literal "/etc")
+	(literal "/tmp")
+	(literal "/var")
+	(literal "/private/etc/localtime"))
+(allow file-write*
+	(literal "/private/var/run/racoon.sock")
+	(literal "/private/var/run/racoon.pid")
+	(literal "/private/var/log/racoon.log")
+	(require-all
+		(regex #"^/cores/")
+		(require-not (file-mode #o0000))))
+(allow file-write-data
+	(literal "/dev/aes_0")
+	(literal "/dev/sha1_0")
+	(literal "/dev/zero")
+	(literal "/dev/dtracehelper")
+	(literal "/dev/null"))
+(allow iokit-open
+	(iokit-user-client-class "AppleMobileFileIntegrityUserClient")
+	(iokit-user-client-class "RootDomainUserClient"))
+(allow iokit-get-properties)
+(allow ipc-posix-shm-read*
+	(ipc-posix-name-regex #"^apple[.]shm[.]cfprefsd[.]"))
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.system.DirectoryService.libinfo_v1")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.ocspd")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(local-name "com.apple.cfprefsd.agent"))
+(allow network*
+	(local udp "*:500")
+	(local udp "*:4500")
+	(remote udp "*:*")
+	(literal "/private/var/run/racoon.sock"))
+(allow network-outbound
+	(require-all
+		(require-not (regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
+		(require-any
+			(control-name "com.apple.net.ipsec_control")
+			(literal "/private/var/run/syslog")
+			(literal "/private/var/run/asl_input"))))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow sysctl*)
+(allow sysctl-read)
+(allow sysctl-write)
+(allow system-privilege)
+(allow system-socket)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/racoon.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/racoon.sb.xml
new file mode 100644
index 00000000..7c41e086
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/racoon.sb.xml
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="sysctl*" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="sysctl-write" action="allow" />
+	<operation name="system-privilege" action="allow" />
+	<operation name="system-socket" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/replayd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/replayd.sb
new file mode 100644
index 00000000..5bab0d0a
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/replayd.sb
@@ -0,0 +1,355 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/Applications")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal "/dev/dtracehelper")
+	(literal "/dev/zero")
+	(subpath "/usr/share")
+	(literal "/dev/random")
+	(subpath "/usr/libexec")
+	(subpath "/System/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+	(subpath "/private/var/db/timezone")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/dev/urandom")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.sandbox.executable")
+	(literal "/dev/ptmx")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(subpath "/private/var/containers/Bundle/Application")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal "/dev/aes_0")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(debug-mode)
+		(require-any
+			(subpath "/AppleInternal/Applications")
+			(subpath "/private/var/mobile/XcodeBuiltProducts")))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow iokit-open
+	(extension "com.apple.security.exception.iokit-user-client-class")
+	(iokit-user-client-class "IOSurfaceRootUserClient")
+	(iokit-user-client-class "IOSurfaceSendRight"))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coremedia.assetimagegenerator")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.itunescloudd.xpc")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.audio.AudioQueueServer")
+	(global-name "com.apple.coremedia.capturesource")
+	(global-name "com.apple.audio.AudioSession")
+	(global-name "com.apple.pegasus")
+	(global-name "com.apple.springboard.backgroundappservices")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.CARenderServer")
+	(global-name "com.apple.coremedia.recorder")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.coremedia.admin")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.coremedia.asset")
+	(global-name "com.apple.mediaserverd")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.itunesstored.xpc")
+	(global-name "com.apple.backboard.display.services")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.coremedia.videocompositor")
+	(global-name "com.apple.coremedia.capturesession")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.SBUserNotification")
+	(global-name "com.apple.coremedia.virtualdisplaysession")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.coremedia.endpoint.xpc")
+	(global-name "com.apple.fig.movie")
+	(global-name "com.apple.coremedia.audiodeviceclock")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.coremedia.remaker")
+	(global-name "com.apple.frontboard.systemappservices")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.ctkd.token-client")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.coremedia.sandboxserver")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.system.libinfo.muser")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.itunesstored")
+	(preference-domain "com.apple.avfoundation")
+	(preference-domain "com.apple.coreaudio")
+	(preference-domain "com.apple.mobileipod")
+	(preference-domain "com.apple.coremedia")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.corevideo")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/replayd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/replayd.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/replayd.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/reversetemplated.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/reversetemplated.sb
new file mode 100644
index 00000000..d2c4918a
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/reversetemplated.sb
@@ -0,0 +1,197 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileAsset.plist")
+	(subpath "/System/Library")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal "/dev/dtracehelper")
+	(literal "/dev/zero")
+	(subpath "/usr/share")
+	(literal "/dev/random")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.suggestions.plist")
+	(subpath "/private/var/db/timezone")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/dev/urandom")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.sandbox.executable")
+	(literal "/dev/ptmx")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreSuggestions.MobileAssets.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal "/dev/aes_0")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+	(require-all
+		(subpath "/private/var/MobileAsset")
+		(extension "com.apple.assets.read"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Assets")
+		(extension "com.apple.assets.read"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.mobileassetd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.webinspector")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.lsd.icons")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.MobileAsset")
+	(preference-domain "com.apple.CoreSuggestions.MobileAssets")
+	(preference-domain "com.apple.suggestions")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/reversetemplated.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/reversetemplated.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/reversetemplated.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/revisiond.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/revisiond.sb
new file mode 100644
index 00000000..6babb37b
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/revisiond.sb
@@ -0,0 +1,271 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.revisiond.staging")
+		(regex #"^/private/var/[.]DocumentRevisions-V100/" #"^/private/var/[.]DocumentRevisions-V100$" #"^/private/var/[.]DocumentRevisions-V100-bad-[0-9]+/" #"^/private/var/[.]DocumentRevisions-V100-bad-[0-9]+$"))
+	(require-all
+		(extension-class "com.apple.revisiond.revision")
+		(regex #"^/private/var/[.]DocumentRevisions-V100/" #"^/private/var/[.]DocumentRevisions-V100$" #"^/private/var/[.]DocumentRevisions-V100-bad-[0-9]+/" #"^/private/var/[.]DocumentRevisions-V100-bad-[0-9]+$"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/[.]DocumentRevisions-V100/" #"^/private/var/[.]DocumentRevisions-V100$" #"^/private/var/[.]DocumentRevisions-V100-bad-[0-9]+/" #"^/private/var/[.]DocumentRevisions-V100-bad-[0-9]+$")
+	(subpath "/private/var/log/com.apple.revisiond")
+	(subpath "/private/var/tmp")
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-write-create
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.CoreServices.coreservicesd")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.FSEvents")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.PowerManagement.control")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.revisiond")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.lsd.icons")
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-fsctl
+	(fsctl-command (_IO "h" 13))
+	(fsctl-command (_IO "h" 24))
+	(fsctl-command (_IO "h" 31))
+	(fsctl-command (_IO "h" 32))
+	(fsctl-command (_IO "h" 30)))
+(allow system-privilege)
+(allow system-sched)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/revisiond.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/revisiond.sb.xml
new file mode 100644
index 00000000..e93d2bb4
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/revisiond.sb.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+	<operation name="system-sched" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/routined.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/routined.sb
new file mode 100644
index 00000000..e679cb79
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/routined.sb
@@ -0,0 +1,654 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]routined/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]routined$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]routined/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]routined$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]routined/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]routined$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]routined/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]routined$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]routined/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]routined$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]routined/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]routined$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${HOME}/Library/DuetKnowledgeCollector/Internal/cache.db")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.conference.plist")
+	(subpath "/Applications")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.locationd.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist")
+	(literal "/usr/libexec")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+	(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.public.notbackedup.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AOSNotification.public.notbackedup.plist")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(subpath "/private/var/db/timezone")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreDuet.plist")
+	(subpath-prefix "${HOME}/Library/CoreDuet")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/CoreRoutineDiagnosticFiles")
+	(literal-prefix "${HOME}/Library/DuetKnowledgeCollector/Internal/cache.db-journal")
+	(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+	(extension "com.apple.sandbox.executable")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoRegistry.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.postwipe.plist")
+	(subpath "/System")
+	(literal-prefix "${HOME}/Library/Logs/awd/awd-routined.log")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.]routined[.]plist")
+	(literal "/usr/libexec/routined")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath "/private/var/containers/Bundle")
+	(literal-prefix "${HOME}/Library/DuetKnowledgeCollector/Internal")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath-prefix "${HOME}/Library/Logs/com.apple.routined")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.persistentconnection.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(literal-prefix "${HOME}/Library/DuetKnowledgeCollector/Internal/cache.db-shm")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.stockholm.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaremote.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileAsset.plist")
+	(literal-prefix "${HOME}/Library/DuetKnowledgeCollector/Internal/cache.db-wal")
+	(subpath "/Developer")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataMigration.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.pairedsync.plist")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+	(subpath "/Library/Audio/Plug-Ins")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ids.plist")
+	(subpath-prefix "${HOME}/Library/Assets")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.routined.plist")
+	(require-all
+		(subpath "/AppleInternal/Library")
+		(debug-mode))
+	(require-all
+		(subpath "/private/var/MobileAsset")
+		(extension "com.apple.assets.read"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Caches/GeoServices/tguid.bin"))
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+			(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+			(literal "/dev/random")
+			(subpath-prefix "${FRONT_USER_HOME}/Library/Caches/GeoServices")
+			(literal "/dev/urandom")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+			(literal "/dev/aes_0")
+			(subpath "/private/var/containers/Data/System/com.apple.geod")
+			(literal "/dev/ptmx")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+			(literal "/dev/dtracehelper")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(vnode-type TTY)
+				(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]routined/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]routined$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]routined/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]routined$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+				(subpath-prefix "${FRONT_USER_HOME}"))
+			(require-all
+				(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+				(extension "com.apple.sandbox.pty"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]routined/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]routined$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]routined/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]routined$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(vnode-type BLOCK-DEVICE)
+				(vnode-type CHARACTER-DEVICE)
+				(require-any
+					(literal "/private/etc/hosts")
+					(literal "/private/etc/group")
+					(literal "/private/etc/passwd")
+					(literal "/")
+					(literal "/private/etc/protocols")
+					(literal "/private/etc/services")
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+						(require-entitlement "com.apple.coreduetd.people"))))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]routined/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]routined$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]routined/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]routined$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(debug-mode)
+		(require-any
+			(subpath "/AppleInternal/Applications")
+			(subpath "/private/var/mobile/XcodeBuiltProducts")))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Assets")
+		(extension "com.apple.assets.read"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/AddressBook")
+		(extension "com.apple.tcc.kTCCServiceAddressBook")))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles")
+	(literal-prefix "${HOME}/Library/Caches")
+	(literal-prefix "${HOME}/Library/DeviceRegistry")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal-prefix "${HOME}/Library/PPTDevice")
+	(literal "/private/var/run/syslog")
+	(literal-prefix "${HOME}/Library/Logs/awd")
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/awd"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}")))))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.routined.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(subpath-prefix "${HOME}/Library/Logs/com.apple.routined")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/CoreRoutineDiagnosticFiles")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.]routined[.]plist")
+	(literal-prefix "${HOME}/Library/DuetKnowledgeCollector/Internal/cache.db-journal")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+	(literal-prefix "${HOME}/Library/Logs/awd/awd-routined.log")
+	(subpath "/private/var/tmp")
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/AddressBook")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Caches/GeoServices/tguid.bin"))
+		(require-any
+			(require-all
+				(vnode-type BLOCK-DEVICE)
+				(vnode-type CHARACTER-DEVICE)
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]routined/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]routined$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]routined/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]routined$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]routined/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]routined$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]routined/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]routined$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]routined/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]routined$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]routined/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]routined$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/awd"))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.private.safe-move.send"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches")))))
+(allow file-write-data
+	(literal-prefix "${HOME}/Library/DuetKnowledgeCollector/Internal/cache.db")
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.mobileassetd")
+	(global-name "com.apple.nano.nanoregistry.paireddeviceregistry")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.MediaRemote.daemon")
+	(global-name "com.apple.server.bluetooth")
+	(global-name "com.apple.marco")
+	(global-name "com.apple.PowerManagement.control")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.spotlight.IndexAgent")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.cmfsyncagent.embedded.auth")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.MediaRemote.isrunning")
+	(global-name "com.apple.managedconfiguration.profiled")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.powerlog.plxpclogger.xpc")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.ABDatabaseDoctor")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.locationd.registration")
+	(global-name "com.apple.MediaRemote.nowplayingserver")
+	(global-name "com.apple.telephonyutilities.callservicesdaemon.callcapabilities")
