Changeset 225763 in webkit
- Timestamp:
- Dec 11, 2017 4:39:37 PM (6 years ago)
- Location:
- trunk/Source/WebKit
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebKit/ChangeLog
r225760 r225763 1 2017-12-11 Brent Fulgham <bfulgham@apple.com> 2 3 [iOS] Remove unused services from WebContent Process sandbox 4 https://bugs.webkit.org/show_bug.cgi?id=180670 5 6 Reviewed by Eric Carlson. 7 8 Pare down the set of sandbox exceptions in the iOS WebContent process sandbox to just 9 those services actually in use: 10 1. Remove unused code. 11 2. Instead of defining a 'UIKit-app' function and calling it, just declare the individual sandbox 12 commands inline. This will allow them to be more easily consolidated with other parts of the 13 sandbox in a future step. 14 15 This update should not change behavior. 16 17 * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb: 18 1 19 2017-12-11 Chris Dumez <cdumez@apple.com> 2 20 -
trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb
r225754 r225763 35 35 ;;; 36 36 37 ;;; 38 ;;; Declare that the process hosts UI provided by another process. 39 ;;; (This could potentially be any application; see <rdar://problem/11034833> and 40 ;;; <rdar://problem/11330224> for details) 41 ;;; 42 (define-once (remote-view-client) 37 ;;; <rdar://problem/29959382> Allow UIKit apps access to com.apple.TextInput.preferences mach service 38 (allow mach-lookup 39 (global-name "com.apple.TextInput.preferences")) 40 41 (allow mach-lookup 42 (xpc-service-name "com.apple.siri.context.service")) 43 44 (allow mach-lookup 45 (global-name "com.apple.frontboard.systemappservices") ; -[UIViewServiceInterface _createProcessAssertion] -> SBSProcessIDForDisplayIdentifier() 46 (global-name-regex #"^com\.apple\.uikit\.viewservice\..+")) 47 48 ;; Any app could use ubiquity. 49 (ubiquity-client) 50 51 ;; Any app can play audio & movies. 52 (play-audio) 53 (play-media) 54 55 (url-translation) 56 57 ;; For <rdar://problem/20812377> All applications need to be able to access the com.apple.UIKit.KeyboardManagement running in backboardd 58 ;; renamed in <rdar://problem/20909914> Rename com.apple.UIKit.KeyboardManagement 59 (allow mach-lookup 60 (global-name "com.apple.UIKit.KeyboardManagement") 61 (global-name "com.apple.UIKit.KeyboardManagement.hosted")) 62 63 ;; For <rdar://problem/23469318> Allow UIKit-based apps to access com.apple.remote-text-editing mach service 64 ;; and <rdar://problem/23579008> REM: Allow UIKit-based apps to access com.apple.remote-input-limiting mach service 65 (when tv? 43 66 (allow mach-lookup 44 (global-name "com.apple.frontboard.systemappservices") ; -[UIViewServiceInterface _createProcessAssertion] -> SBSProcessIDForDisplayIdentifier() 45 (global-name-regex #"^com\.apple\.uikit\.viewservice\..+"))) 46 47 ;;; 48 ;;; Declare that the process serves UI that can be remotely-hosted by another process. 49 ;;; 50 (define-once (remote-view-service) 51 ;; RemoteViewServices need to lookup their own accessility service in order to send 52 ;; the mach port to the hosting app. 67 (global-name "com.apple.remote-input-limiting") 68 (global-name "com.apple.remote-text-editing") 69 (global-name "com.apple.remote-text-editing-legacy") 70 (global-name "com.apple.sharing.remote-text-editing"))) 71 72 ;; TextInput framework 73 (allow mach-lookup 74 (global-name "com.apple.TextInput") 75 (global-name "com.apple.TextInput.emoji") 76 (global-name "com.apple.TextInput.image-cache-server") 77 (global-name "com.apple.TextInput.lexicon-server") 78 (global-name "com.apple.TextInput.rdt") 79 (global-name "com.apple.TextInput.shortcuts")) 80 (mobile-preferences-read "com.apple.da") 81 82 ;; Various Accessibility services. 