Changeset 167603 in webkit
- Timestamp:
- Apr 21, 2014 12:10:33 PM (10 years ago)
- Location:
- trunk/Source/WebKit2
- Files:
-
- 4 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebKit2/ChangeLog
r167586 r167603 1 2014-04-21 Anders Carlsson <andersca@apple.com> 2 3 Check the com.apple.security.network.client entitlement for all processes 4 https://bugs.webkit.org/show_bug.cgi?id=131942 5 <rdar://problem/12354188> 6 7 Reviewed by Dan Bernstein. 8 9 * NetworkProcess/EntryPoint/mac/XPCService/NetworkServiceEntryPoint.mm: 10 (WebKit::NetworkServiceInitializerDelegate::NetworkServiceInitializerDelegate): 11 * Shared/EntryPointUtilities/mac/XPCService/XPCServiceEntryPoint.h: 12 * Shared/EntryPointUtilities/mac/XPCService/XPCServiceEntryPoint.mm: 13 (WebKit::XPCServiceInitializerDelegate::checkEntitlements): 14 1 15 2014-04-20 Dan Bernstein <mitz@apple.com> 2 16 -
trunk/Source/WebKit2/NetworkProcess/EntryPoint/mac/XPCService/NetworkServiceEntryPoint.mm
r167521 r167603 39 39 { 40 40 } 41 42 #if PLATFORM(MAC)43 virtual bool checkEntitlements() override44 {45 if (!isClientSandboxed())46 return true;47 48 if (!hasEntitlement("com.apple.security.network.client")) {49 NSLog(@"Application does not have the 'com.apple.security.network.client' entitlement.");50 return false;51 }52 53 return true;54 }55 #endif56 57 41 }; 58 42 -
trunk/Source/WebKit2/Shared/EntryPointUtilities/mac/XPCService/XPCServiceEntryPoint.h
r167521 r167603 43 43 virtual ~XPCServiceInitializerDelegate(); 44 44 45 #if PLATFORM(MAC) 45 46 virtual bool checkEntitlements(); 47 #endif 48 46 49 virtual bool getConnectionIdentifier(IPC::Connection::Identifier& identifier); 47 50 virtual bool getClientIdentifier(String& clientIdentifier); -
trunk/Source/WebKit2/Shared/EntryPointUtilities/mac/XPCService/XPCServiceEntryPoint.mm
r167521 r167603 51 51 } 52 52 53 #if PLATFORM(MAC) 53 54 bool XPCServiceInitializerDelegate::checkEntitlements() 54 55 { 56 if (!isClientSandboxed()) 57 return true; 58 59 // FIXME: Once we're 100% sure that a process can't access the network we can get rid of this requirement for all processes. 60 if (!hasEntitlement("com.apple.security.network.client")) { 61 NSLog(@"Application does not have the 'com.apple.security.network.client' entitlement."); 62 return false; 63 } 64 55 65 return true; 66 #endif 56 67 } 57 68
Note: See TracChangeset
for help on using the changeset viewer.