Changeset 194660 in webkit


Ignore:
Timestamp:
Jan 6, 2016 1:15:35 PM (8 years ago)
Author:
dbates@webkit.org
Message:

Use code signed identifier as part of user directory suffix
https://bugs.webkit.org/show_bug.cgi?id=152310
<rdar://problem/13352225>

Reviewed by Brent Fulgham.

  • Shared/mac/ChildProcessMac.mm:

(WebKit::findSecCodeForProcess): Added.
(WebKit::ChildProcess::initializeSandbox): Modified to use an identifier
from the code signature of the app/tool as part of the user directory suffix.

Location:
trunk/Source/WebKit2
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/Source/WebKit2/ChangeLog

    r194646 r194660  
     12016-01-06  Daniel Bates  <dabates@apple.com>
     2
     3        Use code signed identifier as part of user directory suffix
     4        https://bugs.webkit.org/show_bug.cgi?id=152310
     5        <rdar://problem/13352225>
     6
     7        Reviewed by Brent Fulgham.
     8
     9        * Shared/mac/ChildProcessMac.mm:
     10        (WebKit::findSecCodeForProcess): Added.
     11        (WebKit::ChildProcess::initializeSandbox): Modified to use an identifier
     12        from the code signature of the app/tool as part of the user directory suffix.
     13
    1142016-01-06  Brian Burg  <bburg@apple.com>
    215
  • trunk/Source/WebKit2/Shared/mac/ChildProcessMac.mm

    r193783 r194660  
    11/*
    2  * Copyright (C) 2012 Apple Inc. All rights reserved.
     2 * Copyright (C) 2012, 2015 Apple Inc. All rights reserved.
    33 *
    44 * Redistribution and use in source and binary forms, with or without
     
    3939#import <stdlib.h>
    4040#import <sysexits.h>
     41#import <wtf/cf/TypeCastsCF.h>
    4142#import <wtf/spi/darwin/SandboxSPI.h>
    4243
     
    7879    initializeTimerCoalescingPolicy();
    7980    [[NSFileManager defaultManager] changeCurrentDirectoryPath:[[NSBundle mainBundle] bundlePath]];
     81}
     82
     83static RetainPtr<SecCodeRef> findSecCodeForProcess(pid_t pid)
     84{
     85    RetainPtr<CFNumberRef> pidCFNumber = adoptCF(CFNumberCreate(kCFAllocatorDefault, kCFNumberIntType, &pid));
     86    const void* keys[] = { kSecGuestAttributePid };
     87    const void* values[] = { pidCFNumber.get() };
     88    RetainPtr<CFDictionaryRef> attributes = adoptCF(CFDictionaryCreate(kCFAllocatorDefault, keys, values, WTF_ARRAY_LENGTH(keys), &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks));
     89    SecCodeRef code = nullptr;
     90    if (SecCodeCopyGuestWithAttributes(nullptr, attributes.get(), kSecCSDefaultFlags, &code))
     91        return nullptr;
     92    return adoptCF(code);
    8093}
    8194
     
    90103            sandboxParameters.setUserDirectorySuffix([makeString(userDirectorySuffix->value, '/', String([[NSBundle mainBundle] bundleIdentifier])) fileSystemRepresentation]);
    91104        else {
    92             String defaultUserDirectorySuffix = makeString(String([[NSBundle mainBundle] bundleIdentifier]), '+', parameters.clientIdentifier);
    93             sandboxParameters.setUserDirectorySuffix(defaultUserDirectorySuffix);
     105            String clientIdentifierToUse;
     106            RetainPtr<SecCodeRef> code = findSecCodeForProcess(xpc_connection_get_pid(parameters.connectionIdentifier.xpcConnection.get()));
     107            RELEASE_ASSERT(code);
     108
     109            CFStringRef appleSignedOrMacAppStoreSignedOrAppleDeveloperSignedRequirement = CFSTR("(anchor apple) or (anchor apple generic and certificate leaf[field.1.2.840.113635.100.6.1.9]) or (anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] and certificate leaf[field.1.2.840.113635.100.6.1.13])");
     110            SecRequirementRef signingRequirement;
     111            OSStatus status = SecRequirementCreateWithString(appleSignedOrMacAppStoreSignedOrAppleDeveloperSignedRequirement, kSecCSDefaultFlags, &signingRequirement);
     112            RELEASE_ASSERT(status == errSecSuccess);
     113
     114            status = SecCodeCheckValidity(code.get(), kSecCSDefaultFlags, signingRequirement);
     115            if (status == errSecSuccess) {
     116                CFDictionaryRef signingInfo = nullptr;
     117                if (!SecCodeCopySigningInformation(code.get(), kSecCSDefaultFlags, &signingInfo)) {
     118                    if (CFDictionaryRef plist = dynamic_cf_cast<CFDictionaryRef>(CFDictionaryGetValue(signingInfo, kSecCodeInfoPList)))
     119                        clientIdentifierToUse = String(dynamic_cf_cast<CFStringRef>(CFDictionaryGetValue(plist, kCFBundleIdentifierKey)));
     120                    else
     121                        clientIdentifierToUse = String(dynamic_cf_cast<CFStringRef>(CFDictionaryGetValue(signingInfo, kSecCodeInfoIdentifier)));
     122                    CFRelease(signingInfo);
     123                }
     124            } else {
     125                // Unsigned, signed by a third party, or has an invalid/malformed signature
     126                clientIdentifierToUse = parameters.clientIdentifier;
     127            }
     128            CFRelease(signingRequirement);
     129            if (clientIdentifierToUse.isEmpty()) {
     130                WTFLogAlways("%s: Couldn't get code signed identifier for client: %d\n", getprogname(), status);
     131                exit(EX_NOPERM);
     132            }
     133            sandboxParameters.setUserDirectorySuffix(makeString(String([[NSBundle mainBundle] bundleIdentifier]), '+', clientIdentifierToUse));
    94134        }
    95135    }
Note: See TracChangeset for help on using the changeset viewer.