83 (allow mach-lookup 84 (xpc-service-name "com.apple.accessibility.AccessibilityUIServer")) 85 86 ;; Guided Access support (<rdar://problem/11683460>). 87 (allow mach-lookup 88 (global-name "com.apple.accessibility.gax.backboard")) 89 (allow mach-register 90 (local-name "com.apple.accessibility.gax.client")) 91 92 ;; AssistiveTouch 93 ;; <rdar://problem/11800071> sandbox error for remote message services when AssistiveTouch is running 94 (allow mach-lookup 95 (global-name "UIASTNotificationCenter")) 96 97 ;; ZoomTouch 98 ;; <rdar://problem/11823957> 99 (allow mach-lookup 100 (global-name "com.apple.accessibility.AXBackBoardServer")) 101 102 ;; Speak Selection & VoiceOver 103 ;; <rdar://problem/12030530> AX: Sandbox violation with changing Language while VO is on 104 ;; and <rdar://problem/13071747> 105 (mobile-preferences-read 106 "com.apple.SpeakSelection" 107 "com.apple.VoiceOverTouch" 108 "com.apple.voiceservices") 109 (allow mach-lookup 110 (global-name "com.apple.audio.AudioComponentPrefs") 111 (global-name "com.apple.audio.AudioComponentRegistrar") 112 (global-name "com.apple.audio.AudioQueueServer") 113 (global-name "com.apple.voiceservices.keepalive") 114 (global-name "com.apple.voiceservices.tts")) 115 (allow mach-register 116 (local-name "com.apple.iphone.axserver")) 117 ;; <rdar://problem/14555119> Access to high quality speech voices 118 (allow file-read* 119 (home-subpath "/Library/VoiceServices/Assets") 120 (home-subpath "/Library/Assets/com_apple_MobileAsset_VoiceServicesVocalizerVoice")) 121 122 ;; HearingAidSupport 123 (allow mach-lookup 124 (xpc-service-name "com.apple.accessibility.heard")) 125 126 ;; MediaAccessibility (captions) 127 ;; <rdar://problem/12801477> 128 (mobile-preferences-read "com.apple.mediaaccessibility") 129 (allow mach-lookup (global-name "com.apple.accessibility.mediaaccessibilityd")) 130 131 ;; Permit reading assets via MobileAsset framework. 132 (asset-access 'with-media-playback) 133 134 ;; allow 3rd party applications to access nsurlstoraged's top level domain data cache 135 (allow-well-known-system-group-container-literal-read 136 "/systemgroup.com.apple.nsurlstoragedresources/Library/dafsaData.bin") 137 138 ;; AirPlay 139 (allow mach-lookup 140 (global-name "com.apple.airplaydiagnostics.server")) 141 142 ;; Access the keyboards 143 (allow file-read* 144 (home-subpath "/Library/Caches/com.apple.keyboards")) 145 146 ;; NSExtension helper for supplying information not provided by PlugInKit 147 (allow mach-lookup 148 (xpc-service-name "com.apple.uifoundation-bundle-helper")) 149 150 ;; <rdar://problem/19525887> 151 (allow mach-lookup (xpc-service-name-regex #"\.apple-extension-service$")) 152 ;; <rdar://problem/31252371> 153 (allow mach-lookup (xpc-service-name-regex #"\.viewservice$")) 154 155 ;; DataDetectors -> CallKit so user can place calls by tapping on phone numbers. 156 (allow mach-lookup 157 (global-name "com.apple.callkit.callcontrollerhost")) 158 159 ;; DataDetectors; update CoreRecents with recently-detected addresses, etc. 160 (allow mach-lookup 161 (xpc-service-name "com.apple.datadetectors.AddToRecentsService")) 162 163 ;; <rdar://problem/19460486> 164 (nano-preferences-read ".GlobalPreferences") 165 166 (mobile-preferences-read 167 ; To determine whether the dictation opt-in alert should be suppressed. 