+	(global-name "com.apple.navigationListener")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.identityservicesd.embedded.auth")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.locationd.synchronous")
+	(global-name "com.apple.calaccessd")
+	(global-name "com.apple.Maps.mapspushd")
+	(global-name "com.apple.passd.usage")
+	(global-name "com.apple.nanomaps.xpc.GeoServices")
+	(global-name "com.apple.carkit.service")
+	(global-name "com.apple.mediaremoted.xpc")
+	(global-name "com.apple.wifi.manager")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.geod")
+	(global-name "com.apple.coremedia.endpoint.xpc")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.CARenderServer")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.frontboard.systemappservices")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.identityservicesd.idquery.embedded.auth")
+	(global-name "com.apple.mobile.keybagd.xpc")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.locationd.spi")
+	(global-name "com.apple.pairedsyncd.syncstate")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.locationd.routine")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.coreduetd.knowledge")
+	(global-name "com.apple.awdd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.coreduetd.knowledgebase")
+	(global-name "com.apple.xpcd")
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow network-outbound
+	(require-all
+		(require-not (regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
+		(require-any
+			(remote tcp "*:443")
+			(remote tcp "*:80")
+			(literal "/private/var/run/syslog")
+			(literal "/private/var/run/mDNSResponder")
+			(control-name "com.apple.netsrc")
+			(control-name "com.apple.network.statistics"))))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.ids")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.mobileipod")
+	(preference-domain "com.apple.locationd")
+	(preference-domain "com.apple.avfoundation")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.icloud.findmydeviced.public.notbackedup")
+	(preference-domain "com.apple.mediaremote")
+	(preference-domain "com.apple.routined")
+	(preference-domain "com.apple.stockholm")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "com.apple.pairedsync")
+	(preference-domain "com.apple.CoreDuet")
+	(preference-domain "com.apple.GEO")
+	(preference-domain "com.apple.icloud.findmydeviced.postwipe")
+	(preference-domain "com.apple.persistentconnection")
+	(preference-domain "com.apple.carrier")
+	(preference-domain "com.apple.coremedia")
+	(preference-domain "com.apple.DataMigration")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.NanoRegistry")
+	(preference-domain "com.apple.demo-settings")
+	(preference-domain "com.apple.marco")
+	(preference-domain "com.apple.logging")
+	(preference-domain "com.apple.MobileAsset")
+	(preference-domain "com.apple.conference")
+	(preference-domain "com.apple.AOSNotification.public.notbackedup")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.routined")
+	(preference-domain "com.apple.PeoplePicker"))
+(allow process-exec*
+	(literal "/usr/bin/ditto"))
+(allow process-fork)
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
+(allow system-socket)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/routined.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/routined.sb.xml
new file mode 100644
index 00000000..49a8a1b2
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/routined.sb.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-fork" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+	<operation name="system-socket" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/seld.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/seld.sb
new file mode 100644
index 00000000..4b18125b
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/seld.sb
@@ -0,0 +1,547 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]seld/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]seld$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]seld/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]seld$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]seld/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]seld$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]seld/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]seld$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]seld/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]seld$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]seld/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]seld$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal "/usr/libexec")
+	(literal "/dev/null")
+	(literal "/dev/urandom")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal "/usr/libexec/seld")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+	(literal "/dev/zero")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.stockholm.awd.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.passbook.plist")
+	(subpath "/System/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoRegistry.plist")
+	(subpath "/private/var/db/timezone")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.persistentconnection.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(extension "com.apple.sandbox.executable")
+	(literal "/dev/ptmx")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.stockholm.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.stockholm.tsmreg.plist")
+	(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.seld.seinfo.plist")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+	(literal "/dev/random")
+	(subpath "/Developer")
+	(literal "/dev/dtracehelper")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal "/dev/aes_0")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.pairedsync.plist")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.seld.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(literal-prefix "${HOME}/Library/Logs/awd/awd-seld.log")
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/CrashReporter/DiagnosticLogs/NearField" #"^/private/var/euser[0-9]+/Library/Logs/CrashReporter/DiagnosticLogs/NearField")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]seld/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]seld$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]seld/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]seld$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]seld/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]seld$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]seld/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]seld$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]seld/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]seld$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]seld/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]seld$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]seld" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]seld" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]seld")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter")
+	(literal-prefix "${HOME}/Library/Caches")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+	(literal-prefix "${HOME}/Library/Logs/awd")
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/CrashReporter"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Logs/awd"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection"))))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.seld.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.stockholm.tsmreg.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.stockholm.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.stockholm.awd.plist")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.seld.seinfo.plist")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${HOME}/Library/Logs/awd/awd-seld.log")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]seld/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]seld$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]seld/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]seld$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]seld/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]seld$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]seld/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]seld$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]seld" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]seld" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]seld")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]seld/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]seld$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]seld/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]seld$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/CrashReporter/DiagnosticLogs/NearField" #"^/private/var/euser[0-9]+/Library/Logs/CrashReporter/DiagnosticLogs/NearField")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-write-create
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Logs/CrashReporter/DiagnosticLogs"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.private.safe-move.send"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Logs/awd"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Logs/CrashReporter"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(require-any
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection"))))))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open
+	(extension "com.apple.security.exception.iokit-user-client-class")
+	(iokit-user-client-class "AppleKeyStoreUserClient")
+	(iokit-user-client-class "AppleSSEUserClient")
+	(iokit-user-client-class "RootDomainUserClient")
+	(iokit-user-client-class "AppleCredentialManagerUserClient"))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.nfcd")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.nano.nanoregistry.paireddeviceregistry")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.powerlog.plxpclogger.xpc")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.apsd")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.PowerManagement.control")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.pairedsyncd.syncstate")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.nfcd.hwmanager")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.lsd.mapdb")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.awdd")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "platform-application")))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "platform-application")))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged")))
+(allow mach-register
+	(global-name "com.apple.seld.aps")
+	(require-all
+		(extension "com.apple.security.exception.mach-register.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(extension "com.apple.security.exception.mach-register.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.NanoRegistry")
+	(preference-domain "com.apple.stockholm")
+	(preference-domain "com.apple.pairedsync")
+	(preference-domain "com.apple.demo-settings")
+	(preference-domain "com.apple.persistentconnection")
+	(preference-domain "com.apple.passbook")
+	(preference-domain "com.apple.stockholm.awd")
+	(preference-domain "com.apple.logging")
+	(preference-domain "com.apple.seld")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.stockholm.tsmreg")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.seld")
+	(preference-domain "com.apple.stockholm.awd")
+	(preference-domain "com.apple.stockholm.tsmreg")
+	(preference-domain "com.apple.stockholm"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/seld.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/seld.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/seld.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/sharingd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/sharingd.sb
new file mode 100644
index 00000000..1de1fc5b
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/sharingd.sb
@@ -0,0 +1,895 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(subpath-prefix "${HOME}/Media/MediaAnalysis")
+		(require-any
+			(extension-class "com.apple.mediaserverd.read-write")
+			(extension-class "com.apple.mediaserverd.read")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(extension "com.apple.librarian.ubiquity-container")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(subpath-prefix "${HOME}/Media"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(subpath-prefix "${HOME}/Media/Photos")
+			(subpath-prefix "${HOME}/Media/PhotoData")
+			(subpath-prefix "${HOME}/Media/MediaAnalysis")
+			(subpath-prefix "${HOME}/Media/Debug")
+			(subpath-prefix "${HOME}/Media/Memories")
+			(subpath-prefix "${HOME}/Media/DCIM")))
+	(require-all
+		(subpath-prefix "${HOME}/Media/Debug")
+		(require-any
+			(extension-class "com.apple.mediaserverd.read-write")
+			(extension-class "com.apple.mediaserverd.read")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Media/PhotoStreamsData"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]sharingd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]sharingd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]sharingd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]sharingd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]sharingd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]sharingd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]sharingd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]sharingd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]sharingd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]sharingd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]sharingd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]sharingd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.app-sandbox.read-write"))
+	(require-all
+		(subpath-prefix "${HOME}/Media/PhotoData")
+		(require-any
+			(extension-class "com.apple.mediaserverd.read-write")
+			(extension-class "com.apple.mediaserverd.read")))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(subpath-prefix "${HOME}/Media/Memories")
+		(require-any
+			(extension-class "com.apple.mediaserverd.read-write")
+			(extension-class "com.apple.mediaserverd.read")))
+	(require-all
+		(subpath-prefix "${HOME}/Media/DCIM")
+		(require-any
+			(extension-class "com.apple.mediaserverd.read-write")
+			(extension-class "com.apple.mediaserverd.read")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(subpath-prefix "${HOME}/Media/Photos")
+		(require-any
+			(extension-class "com.apple.mediaserverd.read-write")
+			(extension-class "com.apple.mediaserverd.read")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(subpath-prefix "${HOME}/Downloads/com.apple.AirDrop")
+		(extension-class "com.apple.mediaserverd.read"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(subpath-prefix "${HOME}/Media/Photos")
+			(subpath-prefix "${HOME}/Media/PhotoData")
+			(subpath-prefix "${HOME}/Media/MediaAnalysis")
+			(subpath-prefix "${HOME}/Media/Debug")
+			(subpath-prefix "${HOME}/Media/Memories")
+			(subpath-prefix "${HOME}/Media/DCIM")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(subpath-prefix "${HOME}/Media/PhotoStreamsData")
+		(extension-class "com.apple.mediaserverd.read")))
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(subpath-prefix "${HOME}/Media/MediaAnalysis")
+	(subpath "/System/Library")
+	(literal "/usr/libexec")
+	(subpath-prefix "${HOME}/Media/Debug")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+	(subpath-prefix "${HOME}/Media/Photos")
+	(subpath-prefix "${HOME}/Media/DCIM")
+	(subpath-prefix "${HOME}/Media/PhotoData")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.UIKit.plist")
+	(subpath-prefix "${HOME}/Library/Logs/com.apple.sharingd")
+	(literal-prefix "${HOME}/Library/Caches/Checkpoint.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobilenotes.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Accessibility.plist")
+	(literal-prefix "${HOME}/Media/Vibrations/UserGeneratedVibrationPatterns.plist")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(subpath-prefix "${HOME}/Media/Purchases")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+	(subpath "/AppleInternal/Applications/Sharing.app")
+	(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/Ringtones.plist")
+	(subpath-prefix "${HOME}/Library/Fonts")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoRegistry.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+	(subpath "/private/var/db/timezone")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.iokit.IOMobileGraphicsFamily.plist")
+	(subpath-prefix "${HOME}/Media/iTunes_Control/Ringtones")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/EffectiveUserSettings.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.springboard.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.pairedsync.plist")
+	(subpath-prefix "${HOME}/Media/PhotoStreamsData")
+	(subpath-prefix "${HOME}/Library/Notes")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+	(extension "com.apple.sandbox.executable")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.nanoprefsyncd.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Sharing.plist")
+	(extension "com.apple.sharing.airdrop.readonly")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.appleaccount.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath-prefix "${HOME}/Media/Memories")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+	(subpath "/Developer")
+	(subpath "/usr/share")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.sharingd.plist")
+	(subpath-prefix "${HOME}/Downloads/com.apple.AirDrop")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(subpath "/Library/Ringtones")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileslideshow.plist")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.eventkit.plist")
+	(subpath-prefix "${HOME}/Media/Recordings")
+	(require-all
+		(subpath-prefix "${HOME}/Library/Application Support/Ubiquity/genstore")
+		(extension "com.apple.librarian.ubiquity-revision"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Application Support/CloudDocs/session/r")
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.clouddocs.version"))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com.apple.notes..+.lock$" #"^/private/var/euser[0-9]+/Library/Caches/com.apple.notes..+.lock$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/EffectiveUserSettings.plist$" #"^/private/var/mobile/Library/UserConfigurationProfiles/EffectiveUserSettings.plist$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/EffectiveUserSettings.plist$")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/tmp")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+		(extension "com.apple.revisiond.revision"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]ToneLibrary$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]ToneLibrary$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+		(extension "com.apple.revisiond.revision"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(vnode-type SYMLINK)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(require-not (subpath-prefix "${HOME}/Library/FairPlay"))
+		(require-not (literal "/usr/sbin/fairplayd"))
