Index: utils/ofhash/OFHash.m
==================================================================
--- utils/ofhash/OFHash.m
+++ utils/ofhash/OFHash.m
@@ -18,20 +18,21 @@
 #include "config.h"
 
 #import "OFApplication.h"
 #import "OFArray.h"
 #import "OFFile.h"
+#import "OFLocale.h"
 #import "OFMD5Hash.h"
 #import "OFRIPEMD160Hash.h"
 #import "OFSHA1Hash.h"
 #import "OFSHA224Hash.h"
 #import "OFSHA256Hash.h"
 #import "OFSHA384Hash.h"
 #import "OFSHA512Hash.h"
-#import "OFStdIOStream.h"
-#import "OFLocale.h"
 #import "OFSandbox.h"
+#import "OFSecureData.h"
+#import "OFStdIOStream.h"
 
 #import "OFOpenItemFailedException.h"
 #import "OFReadFailedException.h"
 
 @interface OFHash: OFObject <OFApplicationDelegate>
@@ -78,15 +79,38 @@
 	id <OFCryptoHash> hash;
 	bool first = true;
 	int exitStatus = 0;
 
 #ifdef OF_HAVE_SANDBOX
-	OFSandbox *sandbox = [[OFSandbox alloc] init];
+	OFSandbox *sandbox;
+
+	/*
+	 * SHA-512 is the largest hash supported, so no matter which hash will
+	 * be used in the end, this is enough secure memory.
+	 */
+	[OFSecureData preallocateMemoryWithSize:
+	    class_getInstanceSize([OFSHA512Hash class])];
+
+	sandbox = [[OFSandbox alloc] init];
 	@try {
 		[sandbox setAllowsStdIO: true];
 		[sandbox setAllowsReadingFiles: true];
 		[sandbox setAllowsUserDatabaseReading: true];
+
+		for (OFString *path in arguments) {
+			if (first) {
+				first = false;
+				continue;
+			}
+
+			[sandbox unveilPath: path
+				permissions: @"r"];
+		}
+		first = true;
+
+		[sandbox unveilPath: @LANGUAGE_DIR
+			permissions: @"r"];
 
 		[OFApplication activateSandbox: sandbox];
 	} @finally {
 		[sandbox release];
 	}