168 "com.apple.assistant.backedup" 169 ; Keyboard Dictation reads the list of supported languages from com.apple.assistant.support.plist. 170 ; And Dictation checks whether Assistant is enabled by reading the same plist. 171 ; <rdar://problem/9883999> com.apple.assistant.support preference domain needs to be unsandboxed 172 "com.apple.assistant.support" 173 "com.apple.EmojiPreferences" 174 ; For CarPlay screen aspect ratio (rdar://problem/20062770). 175 "com.apple.iapd" 176 ; <rdar://problem/8477596> com.apple.InputModePreferences 177 "com.apple.InputModePreferences" 178 ; <rdar://problem/8206632> Weather(1038) deny file-read-data ~/Library/Preferences/com.apple.keyboard.plist 179 "com.apple.keyboard" 180 ; <rdar://problem/25130834> Spotlight suggestions in Lookup preference should be readable by any process 181 "com.apple.lookup.shared" 182 ; <rdar://problem/9384085> 183 "com.apple.Preferences") 184 185 ;; <rdar://problem/12985925> Need read access to /var/mobile/Library/Fonts to all apps 186 (allow file-read* 187 (home-subpath "/Library/Fonts")) 188 189 ;; <rdar://problem/23803332>, <rdar://problem/9457549>, <rdar://problem/13237899> 190 (allow mach-lookup 191 (global-name "com.apple.assistant.analytics") 192 (global-name "com.apple.assistant.dictation") 193 (global-name "com.apple.dictationd.recognition")) 194 195 ;; For copy-and-paste. 196 (allow mach-lookup 197 (global-name "com.apple.UIKit.pasteboardd") 198 (global-name "com.apple.pasteboard.pasted")) 199 200 ;; <rdar://problem/7344719&26323449> LaunchServices app icons 201 (allow file-read* 202 (well-known-system-group-container-subpath "/systemgroup.com.apple.lsd.iconscache")) 203 (allow mach-lookup 204 (xpc-service-name "com.apple.lsdiconservice")) 205 206 ;; Common mach services needed by UIKit. 207 (allow mach-lookup 208 (global-name "com.apple.CARenderServer") 209 (global-name "com.apple.KeyboardServices.TextReplacementService") 210 (global-name "com.apple.UIKit.statusbarserver") 211 (global-name "com.apple.uikit.GestureServer") 212 (global-name "com.apple.assertiond.applicationstateconnection") 213 (global-name "com.apple.assertiond.expiration") 214 (global-name "com.apple.assertiond.processinfoservice") 215 (global-name "com.apple.audio.hapticd") 216 (global-name "com.apple.audio.SystemSoundServer-iOS") 217 (global-name "com.apple.backboard.TouchDeliveryPolicyServer") 218 (global-name "com.apple.backboard.animation-fence-arbiter") 219 (global-name "com.apple.backboard.display.services") 220 (global-name "com.apple.backboard.hid.focus") 221 (global-name "com.apple.backboard.hid.services") 222 (global-name "com.apple.iohideventsystem") 223 (global-name "com.apple.iphone.axserver-systemwide") 224 (global-name "com.apple.frontboard.workspace") 225 (global-name "com.apple.frontboard.systemappservices") 226 (global-name "com.apple.progressd")) 227 228 (pasteboard-client) 229 (springboard-services) 230 231 (when gizmo? 232 (mobile-preferences-read "com.apple.nano") 53 233 (allow mach-lookup 54 (local-name "com.apple.iphone.axserver")) 55 ;; RemoteViewServices need to lookup the bundle identifier of the application hosting 56 ;; their views (see <rdar://problem/11780984>). 