+		(require-not (subpath-prefix "${HOME}/Media"))
+		(require-any
+			(literal "/private/var/preferences/com.apple.security.plist")
+			(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+			(literal "/dev/random")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoRegistry.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreDuet.plist")
+			(literal "/dev/urandom")
+			(literal "/dev/ptmx")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.public.notbackedup.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.persistentconnection.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.marco.plist")
+			(literal "/dev/dtracehelper")
+			(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+			(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+			(literal "/dev/null")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+			(literal "/private/var/preferences/com.apple.networkd.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.ids.plist")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaremote.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.conference.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.postwipe.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.pairedsync.plist")
+			(literal "/dev/aes_0")
+			(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+			(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataMigration.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AOSNotification.public.notbackedup.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+			(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+			(literal "/dev/zero")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+			(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+			(require-all
+				(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+				(extension "com.apple.tcc.kTCCServiceAddressBook"))
+			(require-all
+				(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(vnode-type TTY)
+				(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+				(subpath-prefix "${FRONT_USER_HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]sharingd" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]sharingd" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]sharingd")
+				(subpath-prefix "${FRONT_USER_HOME}"))
+			(require-all
+				(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+				(extension "com.apple.sandbox.pty"))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]sharingd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]sharingd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]sharingd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]sharingd$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+				(require-entitlement "com.apple.bulletinboard.dataprovider"))
+			(require-all
+				(vnode-type BLOCK-DEVICE)
+				(vnode-type CHARACTER-DEVICE)
+				(require-any
+					(literal "/private/etc/hosts")
+					(literal "/private/etc/group")
+					(literal "/private/etc/passwd")
+					(literal "/")
+					(literal "/private/etc/protocols")
+					(literal "/private/etc/services")
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+						(require-entitlement "com.apple.coreduetd.people"))
+					(require-all
+						(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+						(require-entitlement "com.apple.coreduetd.people"))))
+			(require-all
+				(subpath-prefix "${HOME}/Library/AddressBook")
+				(extension "com.apple.tcc.kTCCServiceAddressBook"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]sharingd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]sharingd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]sharingd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]sharingd$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]sharingd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]sharingd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]sharingd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]sharingd$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/com[.]apple[.]sharing$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/com[.]apple[.]sharing/" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/com[.]apple[.]sharing$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/com[.]apple[.]sharing/")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(vnode-type SYMLINK)
+		(subpath "/private/var/.DocumentRevisions-V100/PerUID")
+		(extension "com.apple.revisiond.revision")))
+(allow file-read-metadata
+	(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")
+	(literal-prefix "${HOME}/Downloads")
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library")
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal-prefix "${HOME}/Library/PPTDevice")
+	(literal-prefix "${HOME}/Media/MediaAnalysis")
+	(literal-prefix "${HOME}/Media/Memories")
+	(literal-prefix "${HOME}/Library/DeviceRegistry")
+	(literal-prefix "${HOME}/Media")
+	(vnode-type DIRECTORY)
+	(literal-prefix "${HOME}/Library/Caches")
+	(literal-prefix "${HOME}/Library/Mobile Documents")
+	(literal "/private/var/run/syslog")
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Downloads"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Media/MediaAnalysis")
+			(literal-prefix "${HOME}/Media/Memories")))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath-prefix "${HOME}/Media/MediaAnalysis")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Sharing.plist")
+	(subpath-prefix "${HOME}/Media/Memories")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath-prefix "${HOME}/Media/Debug")
+	(subpath-prefix "${HOME}/Media/Photos")
+	(subpath-prefix "${HOME}/Downloads/com.apple.AirDrop")
+	(subpath-prefix "${HOME}/Media/PhotoData")
+	(subpath-prefix "${HOME}/Library/Notes")
+	(subpath-prefix "${HOME}/Library/Logs/com.apple.sharingd")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.sharingd.plist")
+	(subpath-prefix "${HOME}/Media/Recordings")
+	(subpath-prefix "${HOME}/Media/DCIM")
+	(subpath "/private/var/tmp")
+	(require-all
+		(require-not (subpath-prefix "${HOME}/Media"))
+		(require-any
+			(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+			(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+			(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+			(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+			(require-all
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]sharingd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]sharingd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]sharingd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]sharingd$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]sharingd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]sharingd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]sharingd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]sharingd$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]sharingd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]sharingd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]sharingd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]sharingd$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(vnode-type BLOCK-DEVICE)
+				(vnode-type CHARACTER-DEVICE)
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+				(extension "com.apple.tcc.kTCCServiceAddressBook"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/AddressBook")
+				(extension "com.apple.tcc.kTCCServiceAddressBook"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]sharingd" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]sharingd" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]sharingd")
+				(subpath-prefix "${FRONT_USER_HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/com[.]apple[.]sharing$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/com[.]apple[.]sharing/" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/com[.]apple[.]sharing$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/com[.]apple[.]sharing/")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Mobile Documents")
+		(require-any
+			(extension "com.apple.librarian.ubiquity-container")
+			(require-entitlement "com.apple.private.librarian.container-proxy")))
+	(require-all
+		(vnode-type DIRECTORY)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(vnode-type SYMLINK)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(subpath "/private/var/.DocumentRevisions-V100/staging")
+		(extension "com.apple.revisiond.staging"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com.apple.notes..+.lock$" #"^/private/var/euser[0-9]+/Library/Caches/com.apple.notes..+.lock$")
+		(subpath-prefix "${HOME}")))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Media/MediaAnalysis")
+			(literal-prefix "${HOME}/Media/Memories")))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.private.safe-move.send"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(require-any
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches"))))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Downloads")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-flags
+	(literal-prefix "${HOME}/Downloads"))
+(allow file-write-mode
+	(literal-prefix "${HOME}/Downloads")
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open
+	(extension "com.apple.security.exception.iokit-user-client-class")
+	(iokit-user-client-class "IOMobileFramebufferUserClient")
+	(iokit-user-client-class "AppleKeyStoreUserClient")
+	(iokit-user-client-class "RootDomainUserClient"))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.pairedsyncd.syncstate")
+	(global-name "com.apple.nano.nanoregistry.paireddeviceregistry")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.springboard.backgroundappservices")
+	(global-name "com.apple.audio.AudioSession")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.mediaserverd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.quicklook.ThumbnailsAgent")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.coremedia.asset")
+	(global-name "com.apple.server.bluetooth")
+	(global-name "com.apple.marco")
+	(global-name "com.apple.librariand")
+	(global-name "com.apple.PowerManagement.control")
+	(global-name "com.apple.FileCoordination")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.spotlight.IndexAgent")
+	(global-name "com.apple.fig.movie")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.assetsd.changehub")
+	(global-name "com.apple.frontboard.systemappservices")
+	(global-name "com.apple.cmfsyncagent.embedded.auth")
+	(global-name "com.apple.FileProvider")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.MediaRemote.isrunning")
+	(global-name "com.apple.calaccessd")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.managedconfiguration.profiled")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.coremedia.assetimagegenerator")
+	(global-name "com.apple.powerlog.plxpclogger.xpc")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.ABDatabaseDoctor")
+	(global-name "com.apple.nanoprefsync")
+	(global-name "com.apple.mediaremoted.xpc")
+	(global-name "com.apple.springboard.services")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.MediaRemote.nowplayingserver")
+	(global-name "com.apple.bulletinboard.settingsconnection")
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.lsd.modifydb")
+	(global-name "com.apple.coremedia.capturesession")
+	(global-name "com.apple.identityservicesd.embedded.auth")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.itunesstored.xpc")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.NPKCompanionAgent.library")
+	(global-name "com.apple.ProgressReporting")
+	(global-name "com.apple.SBUserNotification")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.usernotification.notificationregistrar")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.coremedia.sandboxserver")
+	(global-name "com.apple.MobileInternetSharing")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.identityservicesd.idquery.embedded.auth")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.itunescloudd.xpc")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.coremedia.capturesource")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.apsd")
+	(global-name "com.apple.CARenderServer")
+	(global-name "com.apple.coremedia.admin")
+	(global-name "com.apple.wirelessproxd")
+	(global-name "com.apple.PersistentURLTranslator.Gatekeeper")
+	(global-name "com.apple.wifi.manager")
+	(global-name "com.apple.telephonyutilities.callservicesdaemon.callcapabilities")
+	(global-name "com.apple.coremedia.videocompositor")
+	(global-name "com.apple.bird.token")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.passd.assertions")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.revisiond")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.coremedia.endpoint.xpc")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.voicememod.xpc")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.bird")
+	(global-name "com.apple.pegasus")
+	(global-name "com.apple.vibrationmanagerd")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.coremedia.recorder")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.usernotification.notificationscheduler")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.coreservices.appleid.authentication")
+	(global-name "com.apple.MediaRemote.daemon")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.audio.SystemSoundServer-iOS")
+	(global-name "com.apple.passd.library")
+	(global-name "com.apple.awdd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.coremedia.remaker")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.mobilecheckpoint.checkpointd")
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people")))
+(allow network-outbound
+	(require-all
+		(require-not (regex #"^/private/tmp/launchd-[0-9]+[.][^/]+/sock$"))
+		(require-any
+			(literal "/private/var/run/mDNSResponder")
+			(control-name "com.apple.network.statistics")
+			(literal "/private/var/run/syslog")
+			(remote udp "*:*")
+			(remote tcp "*:*")
+			(control-name "com.apple.netsrc"))))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(preference-domain "com.apple.NanoRegistry")
+	(preference-domain "com.apple.demo-settings")
+	(preference-domain "com.apple.ids")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.mobileipod")
+	(preference-domain "com.apple.itunesstored")
+	(preference-domain "com.apple.avfoundation")
+	(preference-domain "com.apple.coreaudio")
+	(preference-domain "com.apple.iokit.IOMobileGraphicsFamily")
+	(preference-domain "com.apple.icloud.findmydeviced.public.notbackedup")
+	(preference-domain "com.apple.marco")
+	(preference-domain "com.apple.nanoprefsyncd")
+	(preference-domain "com.apple.eventkit")
+	(preference-domain "com.apple.mediaremote")
+	(preference-domain "com.apple.pairedsync")
+	(preference-domain "com.apple.CoreDuet")
+	(preference-domain "com.apple.Sharing")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.UIKit")
+	(preference-domain "com.apple.mobileslideshow")
+	(preference-domain "com.apple.persistentconnection")
+	(preference-domain "com.apple.coremedia")
+	(preference-domain "com.apple.icloud.findmydeviced.postwipe")
+	(preference-domain "com.apple.DataMigration")
+	(preference-domain "com.apple.springboard")
+	(preference-domain "com.apple.sharingd")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.corevideo")
+	(preference-domain "com.apple.appleaccount")
+	(preference-domain "com.apple.mobilenotes")
+	(preference-domain "com.apple.logging")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.conference")
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.Accessibility")
+	(preference-domain "com.apple.AOSNotification.public.notbackedup")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.Sharing")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.sharingd"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/sharingd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/sharingd.sb.xml
new file mode 100644
index 00000000..c9d99090
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/sharingd.sb.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/social-services.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/social-services.sb
new file mode 100644
index 00000000..589f2531
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/social-services.sb
@@ -0,0 +1,821 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-only")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-only")
+				(extension "com.apple.tcc.kTCCServicePhotos"))))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]facebook[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]facebook[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]flickr[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]flickr[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]tencentweibo[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]tencentweibo[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]twitter[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]twitter[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]vimeo[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]vimeo[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]weibo[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]weibo[.]xpc$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]((((f(acebook|lickr)|tencentweibo)|twitter)|vimeo)|weibo)[.]xpc/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]((((f(acebook|lickr)|tencentweibo)|twitter)|vimeo)|weibo)[.]xpc$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]facebook[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]facebook[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]flickr[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]flickr[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]tencentweibo[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]tencentweibo[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]twitter[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]twitter[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]vimeo[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]vimeo[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]weibo[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]weibo[.]xpc$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]((((f(acebook|lickr)|tencentweibo)|twitter)|vimeo)|weibo)[.]xpc/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]((((f(acebook|lickr)|tencentweibo)|twitter)|vimeo)|weibo)[.]xpc$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]facebook[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]facebook[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]flickr[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]flickr[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]tencentweibo[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]tencentweibo[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]twitter[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]twitter[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]vimeo[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]vimeo[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]weibo[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]weibo[.]xpc$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]((((f(acebook|lickr)|tencentweibo)|twitter)|vimeo)|weibo)[.]xpc/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]((((f(acebook|lickr)|tencentweibo)|twitter)|vimeo)|weibo)[.]xpc$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(subpath-prefix "${HOME}/Media")
+		(extension "com.apple.avasset.read-only")
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(require-all
+				(extension "com.apple.security.exception.files.home-relative-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))
+			(require-all
+				(extension "com.apple.security.exception.files.absolute-path.read-write")
+				(extension "com.apple.tcc.kTCCServicePhotos"))))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.logging.plist")
+	(subpath "/System/Library")
+	(subpath-prefix "${HOME}/Library/Social")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal-prefix "${HOME}/Media/iTunes_Control/iTunes/Ringtones.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.tencentweibo.xpc.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.weibo.xpc.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.vimeo.xpc.plist")
+	(literal-prefix "${HOME}/Library/Caches/Checkpoint.plist")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(literal-prefix "${HOME}/Media/Vibrations/UserGeneratedVibrationPatterns.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+	(subpath-prefix "${HOME}/Media/Purchases")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.demo-settings.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.camera.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.accountsd.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.flickr.xpc.plist")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.NanoRegistry.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.twitter.xpc.plist")
+	(subpath "/private/var/db/timezone")
+	(subpath-prefix "${HOME}/Media/iTunes_Control/Ringtones")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.pairedsync.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.facebook.xpc.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(literal "/private/etc/master.passwd")
+	(extension "com.apple.sandbox.executable")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.nanoprefsyncd.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(subpath "/private/var/tmp")
+	(subpath "/Developer")
+	(subpath "/Library/Ringtones")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.springboard.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(subpath-prefix "${HOME}/Library/AddressBook")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.twitterd.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileslideshow.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/usr/share")
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(subpath-prefix "${HOME}/Media/PhotoData/Thumbnails")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(subpath-prefix "${HOME}/Media")
+		(extension "com.apple.avasset.read-only")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]facebook[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]facebook[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]flickr[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]flickr[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]tencentweibo[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]tencentweibo[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]twitter[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]twitter[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]vimeo[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]vimeo[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]weibo[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]weibo[.]xpc$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]((((f(acebook|lickr)|tencentweibo)|twitter)|vimeo)|weibo)[.]xpc/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]((((f(acebook|lickr)|tencentweibo)|twitter)|vimeo)|weibo)[.]xpc$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${HOME}/Media/PhotoData/syncInfo.plist")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(subpath-prefix "${HOME}/Media/PhotoData/Sync/FaceAlbumThumbnails")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]facebook[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]facebook[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]flickr[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]flickr[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]tencentweibo[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]tencentweibo[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]twitter[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]twitter[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]vimeo[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]vimeo[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]weibo[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]weibo[.]xpc$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]((((f(acebook|lickr)|tencentweibo)|twitter)|vimeo)|weibo)[.]xpc/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]((((f(acebook|lickr)|tencentweibo)|twitter)|vimeo)|weibo)[.]xpc$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(subpath-prefix "${HOME}/Media/PhotoData/Metadata")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]ToneLibrary$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/NanoPreferencesSync/NanoDomains/com[.]apple[.]ToneLibrary$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite-journal")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]facebook[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]facebook[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]flickr[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]flickr[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]tencentweibo[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]tencentweibo[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]twitter[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]twitter[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]vimeo[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]vimeo[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]weibo[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]weibo[.]xpc$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]((((f(acebook|lickr)|tencentweibo)|twitter)|vimeo)|weibo)[.]xpc/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]((((f(acebook|lickr)|tencentweibo)|twitter)|vimeo)|weibo)[.]xpc$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite-shm")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(require-not (subpath-prefix "${HOME}/Library/FairPlay"))
+		(require-not (literal "/usr/sbin/fairplayd"))
+		(require-not (subpath-prefix "${HOME}/Media"))
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.locationd.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+			(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+			(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+			(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+			(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+			(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+			(require-all
+				(require-not (literal-prefix "${HOME}/Library/Caches/GeoServices/tguid.bin"))
+				(require-any
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+					(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+					(literal "/dev/random")
+					(subpath-prefix "${FRONT_USER_HOME}/Library/Caches/GeoServices")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreDuet.plist")
+					(literal "/dev/urandom")
+					(literal "/dev/ptmx")
+					(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+					(literal "/dev/aes_0")
+					(literal "/dev/dtracehelper")
+					(literal "/dev/null")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AOSNotification.public.notbackedup.plist")
+					(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+					(subpath "/private/var/containers/Data/System/com.apple.geod")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.postwipe.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+					(literal "/dev/zero")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+					(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataMigration.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+					(subpath-prefix "${HOME}/Library/Cookies")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.public.notbackedup.plist")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+					(require-all
+						(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+/GeoServices/")
+						(subpath-prefix "${HOME}"))
+					(require-all
+						(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+						(require-entitlement "com.apple.bulletinboard.dataprovider"))
+					(require-all
+						(vnode-type TTY)
+						(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+					(require-all
+						(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+						(subpath-prefix "${FRONT_USER_HOME}"))
+					(require-all
+						(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+						(extension "com.apple.sandbox.pty"))
+					(require-all
+						(subpath-prefix "${HOME}/Library/AddressBook")
+						(extension "com.apple.tcc.kTCCServiceAddressBook"))
+					(require-all
+						(extension "com.apple.sandbox.system-group")
+						(require-any
+							(require-entitlement "com.apple.security.system-groups")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+							(require-entitlement "com.apple.security.system-group-containers")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+					(require-all
+						(extension "com.apple.sandbox.system-group")
+						(require-any
+							(require-entitlement "com.apple.security.system-groups")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+							(require-entitlement "com.apple.security.system-group-containers")
+							(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+					(require-all
+						(extension "com.apple.sandbox.system-container")
+						(require-entitlement "com.apple.security.system-container"))
+					(require-all
+						(vnode-type BLOCK-DEVICE)
+						(vnode-type CHARACTER-DEVICE)
+						(require-any
+							(literal "/private/etc/hosts")
+							(literal "/private/etc/group")
+							(literal "/private/etc/passwd")
+							(literal "/")
+							(literal "/private/etc/protocols")
+							(literal "/private/etc/services")
+							(require-all
+								(literal-prefix "${HOME}/Library/CoreDuet/People")
+								(require-entitlement "com.apple.coreduetd.people"))
+							(require-all
+								(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+								(require-entitlement "com.apple.coreduetd.people"))
+							(require-all
+								(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+								(require-entitlement "com.apple.coreduetd.people"))
+							(require-all
+								(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+								(require-entitlement "com.apple.coreduetd.people"))
+							(require-all
+								(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+								(require-entitlement "com.apple.coreduetd.people"))))
+					(require-all
+						(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+						(extension "com.apple.tcc.kTCCServiceAddressBook"))
+					(require-all
+						(extension "com.apple.sandbox.system-container")
+						(require-entitlement "com.apple.security.system-container"))
+					(require-all
+						(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+						(require-entitlement "com.apple.bulletinboard.dataprovider"))))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${HOME}/Media/PhotoData/Photos.sqlite-wal")
+		(extension "com.apple.tcc.kTCCServicePhotos")))
+(allow file-read-metadata
+	(subpath-prefix "${HOME}/Library/Carrier Bundles")
+	(literal-prefix "${HOME}/Library/DeviceRegistry")
+	(literal-prefix "${HOME}/Media")
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Caches")
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches"))
+	(require-all
+		(literal-prefix "${HOME}/Media/PhotoData")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}/Media/PhotoData/Thumbnails")
+		(extension "com.apple.tcc.kTCCServicePhotos")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.twitter.xpc.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.twitterd.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.vimeo.xpc.plist")
+	(subpath-prefix "${HOME}/Library/AddressBook")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.facebook.xpc.plist")
+	(subpath-prefix "${HOME}/Library/Social")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.tencentweibo.xpc.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.weibo.xpc.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.flickr.xpc.plist")
+	(subpath "/private/var/tmp")
+	(require-all
+		(require-not (subpath-prefix "${HOME}/Media"))
+		(require-not (literal-prefix "${HOME}/Library/Caches/GeoServices/tguid.bin"))
+		(require-any
+			(subpath-prefix "${HOME}/Library/Cookies")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+			(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+			(require-all
+				(vnode-type BLOCK-DEVICE)
+				(vnode-type CHARACTER-DEVICE)
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+				(extension "com.apple.tcc.kTCCServiceAddressBook"))
+			(require-all
+				(extension "com.apple.sandbox.system-container")
+				(require-entitlement "com.apple.security.system-container"))
+			(require-all
+				(subpath-prefix "${HOME}/Library/AddressBook")
+				(extension "com.apple.tcc.kTCCServiceAddressBook"))
+			(require-all
+				(extension "com.apple.sandbox.system-group")
+				(require-any
+					(require-entitlement "com.apple.security.system-group-containers")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+					(require-entitlement "com.apple.security.system-groups")
+					(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]facebook[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]facebook[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]flickr[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]flickr[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]tencentweibo[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]tencentweibo[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]twitter[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]twitter[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]vimeo[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]vimeo[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]weibo[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]weibo[.]xpc$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]((((f(acebook|lickr)|tencentweibo)|twitter)|vimeo)|weibo)[.]xpc/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]((((f(acebook|lickr)|tencentweibo)|twitter)|vimeo)|weibo)[.]xpc$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]facebook[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]facebook[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]flickr[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]flickr[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]tencentweibo[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]tencentweibo[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]twitter[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]twitter[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]vimeo[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]vimeo[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]weibo[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]weibo[.]xpc$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]((((f(acebook|lickr)|tencentweibo)|twitter)|vimeo)|weibo)[.]xpc/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]((((f(acebook|lickr)|tencentweibo)|twitter)|vimeo)|weibo)[.]xpc$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]facebook[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]facebook[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]flickr[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]flickr[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]tencentweibo[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]tencentweibo[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]twitter[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]twitter[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]vimeo[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]vimeo[.]xpc$" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]weibo[.]xpc/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]weibo[.]xpc$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]((((f(acebook|lickr)|tencentweibo)|twitter)|vimeo)|weibo)[.]xpc/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]((((f(acebook|lickr)|tencentweibo)|twitter)|vimeo)|weibo)[.]xpc$")
+		(subpath-prefix "${HOME}")))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${HOME}/Library/DeviceRegistry")
+			(require-all
+				(regex #"^/private/var/mobile/Library/DeviceRegistry/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Library/DeviceRegistry/[-0-9A-Z]+$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches"))
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.pairedsyncd.syncstate")
+	(global-name "com.apple.nano.nanoregistry.paireddeviceregistry")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.powerlog.plxpclogger.xpc")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.audio.AudioSession")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.mediaserverd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.coremedia.asset")
+	(global-name "com.apple.PowerManagement.control")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.spotlight.IndexAgent")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.nanomaps.xpc.GeoServices")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.assetsd.changehub")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.cmfsyncagent.embedded.auth")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.itunesstored.xpc")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.coremedia.assetimagegenerator")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.ABDatabaseDoctor")
+	(global-name "com.apple.nanoprefsync")
+	(global-name "com.apple.springboard.services")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.fig.movie")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.coremedia.capturesession")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.locationd.registration")
+	(global-name "com.apple.telephonyutilities.callservicesdaemon.callcapabilities")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.FileCoordination")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.SBUserNotification")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.usernotification.notificationregistrar")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.identityservicesd.idquery.embedded.auth")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.itunescloudd.xpc")
+	(global-name "com.apple.locationd.synchronous")
+	(global-name "com.apple.coremedia.capturesource")
+	(global-name "com.apple.coremedia.recorder")
+	(global-name "com.apple.springboard.backgroundappservices")
+	(global-name "com.apple.accountsd.oauthsigner")
+	(global-name "com.apple.coremedia.admin")
+	(global-name "com.apple.PersistentURLTranslator.Gatekeeper")
+	(global-name "com.apple.coremedia.videocompositor")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.geod")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.locationd.spi")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.pegasus")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.coremedia.endpoint.xpc")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.coremedia.sandboxserver")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.usernotification.notificationscheduler")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.vibrationmanagerd")
+	(global-name "com.apple.audio.SystemSoundServer-iOS")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.coremedia.remaker")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.mobilecheckpoint.checkpointd")
+	(require-all
+		(global-name "com.apple.itunescloudd.xpc")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.springboard.backgroundappservices")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.videocompositor")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(global-name "com.apple.fig.movie")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(global-name "com.apple.pegasus")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.admin")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.capturesession")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")
+			(require-entitlement "com.apple.authkit.client.private")))
+	(require-all
+		(global-name "com.apple.coremedia.sandboxserver")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(global-name "com.apple.coremedia.remaker")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.audio.AudioSession")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.assetimagegenerator")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.capturesource")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.endpoint.xpc")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.mediaserverd")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coremedia.recorder")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(global-name "com.apple.coremedia.asset")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(preference-domain "com.apple.NanoRegistry")
+	(preference-domain "com.apple.demo-settings")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "com.apple.twitterd")
+	(preference-domain "com.apple.avfoundation")
+	(preference-domain "com.apple.locationd")
+	(preference-domain "com.apple.coreaudio")
+	(preference-domain "com.apple.icloud.findmydeviced.postwipe")
+	(preference-domain "com.apple.icloud.findmydeviced.public.notbackedup")
+	(preference-domain "com.apple.camera")
+	(preference-domain "com.apple.corevideo")
+	(preference-domain "com.apple.logging")
+	(preference-domain "com.apple.mobileipod")
+	(preference-domain "com.apple.weibo.xpc")
+	(preference-domain "com.apple.pairedsync")
+	(preference-domain "com.apple.CoreDuet")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.GEO")
+	(preference-domain "com.apple.flickr.xpc")
+	(preference-domain "com.apple.mobileslideshow")
+	(preference-domain "com.apple.carrier")
+	(preference-domain "com.apple.facebook.xpc")
+	(preference-domain "com.apple.coremedia")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.springboard")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.tencentweibo.xpc")
+	(preference-domain "com.apple.twitter.xpc")
+	(preference-domain "com.apple.DataMigration")
+	(preference-domain "com.apple.accountsd")
+	(preference-domain "com.apple.vimeo.xpc")
+	(preference-domain "com.apple.nanoprefsyncd")
+	(preference-domain "com.apple.itunesstored")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.AOSNotification.public.notbackedup")
+	(require-all
+		(preference-domain "com.apple.itunesstored")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.coremedia")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.coreaudio")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.avfoundation")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.mobileipod")
+		(extension "com.apple.tcc.kTCCServicePhotos"))
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(preference-domain "com.apple.corevideo")
+		(extension "com.apple.tcc.kTCCServicePhotos")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.twitterd")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.tencentweibo.xpc")
+	(preference-domain "com.apple.twitter.xpc")
+	(preference-domain "com.apple.facebook.xpc")
+	(preference-domain "com.apple.vimeo.xpc")
+	(preference-domain "com.apple.weibo.xpc")
+	(preference-domain "com.apple.flickr.xpc"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/social-services.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/social-services.sb.xml
new file mode 100644
index 00000000..c9d99090
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/social-services.sb.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/softwareupdated.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/softwareupdated.sb
new file mode 100644
index 00000000..b90ab2d4
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/softwareupdated.sb
@@ -0,0 +1,222 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileAsset.plist")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal "/dev/dtracehelper")
+	(literal "/dev/zero")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(literal "/dev/random")
+	(subpath "/System/Library")
+	(subpath "/private/var/db/UpdateMetrics")
+	(subpath "/private/var/db/timezone")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/dev/urandom")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(extension "com.apple.sandbox.executable")
+	(literal "/dev/ptmx")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileSoftwareUpdate.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/private/var/tmp")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal "/dev/aes_0")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(literal-prefix "${HOME}/MobileSoftwareUpdate/restore.log")
+	(require-all
+		(subpath "/private/var/MobileAsset")
+		(extension "com.apple.assets.read"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Assets")
+		(extension "com.apple.assets.read"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/MobileSoftwareUpdate")
+	(literal "/private/var/run/syslog")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/MobileSoftwareUpdate"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${HOME}/MobileSoftwareUpdate/restore.log")
+	(subpath "/private/var/db/UpdateMetrics")
+	(literal-prefix "${HOME}/Library/Logs/CrashReporter/OTAUpdate-")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/private/var/tmp")
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-write-create
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/MobileSoftwareUpdate"))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.private.safe-move.send")))))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-set-properties
+	(iokit-property "IONVRAM-DELETE-PROPERTY"))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.MobileAsset")
+	(preference-domain "com.apple.MobileSoftwareUpdate")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/softwareupdated.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/softwareupdated.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/softwareupdated.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/streaming_zip_conduit.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/streaming_zip_conduit.sb
new file mode 100644
index 00000000..3a4aa8cf
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/streaming_zip_conduit.sb
@@ -0,0 +1,367 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.StreamingUnzipService")
+		(subpath-prefix "${HOME}/Media"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/private/var/containers/Bundle")
+	(literal "/dev/random")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.StreamingUnzipService.plist")
+	(literal "/dev/urandom")
+	(literal "/dev/ptmx")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/System/Library")
+	(literal "/dev/aes_0")
+	(literal "/usr/libexec")
+	(literal "/dev/dtracehelper")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.sandbox.executable")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(subpath "/Developer")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal "/dev/zero")
+	(subpath "/usr/lib")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(subpath "/usr/share")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(subpath "/private/var/db/timezone")
+	(literal "/usr/libexec/streaming_zip_conduit")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-read-data
+	(require-all
+		(vnode-type DIRECTORY)
+		(subpath-prefix "${HOME}/Media")))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(subpath-prefix "${HOME}/Media"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(subpath-prefix "${HOME}/Media"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write-create
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(subpath-prefix "${HOME}/Media"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(subpath-prefix "${HOME}/Media"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(subpath-prefix "${HOME}/Media"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(literal "/dev/random")
+		(literal "/dev/urandom")
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(subpath-prefix "${HOME}/Media"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type SYMLINK)
+		(subpath-prefix "${HOME}/Media"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(subpath-prefix "${HOME}/Media"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(subpath-prefix "${HOME}/Media")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.mobile.installd")
+	(global-name "com.apple.mobile.keybagd.UserManager.xpc")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.springboard.backgroundappservices")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.springboard.services")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.usernotification.notificationscheduler")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.lsd.modifydb")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.lsd.xpc")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.springboard.blockableservices")
+	(global-name "com.apple.usernotification.notificationregistrar")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.lockdown.host_watcher")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/streaming_zip_conduit.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/streaming_zip_conduit.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/streaming_zip_conduit.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/studentd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/studentd.sb
new file mode 100644
index 00000000..a266fa61
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/studentd.sb
@@ -0,0 +1,501 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath-prefix "${HOME}/Library/studentd")
+	(literal-prefix "${HOME}/Library/Safari/Bookmarks.db-shm")
+	(literal "/dev/urandom")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.Accessibility.plist")
+	(literal "/usr/libexec")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.avfoundation.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobileipod.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.studentd.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles")
+	(literal-prefix "${HOME}/Library/Preferences/com.apple.carrier.plist")
+	(literal-prefix "${HOME}/Library/Safari/Bookmarks.db-wal")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal "/dev/zero")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(literal-prefix "${HOME}/Library/Safari/Bookmarks.db")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.corevideo.plist")
+	(literal "/dev/ptmx")
+	(regex #"^/System/Library/Carrier Bundles/[.]png$" #"^/System/Library/Carrier Bundles/.+[.]png$")
+	(subpath "/System/Library")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coreaudio.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.itunesstored.plist")
+	(subpath "/private/var/db/timezone")
+	(literal-prefix "${HOME}/Library/Safari/Bookmarks.db-journal")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/dev/aes_0")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(extension "com.apple.sandbox.executable")
+	(regex #"^/System/Library/Carrier Bundles//carrier[.]plist$" #"^/System/Library/Carrier Bundles/.+/carrier[.]plist$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.locationd.plist")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(literal-prefix "${HOME}/Library/Safari")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.GEO.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath-prefix "${HOME}/Library/Carrier Bundles/Overlay")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.coremedia.plist")
+	(literal "/dev/random")
+	(literal "/dev/dtracehelper")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mediaremote.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+	(regex #"^/private/var/containers/Bundle/[^/]+/[-0-9A-Z]+/Classroom.app")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles//carrier[.]plist$" #"^/private/var/mobile/Library/Carrier Bundles/.+/carrier[.]plist$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*/carrier[.]plist$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles$" #"^/private/var/mobile/Library/ConfigurationProfiles/" #"^/private/var/mobile/Library/UserConfigurationProfiles$" #"^/private/var/mobile/Library/UserConfigurationProfiles/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Carrier Bundles/[.]png$" #"^/private/var/mobile/Library/Carrier Bundles/.+[.]png$" #"^/private/var/euser[0-9]+/Library/Carrier Bundles/.*[.]png$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(vnode-type DIRECTORY)
+	(subpath-prefix "${HOME}/Library/Carrier Bundles")
+	(vnode-type SYMLINK)
+	(literal "/private/var/run/syslog")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath-prefix "${HOME}/Library/studentd")
+	(literal-prefix "${HOME}/Library/Safari/Bookmarks.db-journal")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.studentd.plist")
+	(subpath "/private/var/tmp")
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people")))
+(allow file-write-create
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal-prefix "${HOME}/Library/Safari/Bookmarks.db")
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.springboard.backgroundappservices")
+	(global-name "com.apple.audio.AudioSession")
+	(global-name "PurpleSystemEventPort")
+	(global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.UIKit.statusbarserver")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.coremedia.capturesource")
+	(global-name "com.apple.coremedia.asset")
+	(global-name "com.apple.nesessionmanager")
+	(global-name "com.apple.PowerManagement.control")
+	(global-name "com.apple.server.bluetooth.le.att.xpc")
+	(global-name "com.apple.fig.movie")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.cfnetwork.AuthBrokerAgent")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.accessibility.AXSpringBoardServer")
+	(global-name "com.apple.springboard.icongeneration")
+	(global-name "com.apple.managedconfiguration.profiled")
+	(global-name "com.apple.SystemConfiguration.helper")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.powerlog.plxpclogger.xpc")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.GSSCred")
+	(global-name "com.apple.springboard.services")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.cookied")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.accessibility.AXBackBoardServer")
+	(global-name "com.apple.coremedia.admin")
+	(global-name "com.apple.commcenter.cupolicy.xpc")
+	(global-name "com.apple.cfnetwork.cfnetworkagent")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.locationd.registration")
+	(global-name "com.apple.coremedia.capturesession")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.symptomsd")
+	(global-name "com.apple.nehelper")
+	(global-name "com.apple.itunesstored.xpc")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.SystemConfiguration.DNSConfiguration")
+	(global-name "com.apple.usernotification.notificationregistrar")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.coremedia.sandboxserver")
+	(global-name "com.apple.SystemConfiguration.NetworkInformation")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.itunescloudd.xpc")
+	(global-name "com.apple.locationd.synchronous")
+	(global-name "com.apple.networkd")
+	(global-name "com.apple.mobile.keybagd.UserManager.xpc")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.mediaremoted.xpc")
+	(global-name "com.apple.wirelessproxd")
+	(global-name "com.apple.coremedia.assetimagegenerator")
+	(global-name "com.apple.coremedia.videocompositor")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.SystemConfiguration.configd")
+	(global-name "com.apple.nsurlsessiond")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.coremedia.endpoint.xpc")
+	(global-name "com.apple.usymptomsd")
+	(global-name "com.apple.usernotification.notificationscheduler")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.logind.client.machService")
+	(global-name "com.apple.lsd.icons")
+	(global-name "com.apple.pegasus")
+	(global-name "com.apple.mediaserverd")
+	(global-name "com.apple.frontboard.systemappservices")
+	(global-name "com.apple.coremedia.recorder")
+	(global-name "com.apple.pluginkit.pkd")
+	(global-name "com.apple.mobile.keybagd.xpc")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.SystemConfiguration.PPPController")
+	(global-name "com.apple.locationd.spi")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.nsurlstorage-cache")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.trustd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.coremedia.remaker")
+	(global-name "com.apple.xpcd")
+	(require-all
+		(global-name "com.apple.ak.auth.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.ak.anisette.xpc")
+		(require-any
+			(require-entitlement "com.apple.authkit.client")
+			(require-entitlement "com.apple.authkit.client.private")
+			(require-entitlement "com.apple.authkit.client.internal")
+			(require-entitlement "platform-application")))
+	(require-all
+		(global-name "com.apple.networkd_privileged")
+		(require-entitlement "com.apple.networkd_privileged"))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.mobileipod")
+	(preference-domain "com.apple.mediaremote")
+	(preference-domain "com.apple.locationd")
+	(preference-domain "com.apple.avfoundation")
+	(preference-domain "com.apple.GEO")
+	(preference-domain "com.apple.studentd")
+	(preference-domain "com.apple.coreaudio")
+	(preference-domain "com.apple.itunesstored")
+	(preference-domain "com.apple.carrier")
+	(preference-domain "com.apple.coremedia")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.Accessibility")
+	(preference-domain "com.apple.corevideo")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.studentd"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/studentd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/studentd.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/studentd.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/suggestd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/suggestd.sb
new file mode 100644
index 00000000..b1fe9903
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/suggestd.sb
@@ -0,0 +1,310 @@
+(version 1)
+(deny default)
+(allow file-map-executable)
+(allow file-read*
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.MobileAsset.plist")
+	(subpath "/System/Library")
+	(subpath-prefix "${HOME}/Library/Suggestions")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreSuggestions.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(subpath-prefix "${HOME}/Library/CallHistoryDB")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.public.notbackedup.plist")
+	(literal "/dev/zero")
+	(subpath "/usr/share")
+	(literal "/dev/random")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.suggestions.plist")
+	(literal-prefix "${HOME}/Library/SyncedPreferences/com.apple.CoreSuggestions.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.mobilecal.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AOSNotification.public.notbackedup.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.postwipe.plist")
+	(subpath "/private/var/db/timezone")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/dev/urandom")
+	(literal "/dev/aes_0")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.sandbox.executable")
+	(literal "/dev/ptmx")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.message.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreDuet.plist")
+	(literal "/dev/dtracehelper")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreSuggestions.MobileAssets.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(subpath-prefix "${HOME}/Library/Calendar")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataMigration.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(require-all
+		(subpath "/private/var/MobileAsset")
+		(extension "com.apple.assets.read"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/AddressBook")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(subpath-prefix "${HOME}/Library/Assets")
+		(extension "com.apple.assets.read"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath-prefix "${HOME}/Library/Suggestions")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.suggestions.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(subpath-prefix "${HOME}/Library/Calendar")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreSuggestions.plist")
+	(subpath "/private/var/tmp")
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/AddressBook")
+		(extension "com.apple.tcc.kTCCServiceAddressBook")))
+(allow file-write-create
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.mobileassetd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.syncdefaultsd")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.rtcreportingd")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.ABDatabaseDoctor")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.securityd")
+	(global-name "com.apple.identityservicesd.idquery.embedded.auth")
+	(global-name "com.apple.CallHistorySyncHelper")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.commcenter.xpc")
+	(global-name "com.apple.reversetemplated")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.calaccessd")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.telephonyutilities.callservicesdaemon.callcapabilities")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.spotlight.IndexAgent")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.corerecents.recentsd")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.cmfsyncagent.embedded.auth")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.lsd.icons")
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.suggestions")
+	(preference-domain "com.apple.CoreSuggestions.MobileAssets")
+	(preference-domain "com.apple.message")
+	(preference-domain "com.apple.MobileAsset")
+	(preference-domain "com.apple.DataMigration")
+	(preference-domain "com.apple.icloud.findmydeviced.public.notbackedup")
+	(preference-domain "com.apple.icloud.findmydeviced.postwipe")
+	(preference-domain "com.apple.CoreSuggestions")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.CoreDuet")
+	(preference-domain "com.apple.mobilecal")
+	(preference-domain "com.apple.AOSNotification.public.notbackedup")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow user-preference-write
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(preference-domain "com.apple.CoreSuggestions")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.suggestions"))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/suggestd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/suggestd.sb.xml
new file mode 100644
index 00000000..c9d99090
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/suggestd.sb.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/syncdefaultsd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/syncdefaultsd.sb
new file mode 100644
index 00000000..a67682eb
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/syncdefaultsd.sb
@@ -0,0 +1,416 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]syncdefaultsd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]syncdefaultsd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]syncdefaultsd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]syncdefaultsd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]syncdefaultsd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]syncdefaultsd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]syncdefaultsd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]syncdefaultsd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]syncdefaultsd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]syncdefaultsd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]syncdefaultsd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]syncdefaultsd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(subpath-prefix "${HOME}/Library/Cookies"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/System/Library")
+	(literal "/dev/urandom")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal-prefix "${HOME}/Library/Caches")
+	(literal "/dev/zero")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(literal "/dev/random")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.accountsd.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(subpath "/private/var/db/timezone")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/dev/aes_0")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.persistentconnection.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(subpath-prefix "${HOME}/Library/Preferences")
+	(subpath-prefix "${HOME}/Library/SyncedPreferences")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(extension "com.apple.sandbox.executable")
+	(literal "/dev/ptmx")
+	(subpath "/Developer")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebFoundation.plist")
+	(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.appleaccount.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+	(literal "/dev/dtracehelper")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(subpath "/private/var/Managed Preferences/mobile")
+	(literal "/dev/null")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]syncdefaultsd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]syncdefaultsd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]syncdefaultsd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]syncdefaultsd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]syncdefaultsd" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]syncdefaultsd" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]syncdefaultsd")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]syncdefaultsd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]syncdefaultsd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]syncdefaultsd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]syncdefaultsd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles$" #"^/private/var/mobile/Library/ConfigurationProfiles/" #"^/private/var/mobile/Library/UserConfigurationProfiles$" #"^/private/var/mobile/Library/UserConfigurationProfiles/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]syncdefaultsd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]syncdefaultsd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]syncdefaultsd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]syncdefaultsd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(require-not (vnode-type BLOCK-DEVICE))
+		(require-not (vnode-type CHARACTER-DEVICE))
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-not (literal-prefix "${HOME}/Library/"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/SyncedPreferences/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/SyncedPreferences$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Library/SyncedPreferences/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Library/SyncedPreferences$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")
+	(vnode-type SYMLINK)
+	(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(literal-prefix "${HOME}/Library/Caches")
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(require-any
+			(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+			(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(subpath-prefix "${HOME}/Library/Cookies")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/private/var/Managed Preferences/mobile")
+	(subpath-prefix "${HOME}/Library/SyncedPreferences")
+	(subpath-prefix "${HOME}/Library/Preferences")
+	(literal-prefix "${HOME}/Library/Caches/.com.apple.persistentconnection.settings.lock.lock")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${HOME}/Library/Caches/com.apple.persistentconnection.intervalcache.plist.lock")
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]syncdefaultsd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]syncdefaultsd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]syncdefaultsd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]syncdefaultsd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Logs/PersistentConnection/com[.]apple[.]syncdefaultsd" #"^/private/var/mobile/Library/Logs/CrashReporter/PersistentConnection/com[.]apple[.]syncdefaultsd" #"^/private/var/euser[0-9]+/Library/Logs/(CrashReporter/)?PersistentConnection/com[.]apple[.]syncdefaultsd")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]syncdefaultsd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]syncdefaultsd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]syncdefaultsd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]syncdefaultsd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]syncdefaultsd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]syncdefaultsd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]syncdefaultsd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]syncdefaultsd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/SyncedPreferences/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/SyncedPreferences$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Library/SyncedPreferences/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Library/SyncedPreferences$")
+		(subpath-prefix "${HOME}")))
+(allow file-write-create
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(require-any
+			(require-all
+				(vnode-type DIRECTORY)
+				(require-any
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/PersistentConnection")
+					(literal-prefix "${FRONT_USER_HOME}/Library/Logs/CrashReporter/PersistentConnection")))
+			(require-all
+				(vnode-type REGULAR-FILE)
+				(extension "com.apple.private.safe-move.send"))
+			(require-all
+				(vnode-type DIRECTORY)
+				(literal-prefix "${HOME}/Library/Caches")))))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open)
+(allow iokit-set-properties)
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup)
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.appleaccount")
+	(preference-domain "com.apple.persistentconnection")
+	(preference-domain "com.apple.accountsd")
+	(preference-domain "com.apple.WebFoundation")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow signal)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/syncdefaultsd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/syncdefaultsd.sb.xml
new file mode 100644
index 00000000..ce5746c0
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/syncdefaultsd.sb.xml
@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-open" action="allow" />
+	<operation name="iokit-set-properties" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="mach-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="signal" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/syslog_relay.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/syslog_relay.sb
new file mode 100644
index 00000000..43a1e55b
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/syslog_relay.sb
@@ -0,0 +1,135 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal "/dev/random")
+	(subpath "/Developer")
+	(literal "/dev/urandom")
+	(literal "/dev/ptmx")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/System/Library")
+	(literal "/dev/aes_0")
+	(literal "/dev/dtracehelper")
+	(extension "com.apple.sandbox.executable")
+	(literal "/private/etc/master.passwd")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal "/dev/zero")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(subpath "/usr/share")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(subpath "/private/var/db/timezone")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(file-mode #o0001)))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-priv-task-port)
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/syslog_relay.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/syslog_relay.sb.xml
new file mode 100644
index 00000000..c45fc8bc
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/syslog_relay.sb.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="mach-priv-task-port" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/test-common.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/test-common.sb
new file mode 100644
index 00000000..da7dd712
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/test-common.sb
@@ -0,0 +1,131 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal "/dev/random")
+	(subpath "/Developer")
+	(literal "/dev/urandom")
+	(literal "/dev/ptmx")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/System/Library")
+	(literal "/dev/aes_0")
+	(literal "/dev/dtracehelper")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.sandbox.executable")
+	(literal "/private/etc/master.passwd")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal "/dev/zero")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(subpath "/usr/share")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(subpath "/private/var/db/timezone")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/test-common.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/test-common.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/test-common.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/transitd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/transitd.sb
new file mode 100644
index 00000000..8560e1ca
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/transitd.sb
@@ -0,0 +1,83 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(require-not (regex #"^/private/var/containers/Data/System/[^/]+/"))
+	(subpath "/private/var/spool/mdt")
+	(literal-prefix "${HOME}/Library/Application Support")
+	(subpath-prefix "${HOME}/Library/Application Support/Containers")
+	(subpath-prefix "${HOME}/Library/Inboxes")
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(require-not (regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))
+			(require-entitlement "com.apple.security.system-group-containers")
+			(require-not (regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+	(require-all
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/Inbox" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/Inbox")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(require-not (vnode-type BLOCK-DEVICE))
+		(require-not (vnode-type CHARACTER-DEVICE))
+		(require-not (literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal"))
+		(require-not (require-entitlement "com.apple.coreduetd.people"))))
+(allow file-write-create
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(subpath-prefix "${HOME}/Downloads")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/transitd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/transitd.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/transitd.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/userfs_helper.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/userfs_helper.sb
new file mode 100644
index 00000000..1d900151
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/userfs_helper.sb
@@ -0,0 +1,344 @@
+(version 1)
+(deny default)
+(allow file-ioctl
+	(regex #"^/dev/disk[0-9]+" #"^/dev/rdisk[0-9]+")
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0"))
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]userfs_helper/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]userfs_helper$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]userfs_helper/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]userfs_helper$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]userfs_helper/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]userfs_helper$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]userfs_helper/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]userfs_helper$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]userfs_helper/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]userfs_helper$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]userfs_helper/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]userfs_helper$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/System/Library")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal "/dev/dtracehelper")
+	(literal "/dev/zero")
+	(subpath "/usr/share")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal "/dev/random")
+	(subpath "/private/var/db/timezone")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/dev/urandom")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/dev/disk[0-9]+" #"^/dev/rdisk[0-9]+")
+	(literal "/private/etc/master.passwd")
+	(extension "com.apple.sandbox.executable")
+	(literal "/dev/ptmx")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal "/dev/aes_0")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]userfs_helper/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]userfs_helper$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]userfs_helper/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]userfs_helper$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]userfs_helper/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]userfs_helper$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]userfs_helper/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]userfs_helper$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]userfs_helper/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]userfs_helper$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]userfs_helper/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]userfs_helper$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(vnode-type DIRECTORY)
+	(literal-prefix "${HOME}/Library/Caches")
+	(vnode-type SYMLINK)
+	(literal "/private/var/run/syslog")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]userfs_helper/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]userfs_helper$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]userfs_helper/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]userfs_helper$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]userfs_helper/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]userfs_helper$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]userfs_helper/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]userfs_helper$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]userfs_helper/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]userfs_helper$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]userfs_helper/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]userfs_helper$")
+		(subpath-prefix "${HOME}")))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(regex #"^/dev/disk[0-9]+" #"^/dev/rdisk[0-9]+")
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/userfs_helper.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/userfs_helper.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/userfs_helper.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/userfsd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/userfsd.sb
new file mode 100644
index 00000000..73c6b662
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/userfsd.sb
@@ -0,0 +1,386 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]userfsd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]userfsd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]userfsd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]userfsd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]userfsd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]userfsd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]userfsd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]userfsd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]userfsd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]userfsd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]userfsd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]userfsd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/System/Library")
+	(literal "/dev/urandom")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal "/dev/dtracehelper")
+	(literal "/dev/zero")
+	(subpath "/usr/share")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal "/dev/random")
+	(subpath "/private/var/db/timezone")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.sandbox.executable")
+	(literal "/dev/ptmx")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal "/dev/aes_0")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]userfsd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]userfsd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]userfsd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]userfsd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]userfsd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]userfsd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]userfsd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]userfsd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]userfsd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]userfsd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]userfsd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]userfsd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(vnode-type DIRECTORY)
+	(literal-prefix "${HOME}/Library/Caches")
+	(vnode-type SYMLINK)
+	(literal "/private/var/run/syslog")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(vnode-type DIRECTORY)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]userfsd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]userfsd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]userfsd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]userfsd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]userfsd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]userfsd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]userfsd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]userfsd$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(regex #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]userfsd/" #"^/private/var/mobile/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]userfsd$" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]userfsd/" #"^/private/var/euser[0-9]+/Library/Caches/com[.]apple[.]nsurlsessiond/Downloads/com[.]apple[.]userfsd$")
+		(subpath-prefix "${HOME}")))
+(allow file-write-create
+	(require-all
+		(vnode-type DIRECTORY)
+		(literal-prefix "${HOME}/Library/Caches"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.filesystems.userfs_helper")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.lsd.icons")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-exec*
+	(literal "/System/Library/Filesystems/exfat.fs/Contents/Resources/fsck_exfat")
+	(literal "/System/Library/Filesystems/msdos.fs/Contents/Resources/fsck_msdos"))
+(allow process-fork)
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/userfsd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/userfsd.sb.xml
new file mode 100644
index 00000000..78d52661
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/userfsd.sb.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-fork" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/vibrationmanagerd.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/vibrationmanagerd.sb
new file mode 100644
index 00000000..badad35e
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/vibrationmanagerd.sb
@@ -0,0 +1,276 @@
+(version 1)
+(deny default)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/System/Library")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal "/dev/dtracehelper")
+	(literal "/dev/zero")
+	(subpath "/usr/share")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.public.notbackedup.plist")
+	(literal "/dev/random")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.icloud.findmydeviced.postwipe.plist")
+	(subpath "/private/var/db/timezone")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/dev/urandom")
+	(literal "/dev/aes_0")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AOSNotification.public.notbackedup.plist")
+	(extension "com.apple.sandbox.executable")
+	(literal "/dev/ptmx")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(subpath-prefix "${HOME}/Media/Vibrations")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/private/var/tmp")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.CoreDuet.plist")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.DataMigration.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.AppSupport.plist")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(subpath-prefix "${HOME}/Library/AddressBook")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal "/private/var")
+	(literal-prefix "${HOME}/Media")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(literal "/private/var/run/syslog")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${HOME}/Media/com.apple.itunes.lock_sync")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.PeoplePicker.plist")
+	(subpath "/private/var/tmp")
+	(subpath-prefix "${HOME}/Media/Vibrations")
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences/com.apple.mobilephone.speeddial.plist")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(subpath-prefix "${HOME}/Library/AddressBook")
+		(extension "com.apple.tcc.kTCCServiceAddressBook"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people")))
+(allow file-write-create
+	(literal-prefix "${HOME}/Media")
+	(literal-prefix "${HOME}/Media/Vibrations")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.telephonyutilities.callservicesdaemon.callcapabilities")
+	(global-name "com.apple.ABDatabaseDoctor")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.accountsd.accountmanager")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.identityservicesd.idquery.embedded.auth")
+	(global-name "com.apple.spotlight.IndexAgent")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.aggregated")
+	(global-name "com.apple.cmfsyncagent.embedded.auth")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.lsd.icons")
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.AppSupport")
+	(preference-domain "com.apple.PeoplePicker")
+	(preference-domain "com.apple.CoreDuet")
+	(preference-domain "com.apple.icloud.findmydeviced.postwipe")
+	(preference-domain "com.apple.DataMigration")
+	(preference-domain "com.apple.icloud.findmydeviced.public.notbackedup")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.AOSNotification.public.notbackedup")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/vibrationmanagerd.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/vibrationmanagerd.sb.xml
new file mode 100644
index 00000000..c9d99090
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/vibrationmanagerd.sb.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/vpn-plugins.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/vpn-plugins.sb
new file mode 100644
index 00000000..fd5e6629
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/vpn-plugins.sb
@@ -0,0 +1,417 @@
+(version 1)
+(deny default)
+(allow file-issue-extension
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-only")
+			(extension "com.apple.security.exception.files.home-relative-path.read-only")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(extension "com.apple.security.exception.files.absolute-path.read-write")
+			(extension "com.apple.security.exception.files.home-relative-path.read-write")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.executable"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.executable")
+		(extension-class "com.apple.nsurlsessiond.readonly"))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.sharing.airdrop.readonly")
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(require-any
+			(require-all
+				(extension "com.apple.sandbox.container")
+				(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/iTunesArtwork$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/iTunesArtwork$")
+				(subpath-prefix "${HOME}"))
+			(require-all
+				(extension "com.apple.sandbox.container")
+				(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit$")
+				(subpath-prefix "${HOME}"))))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read-write")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(extension-class "com.apple.nsurlstorage.extension-cache")
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Caches/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Caches$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Caches/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Library/Caches$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension-class "com.apple.app-sandbox.read")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.nsurlsessiond.readonly")
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read")
+		(subpath "/System/Library"))
+	(require-all
+		(extension-class "com.apple.mediaserverd.read-write")
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+		(subpath-prefix "${HOME}")))
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal "/dev/urandom")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(literal "/dev/dtracehelper")
+	(extension "com.apple.app-sandbox.read-write")
+	(literal "/dev/zero")
+	(literal "/private/var/preferences/com.apple.security.plist")
+	(subpath "/usr/share")
+	(literal "/dev/random")
+	(subpath "/System/Library")
+	(subpath "/private/var/db/timezone")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(literal "/private/var/preferences/com.apple.NetworkStatistics.plist")
+	(literal "/private/var/preferences/com.apple.networkd.plist")
+	(extension "com.apple.sandbox.executable")
+	(literal "/dev/ptmx")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal "/dev/aes_0")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(extension "com.apple.app-sandbox.read")
+	(require-all
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/StoreKit$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/iTunesArtwork$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/iTunesArtwork$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(require-not (vnode-type BLOCK-DEVICE))
+		(require-not (vnode-type CHARACTER-DEVICE))
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(require-not (subpath-prefix "${FRONT_USER_HOME}/Library/ExternalAccessory"))
+				(require-not (subpath "/private/var/logs"))
+				(require-not (regex #"^/private/var/mobile/Library" #"^/private/var/euser[0-9]+/Library"))
+				(require-not (subpath "/private/var/tmp"))
+				(require-not (regex #"^/private/var/mobile/Containers" #"^/private/var/euser[0-9]+/Containers"))
+				(require-not (subpath "/private/var/containers")))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(subpath "/private/var/containers/Bundle/VPNPlugin")
+		(extension "com.apple.vpn-plugin"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal-prefix "${HOME}/Library/Preferences")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal "/private/var/run/syslog")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/iTunesMetadata[.]plist$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/iTunesMetadata[.]plist$")
+		(subpath-prefix "${HOME}")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(extension "com.apple.app-sandbox.read-write")
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/tmp$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Library$" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/((tmp|Library)|Documents)$")
+		(subpath-prefix "${HOME}"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people")))
+(allow file-write-create
+	(require-all
+		(require-not (literal-prefix "${HOME}/Library/Logs/CrashReporter/CFNetwork_"))
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(extension "com.apple.sandbox.container")
+		(regex #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/Inbox/" #"^/private/var/mobile/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/Inbox$" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/Inbox/" #"^/private/var/euser[0-9]+/Containers/Data/[^/]+/[-0-9A-Z]+/Documents/Inbox$")
+		(subpath-prefix "${HOME}")))
+(allow iokit-get-properties)
+(allow ipc-posix-sem)
+(allow ipc-posix-shm*)
+(allow ipc-posix-shm-read*)
+(allow ipc-posix-shm-read-data)
+(allow ipc-posix-shm-read-metadata)
+(allow ipc-posix-shm-write*)
+(allow ipc-posix-shm-write-create)
+(allow ipc-posix-shm-write-data)
+(allow ipc-posix-shm-write-unlink)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup)
+(allow mach-register
+	(global-name-regex #"^com[.]f5[.]f5_sslvpn_plugin")
+	(require-all
+		(extension "com.apple.security.exception.mach-register.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(extension "com.apple.security.exception.mach-register.global-name")
+		(global-name-regex #".+")))
+(allow network*)
+(allow network-inbound)
+(allow network-bind)
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/vpn-plugins.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/vpn-plugins.sb.xml
new file mode 100644
index 00000000..e1b6e67c
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/vpn-plugins.sb.xml
@@ -0,0 +1,53 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="ipc-posix-sem" action="allow" />
+	<operation name="ipc-posix-shm*" action="allow" />
+	<operation name="ipc-posix-shm-read*" action="allow" />
+	<operation name="ipc-posix-shm-read-data" action="allow" />
+	<operation name="ipc-posix-shm-read-metadata" action="allow" />
+	<operation name="ipc-posix-shm-write*" action="allow" />
+	<operation name="ipc-posix-shm-write-create" action="allow" />
+	<operation name="ipc-posix-shm-write-data" action="allow" />
+	<operation name="ipc-posix-shm-write-unlink" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="mach-lookup" action="allow" />
+	<operation name="network*" action="allow" />
+	<operation name="network-inbound" action="allow" />
+	<operation name="network-bind" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/webinspectord.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/webinspectord.sb
new file mode 100644
index 00000000..63868925
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/webinspectord.sb
@@ -0,0 +1,251 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(subpath "/private/var/containers/Bundle")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.webinspectord.plist")
+	(subpath "/Applications")
+	(literal "/usr/libexec")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(literal "/dev/dtracehelper")
+	(literal "/dev/zero")
+	(subpath "/usr/share")
+	(literal "/dev/random")
+	(literal "/private/var/tmp/webinspectord.log")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.WebInspector.plist")
+	(subpath "/System")
+	(subpath "/private/var/db/timezone")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/dev/urandom")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.sandbox.executable")
+	(literal "/dev/ptmx")
+	(subpath "/Developer")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(literal "/dev/aes_0")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(subpath "/usr/lib")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$"))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(debug-mode)
+		(require-any
+			(subpath "/AppleInternal/Applications")
+			(subpath "/private/var/mobile/XcodeBuiltProducts")))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$"))))
+(allow file-read-metadata
+	(literal-prefix "${HOME}/Library/Caches/powerlog.launchd")
+	(literal-prefix "${HOME}")
+	(literal "/private/var/run/syslog")
+	(vnode-type DIRECTORY)
+	(vnode-type SYMLINK)
+	(literal-prefix "${HOME}/Library/Preferences")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(literal-prefix "${HOME}")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive"))
+	(require-all
+		(literal-prefix "${HOME}/Library/Preferences")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/private/var/tmp/webinspectord.log")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-write-create
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.assertiond.applicationstateconnection")
+	(global-name "PurpleSystemEventPort")
+	(global-name "com.apple.springboard.backgroundappservices")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.lsd.icons")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow user-preference-read
+	(extension "com.apple.security.exception.shared-preference.read-write")
+	(extension "com.apple.security.exception.shared-preference.read-only")
+	(preference-domain "com.apple.WebInspector")
+	(preference-domain "kCFPreferencesAnyApplication")
+	(preference-domain "com.apple.webinspectord")
+	(require-all
+		(preference-domain "com.apple.bulletinboard")
+		(require-entitlement "com.apple.bulletinboard.dataprovider")))
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/webinspectord.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/webinspectord.sb.xml
new file mode 100644
index 00000000..defba171
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/webinspectord.sb.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/wifiFirmwareLoader.sb b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/wifiFirmwareLoader.sb
new file mode 100644
index 00000000..90586afc
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/wifiFirmwareLoader.sb
@@ -0,0 +1,217 @@
+(version 1)
+(deny default)
+(allow file-link)
+(allow file-map-executable)
+(allow file-read*
+	(literal "/dev/random")
+	(subpath "/AppleInternal")
+	(literal "/dev/urandom")
+	(literal "/dev/ptmx")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(subpath "/System/Library")
+	(literal "/dev/aes_0")
+	(literal "/dev/dtracehelper")
+	(regex #"^/private/var/containers/Data/System/[^/]+/" #"^/private/var/containers/Data/System/[^/]+$")
+	(extension "com.apple.sandbox.executable")
+	(literal "/private/var/logs/wifiFirmwareLoader.log")
+	(extension "com.apple.security.exception.files.home-relative-path.read-only")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/.GlobalPreferences.plist")
+	(subpath "/Developer")
+	(literal "/dev/null")
+	(literal "/private/var/Managed Preferences/mobile/.GlobalPreferences.plist")
+	(literal "/dev/zero")
+	(subpath "/usr/lib")
+	(literal-prefix "${FRONT_USER_HOME}/Library/Caches/com.apple.MobileGestalt.plist")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.icloud.findmydevice.managed/Library")
+	(subpath "/usr/share")
+	(subpath "/private/var/containers/Shared/SystemGroup/systemgroup.com.apple.configurationprofiles/Library/ConfigurationProfiles/PublicInfo")
+	(subpath "/private/var/db/timezone")
+	(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.absolute-path.read-only")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/private/var/preferences/SystemConfiguration/com.apple.wifi.plist")
+	(require-all
+		(subpath-prefix "${HOME}/XcodeBuiltProducts")
+		(debug-mode))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(regex #"^/private/var/Managed Preferences/mobile/com[.]apple[.].+[.]plist$")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(require-any
+			(literal "/private/etc/hosts")
+			(literal "/private/etc/group")
+			(literal "/private/etc/passwd")
+			(literal "/")
+			(literal "/private/etc/protocols")
+			(literal "/private/etc/services")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-wal")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-shm")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container"))
+	(require-all
+		(literal-prefix "${FRONT_USER_HOME}/Library/Preferences/com.apple.bulletinboard.plist")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/" #"^/private/var/containers/Shared/SystemGroup/[^/]+$")))
+	(require-all
+		(regex #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/ConfigurationProfiles/PublicInfo/" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo$" #"^/private/var/mobile/Library/UserConfigurationProfiles/PublicInfo/" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo$" #"^/private/var/euser[0-9]+/Library/(User)?ConfigurationProfiles/PublicInfo/")
+		(subpath-prefix "${FRONT_USER_HOME}"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-read-metadata)
+(allow file-write*
+	(extension "com.apple.security.exception.files.absolute-path.read-write")
+	(extension "com.apple.security.exception.files.home-relative-path.read-write")
+	(literal "/private/var/logs/wifiFirmwareLoader.log")
+	(regex #"^/private/var/containers/Data/System/[^/]+/")
+	(require-all
+		(vnode-type BLOCK-DEVICE)
+		(vnode-type CHARACTER-DEVICE)
+		(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db-journal")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(extension "com.apple.sandbox.system-group")
+		(require-any
+			(require-entitlement "com.apple.security.system-group-containers")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")
+			(require-entitlement "com.apple.security.system-groups")
+			(regex #"^/private/var/containers/Shared/SystemGroup/[^/]+/")))
+	(require-all
+		(extension "com.apple.sandbox.system-container")
+		(require-entitlement "com.apple.security.system-container")))
+(allow file-write-create
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send")))
+(allow file-write-data
+	(literal "/dev/ptmx")
+	(literal "/dev/aes_0")
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.send"))
+	(require-all
+		(require-not (literal "/dev/random"))
+		(require-not (literal "/dev/urandom"))
+		(require-any
+			(literal "/dev/dtracehelper")
+			(literal "/dev/null")
+			(literal "/dev/zero")
+			(require-all
+				(literal-prefix "${HOME}/Library/CoreDuet/People/interactionC.db")
+				(require-entitlement "com.apple.coreduetd.people"))))
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty"))
+	(require-all
+		(vnode-type TTY)
+		(regex #"^/dev/ttyp[0-9a-f]$" #"^/dev/ptyp[0-9a-f]$")))
+(allow file-write-mode
+	(require-all
+		(regex #"^/dev/ttys[0-9]" #"^/dev/ttys[0-9]+")
+		(extension "com.apple.sandbox.pty")))
+(allow file-write-unlink
+	(require-all
+		(vnode-type REGULAR-FILE)
+		(extension "com.apple.private.safe-move.receive")))
+(allow iokit-open
+	(extension "com.apple.security.exception.iokit-user-client-class")
+	(iokit-user-client-class "AppleBCMWLANUserClient"))
+(allow iokit-get-properties)
+(allow mach-bootstrap)
+(allow mach-cross-domain-lookup)
+(allow mach-lookup
+	(global-name "com.apple.ReportCrash.SimulateCrash")
+	(global-name "com.apple.hangtracerd")
+	(global-name "com.apple.lsd.open")
+	(global-name "com.apple.cfprefsd.daemon")
+	(global-name "com.apple.diagnosticd")
+	(global-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.lsd")
+	(global-name "com.apple.lsd.advertisingidentifiers")
+	(global-name "com.apple.tccd")
+	(global-name "com.apple.distributed_notifications@1v3")
+	(global-name "com.apple.coreservices.lsuseractivitymanager.xpc")
+	(global-name "com.apple.ctkd.token-client")
+	(global-name "com.apple.system.logger")
+	(global-name "com.apple.corecaptured")
+	(global-name "com.apple.system.notification_center")
+	(global-name "com.apple.lsd.mapdb")
+	(global-name "com.apple.xpcd")
+	(global-name "com.apple.CoreAuthentication.daemon.libxpc")
+	(global-name "com.apple.assertiond.processassertionconnection")
+	(global-name "com.apple.duetknowledged.activity")
+	(global-name "com.apple.lsd.openurl")
+	(global-name "com.apple.managedconfiguration.profiled.public")
+	(global-name "com.apple.containermanagerd")
+	(global-name "com.apple.mobilegestalt.xpc")
+	(global-name "com.apple.appsupport.cplogd")
+	(global-name "com.apple.aggregated")
+	(local-name "com.apple.cfprefsd.agent")
+	(global-name "com.apple.system.libinfo.muser")
+	(global-name "com.apple.lsd.icons")
+	(require-all
+		(global-name "com.apple.coreduetd.people")
+		(require-entitlement "com.apple.coreduetd.people"))
+	(require-all
+		(global-name "com.apple.itunesstored.xpc")
+		(require-entitlement "com.apple.itunesstored.private"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.local-name")
+		(local-name-regex #".+"))
+	(require-all
+		(global-name "com.apple.bulletinboard.dataproviderconnection")
+		(require-entitlement "com.apple.bulletinboard.dataprovider"))
+	(require-all
+		(extension "com.apple.security.exception.mach-lookup.global-name")
+		(global-name-regex #".+")))
+(allow nvram*)
+(allow nvram-delete)
+(allow nvram-get)
+(allow nvram-set)
+(allow process-info*)
+(allow process-info-listpids)
+(allow process-info-pidinfo)
+(allow process-info-pidfdinfo)
+(allow process-info-pidfileportinfo)
+(allow process-info-setcontrol)
+(allow process-info-dirtycontrol)
+(allow process-info-rusage)
+(allow pseudo-tty)
+(allow sysctl-read)
+(allow system-privilege)
diff --git a/tests/iPhone5__1_9.3_13E237/references/rev_profiles/wifiFirmwareLoader.sb.xml b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/wifiFirmwareLoader.sb.xml
new file mode 100644
index 00000000..e8f17749
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/rev_profiles/wifiFirmwareLoader.sb.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="us-ascii" standalone="yes"?>
+<!DOCTYPE operations [
+<!ELEMENT operations (operation*)>
+<!ELEMENT operation (filters?)>
+<!ELEMENT filters (filter | require)*>
+<!ELEMENT require (filter | require)*>
+<!ELEMENT filter (#PCDATA)>
+<!ATTLIST operation
+	name CDATA #REQUIRED
+	action (deny|allow) #REQUIRED>
+<!ATTLIST require
+	type (require-all|require-any|require-not|require-entitlement) #REQUIRED
+	value CDATA #IMPLIED>
+<!ATTLIST filter
+	name CDATA #REQUIRED
+	argument CDATA #IMPLIED>
+]>
+<operations>
+	<operation name="default" action="deny" />
+	<operation name="file-link" action="allow" />
+	<operation name="file-map-executable" action="allow" />
+	<operation name="file-read-metadata" action="allow" />
+	<operation name="iokit-get-properties" action="allow" />
+	<operation name="mach-bootstrap" action="allow" />
+	<operation name="mach-cross-domain-lookup" action="allow" />
+	<operation name="nvram*" action="allow" />
+	<operation name="nvram-delete" action="allow" />
+	<operation name="nvram-get" action="allow" />
+	<operation name="nvram-set" action="allow" />
+	<operation name="process-info*" action="allow" />
+	<operation name="process-info-listpids" action="allow" />
+	<operation name="process-info-pidinfo" action="allow" />
+	<operation name="process-info-pidfdinfo" action="allow" />
+	<operation name="process-info-pidfileportinfo" action="allow" />
+	<operation name="process-info-setcontrol" action="allow" />
+	<operation name="process-info-dirtycontrol" action="allow" />
+	<operation name="process-info-rusage" action="allow" />
+	<operation name="pseudo-tty" action="allow" />
+	<operation name="sysctl-read" action="allow" />
+	<operation name="system-privilege" action="allow" />
+</operations>
diff --git a/tests/iPhone5__1_9.3_13E237/references/sandbox_bundle b/tests/iPhone5__1_9.3_13E237/references/sandbox_bundle
new file mode 100644
index 00000000..61b67720
Binary files /dev/null and b/tests/iPhone5__1_9.3_13E237/references/sandbox_bundle differ
diff --git a/tests/iPhone5__1_9.3_13E237/references/sandbox_profiles.txt b/tests/iPhone5__1_9.3_13E237/references/sandbox_profiles.txt
new file mode 100644
index 00000000..22a0812e
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/sandbox_profiles.txt
@@ -0,0 +1,121 @@
+AGXCompilerService
+AdSheet
+AirTraffic
+BTServer
+BlueTool
+CFNetworkAgent
+CVMServer
+CommCenter
+DataActivation
+EscrowSecurityAlert
+IDSCredentialsAgent
+IDSRemoteURLConnectionAgent
+IMDPersistenceAgent
+IMRemoteURLConnectionAgent
+IMTranscoderAgent
+Lowtide
+MTLCompilerService
+MailCompositionService
+MobileBackup
+MobileCal
+MobileMaps
+MobileSlideShow
+PasteBoard
+SafariSafeBrowsing
+ScreenshotService
+StreamingUnzipService
+WebSheet
+accessoryd
+afcd
+appconduitd
+apsd
+assertiond
+cloudphotod
+com.apple.AssetCacheLocatorService
+com.apple.GSSCred
+com.apple.WebKit.Databases
+com.apple.WebKit.Networking
+com.apple.WebKit.WebContent
+com.apple.assistant.assistantd
+com.apple.bird
+com.apple.cloudd
+com.apple.datadetectors.AddToRecentsService
+com.apple.homed
+com.apple.nehelper
+com.apple.nesessionmanager
+com.apple.quicklook.QLThumbnailsService
+com.apple.rtcreportingd
+com.apple.sandboxd
+com.apple.siri.ClientFlow.ClientScripter
+com.apple.snhelper
+com.apple.tccd
+com.apple.tzlinkd
+com.apple.ubd
+container
+containermanagerd
+coresymbolicationd
+cplogd
+dataaccessd
+debugserver
+deleted
+duetexpertd
+findmydeviced
+fmfd
+ftp-proxy-embedded
+gamed
+geocorrectiond
+geod
+gizmoappd
+gputoolsd
+healthd
+iapd
+identityservicesd
+itunesstored
+keyboard
+librariand
+limitadtrackingd
+lockdownd
+lsuseractivityd
+mDNSResponder
+mediaanalysisd
+mediaserverd
+mobile-house-arrest
+mobileassetd
+nanomaild
+nanomapscd
+nanomapsgd
+navd
+network-filter
+nfcd
+nlcd
+nointernet
+nsurlsessiond
+nsurlstoraged
+online-auth-agent
+passd
+pfd
+printd
+ptpd
+quicklookd
+racoon
+replayd
+reversetemplated
+revisiond
+routined
+seld
+sharingd
+social-services
+softwareupdated
+streaming_zip_conduit
+studentd
+suggestd
+syncdefaultsd
+syslog_relay
+test-common
+transitd
+userfs_helper
+userfsd
+vibrationmanagerd
+vpn-plugins
+webinspectord
+wifiFirmwareLoader
diff --git a/tests/iPhone5__1_9.3_13E237/references/sb_ops b/tests/iPhone5__1_9.3_13E237/references/sb_ops
new file mode 100644
index 00000000..053e56d8
--- /dev/null
+++ b/tests/iPhone5__1_9.3_13E237/references/sb_ops
@@ -0,0 +1,125 @@
+default
+appleevent-send
+authorization-right-obtain
+device*
+device-camera
+device-microphone
+distributed-notification-post
+file*
+file-chroot
+file-ioctl
+file-issue-extension
+file-link
+file-map-executable
+file-mknod
+file-mount
+file-mount-update
+file-read*
+file-read-data
+file-read-metadata
+file-read-xattr
+file-revoke
+file-search
+file-unmount
+file-write*
+file-write-create
+file-write-data
+file-write-flags
+file-write-mode
+file-write-owner
+file-write-setugid
+file-write-times
+file-write-unlink
+file-write-xattr
+generic-issue-extension
+qtn-user
+qtn-download
+qtn-sandbox
+hid-control
+iokit*
+iokit-issue-extension
+iokit-open
+iokit-set-properties
+iokit-get-properties
+ipc*
+ipc-posix*
+ipc-posix-issue-extension
+ipc-posix-sem
+ipc-posix-shm*
+ipc-posix-shm-read*
+ipc-posix-shm-read-data
+ipc-posix-shm-read-metadata
+ipc-posix-shm-write*
+ipc-posix-shm-write-create
+ipc-posix-shm-write-data
+ipc-posix-shm-write-unlink
+ipc-sysv*
+ipc-sysv-msg
+ipc-sysv-sem
+ipc-sysv-shm
+job-creation
+load-unsigned-code
+lsopen
+mach*
+mach-bootstrap
+mach-cross-domain-lookup
+mach-host*
+mach-host-exception-port-set
+mach-host-special-port-set
+mach-issue-extension
+mach-lookup
+mach-per-user-lookup
+mach-priv*
+mach-priv-host-port
+mach-priv-task-port
+mach-register
+mach-task-name
+network*
+network-inbound
+network-bind
+network-outbound
+nvram*
+nvram-delete
+nvram-get
+nvram-set
+user-preference*
+user-preference-read
+user-preference-write
+process*
+process-exec*
+process-exec-interpreter
+process-fork
+process-info*
+process-info-listpids
+process-info-pidinfo
+process-info-pidfdinfo
+process-info-pidfileportinfo
+process-info-setcontrol
+process-info-dirtycontrol
+process-info-rusage
+pseudo-tty
+signal
+sysctl*
+sysctl-read
+sysctl-write
+system*
+system-acct
+system-audit
+system-chud
+system-debug
+system-fsctl
+system-info
+system-kext*
+system-kext-load
+system-kext-unload
+system-kext-query
+system-mac-label
+system-nfssvc
+system-privilege
+system-reboot
+system-sched
+system-set-time
+system-socket
+system-suspend-resume
+system-swap
+system-write-bootstrap
diff --git a/tests/test.py b/tests/test.py
new file mode 100755
index 00000000..98ddf25c
--- /dev/null
+++ b/tests/test.py
@@ -0,0 +1,118 @@
+#!/usr/bin/env python3
+
+from datetime import datetime
+import pathlib
+import os
+import subprocess
+
+DIRNAME = os.path.dirname(os.path.abspath(__file__))
+MAINDIR = os.path.dirname(DIRNAME)
+
+def compare_directories(actual:pathlib.Path, expected: pathlib.Path):
+    actual_files = sorted(f.relative_to(actual) for f in actual.rglob("*") if f.is_file())
+    expected_files = sorted(f.relative_to(expected) for f in expected.rglob("*") if f.is_file())
+
+    assert actual_files == expected_files, "Mismatch in file names/structure"
+
+    for rel_path in actual_files:
+        actual_content = (actual / rel_path).read_bytes()
+        expected_content = (expected / rel_path).read_bytes()
+        assert actual_content == expected_content, f"Mismatch in file: {rel_path}"
+
+
+def build_image():
+	name = f'sandblaster-{datetime.now().strftime("%d_%m_%Y__%H_%M")}'
+
+	subprocess.run([
+		"docker", "build", "-t", name, MAINDIR
+	])
+
+	return name
+
+def start_run(container_name):
+	run_name = f"run_{container_name}"
+
+	subprocess.run([
+		"docker", "run",
+		"-v", os.path.join(DIRNAME, "iPhone5__1_9.3_13E237") + ":" + "/test",
+		"--rm", "-dit", "--name", run_name, container_name
+	])
+
+	return run_name
+
+def stop_run(container_name, run_name):
+	subprocess.run([
+		"docker", "stop", run_name
+	])
+    
+
+def test_iphone5_13E237(run_name, update_refs = False):
+	print(f'Running extract_sandbox_data on firmware 9.3...')
+
+	subprocess.run([
+		"docker", "exec", run_name,
+		"rm", "-rf", "/test/outputs/*"
+	])
+
+	subprocess.run([  #"echo",
+		"docker", "exec", run_name,
+		"/sandblaster/helpers/extract_sandbox_data.py", "-o", "/test/outputs/sb_ops", "/test/inputs/sandbox.kext", "9.3"
+	])
+
+	subprocess.run([  #"echo",
+		"docker", "exec", run_name,
+		"/sandblaster/helpers/extract_sandbox_data.py", "-O", "/test/outputs", "/test/inputs/sandbox.kext", "9.3"
+	])
+
+	subprocess.run([  #"echo",
+		"docker", "exec", run_name,
+		"mkdir", "/test/outputs/rev_profiles"
+	])
+
+	subprocess.run([#  "echo",
+		"docker", "exec", run_name,
+		"sh", "-c", "cd /sandblaster/reverse-sandbox/ && python2.7 reverse_sandbox.py -r 9.3 -o /test/outputs/sb_ops -d /test/outputs/rev_profiles/ /test/outputs/sandbox_bundle -psb > /test/outputs/sandbox_profiles.txt"
+	])
+
+	subprocess.run([  #"echo",
+		"docker", "exec", run_name,
+		"sh", "-c", "cd /sandblaster/reverse-sandbox/ && python2.7 reverse_sandbox.py -r 9.3 -o /test/outputs/sb_ops -d /test/outputs/rev_profiles/ /test/outputs/sandbox_bundle"
+	])
+
+	if update_refs:
+		subprocess.run([
+			"docker", "exec", run_name,
+			"rm", "-rf", "/test/references"
+		])
+
+		subprocess.run([
+			"docker", "exec", run_name,
+			"cp", "-r", "/test/outputs", "/test/references"
+		])
+
+		return
+
+	print(f'Comparing results...')	
+
+	output_dir = pathlib.Path(DIRNAME, "iPhone5__1_9.3_13E237", "outputs")
+	reference_dir = pathlib.Path(DIRNAME, "iPhone5__1_9.3_13E237", "references")
+
+	try:
+		compare_directories(output_dir, reference_dir)
+	
+		print("[PASS] iPhone5_13E237 :)")
+	except AssertionError as err:
+		print(f"[FAIL] iPhone5_13E237 - {err}")
+
+
+def main():
+	container_name = build_image()
+
+	run_name = start_run(container_name)
+
+	test_iphone5_13E237(run_name, True)
+    
+	stop_run(container_name, run_name)
+	
+
+main()