57 (allow mach-lookup 58 (global-name "com.apple.springboard.backgroundappservices"))) 59 60 (define (uikit-app . rest) 61 ;;; <rdar://problem/29959382> Allow UIKit apps access to com.apple.TextInput.preferences mach service 62 (allow mach-lookup 63 (global-name "com.apple.TextInput.preferences")) 64 65 (allow mach-lookup 66 (xpc-service-name "com.apple.siri.context.service")) 67 68 ;; Any UI could be remote-hosted. 69 (remote-view-client) 70 71 ;; Any app could use ubiquity. 72 (ubiquity-client) 73 74 ;; Any app can play audio & movies. 75 (play-audio) 76 (play-media) 77 78 ;; Any app can use ProgressKit 79 (progresskit-client) 80 81 (url-translation) 82 83 ;; For <rdar://problem/20812377> All applications need to be able to access the com.apple.UIKit.KeyboardManagement running in backboardd 84 ;; renamed in <rdar://problem/20909914> Rename com.apple.UIKit.KeyboardManagement 85 (allow mach-lookup 86 (global-name "com.apple.UIKit.KeyboardManagement") 87 (global-name "com.apple.UIKit.KeyboardManagement.hosted")) 88 89 ;; For <rdar://problem/23469318> Allow UIKit-based apps to access com.apple.remote-text-editing mach service 90 ;; and <rdar://problem/23579008> REM: Allow UIKit-based apps to access com.apple.remote-input-limiting mach service 91 (when tv? 92 (allow mach-lookup 93 (global-name "com.apple.remote-input-limiting") 94 (global-name "com.apple.remote-text-editing") 95 (global-name "com.apple.remote-text-editing-legacy") 96 (global-name "com.apple.sharing.remote-text-editing"))) 97 98 ;; For ApplicationScripting 99 ;; <rdar://problem/12778546> ASProcessScriptEvent fails to obtain port for event return 100 (allow mach-lookup 101 (global-name "ScripterServer")) 102 103 ;; TextInput framework 104 (allow mach-lookup 105 (global-name "com.apple.TextInput") 106 (global-name "com.apple.TextInput.emoji") 107 (global-name "com.apple.TextInput.image-cache-server") 108 (global-name "com.apple.TextInput.lexicon-server") 109 (global-name "com.apple.TextInput.rdt") 110 (global-name "com.apple.TextInput.shortcuts")) 111 (mobile-preferences-read "com.apple.da") 112 113 ;; Various Accessibility services. 114 (allow mach-lookup 115 (xpc-service-name "com.apple.accessibility.AccessibilityUIServer")) 116 117 ;; Guided Access support (<rdar://problem/11683460>). 118 (allow mach-lookup 119 (global-name "com.apple.accessibility.gax.backboard")) 120 (allow mach-register 121 (local-name "com.apple.accessibility.gax.client")) 122 123 ;; AssistiveTouch 124 ;; <rdar://problem/11800071> sandbox error for remote message services when AssistiveTouch is running 125 (allow mach-lookup 126 (global-name "UIASTNotificationCenter")) 127 128 ;; ZoomTouch 129 ;; <rdar://problem/11823957> 130 (allow mach-lookup 131 (global-name "com.apple.accessibility.AXBackBoardServer")) 132 133 ;; Speak Selection & VoiceOver 134 ;; <rdar://problem/12030530> AX: Sandbox violation with changing Language while VO is on 135 ;; and <rdar://problem/13071747> 136 (mobile-preferences-read 137 "com.apple.SpeakSelection" 138 "com.apple.VoiceOverTouch" 139 "com.apple.voiceservices") 140 (allow mach-lookup 141 (global-name "com.apple.audio.AudioComponentPrefs") 142 (global-name "com.apple.audio.AudioComponentRegistrar") 143 (global-name "com.apple.audio.AudioQueueServer") 144 (global-name "com.apple.voiceservices.keepalive") 145 (global-name "com.apple.voiceservices.tts")) 146 (allow mach-register 147 (local-name "com.apple.iphone.axserver")) 148 ;; <rdar://problem/14555119> Access to high quality speech voices 149 (allow file-read* 150 (home-subpath "/Library/VoiceServices/Assets") 151 (home-subpath "/Library/Assets/com_apple_MobileAsset_VoiceServicesVocalizerVoice")) 152 153 ;; HearingAidSupport 154 (allow mach-lookup 155 (xpc-service-name "com.apple.accessibility.heard")) 156 157 ;; MediaAccessibility (captions) 158 ;; <rdar://problem/12801477> 159 (mobile-preferences-read "com.apple.mediaaccessibility") 160 (allow mach-lookup (global-name "com.apple.accessibility.mediaaccessibilityd")) 161 162 ;; MobileAssistantFramework's AFContextManager 163 ;; <rdar://problem/13742083> & <rdar://problem/13717391> & <rdar://problem/13811297> 164 (allow mach-register mach-lookup 165 (local-name-regex #"^com\.apple\.assistant\.contextprovider\.")) 166 167 ;; Permit reading assets via MobileAsset framework. 168 (asset-access 'with-media-playback) 169 170 ;; Permit access to on-demand resources. 171 (allow mach-lookup 172 (global-name "com.apple.ondemandd.client")) 173 (with-filter 174 (require-all 175 (require-any 176 (home-subpath "/Library/OnDemandResources/AssetPacks") 177 (well-known-system-group-container-subpath "/systemgroup.com.apple.ondemandresources/Library/AssetPacks")) 178 (extension "com.apple.odr-assets")) 179 (allow file-read*) 180 (allow file-issue-extension 181 (extension-class "com.apple.app-sandbox.read" "com.apple.mediaserverd.read"))) 182 183 ;; allow 3rd party applications to access nsurlstoraged's top level domain data cache 184 (allow-well-known-system-group-container-literal-read 185 "/systemgroup.com.apple.nsurlstoragedresources/Library/dafsaData.bin") 186 187 ;; allow replayd to extend read access to its data 188 (allow file-read* 189 (require-all 190 (extension "com.apple.replayd.read-only") 191 (home-subpath "/Library/ReplayKit"))) 192 193 ;; AirPlay 194 (allow mach-lookup 195 (global-name "com.apple.airplaydiagnostics.server")) 196 197 ;; Access the keyboards 198 (allow file-read* 199 (home-subpath "/Library/Caches/com.apple.keyboards")) 200 201 ;; NSExtension helper for supplying information not provided by PlugInKit 202 (allow mach-lookup 203 (xpc-service-name "com.apple.uifoundation-bundle-helper")) 204 205 ;; <rdar://problem/19525887> 206 (allow mach-lookup (xpc-service-name-regex #"\.apple-extension-service$")) 207 ;; <rdar://problem/31252371> 208 (allow mach-lookup (xpc-service-name-regex #"\.viewservice$")) 209 210 ;; DataDetectors -> CallKit so user can place calls by tapping on phone numbers. 211 (allow mach-lookup 212 (global-name "com.apple.callkit.callcontrollerhost")) 213 214 ;; DataDetectors; update CoreRecents with recently-detected addresses, etc. 215 (allow mach-lookup 216 (xpc-service-name "com.apple.datadetectors.AddToRecentsService")) 217 218 ;; Accessoryd 219 (allow mach-lookup 220 (global-name "com.apple.accessories.externalaccessory-server")) 221 222 ;; Power logging 223 (allow mach-lookup 224 (global-name "com.apple.powerlog.plxpclogger.xpc")) 225 226 ;; <rdar://problem/19460486> 227 (nano-preferences-read ".GlobalPreferences") 228 229 (mobile-preferences-read 230 ; To determine whether the dictation opt-in alert should be suppressed. 231 "com.apple.assistant.backedup" 232 ; Keyboard Dictation reads the list of supported languages from com.apple.assistant.support.plist. 233 ; And Dictation checks whether Assistant is enabled by reading the same plist. 234 ; <rdar://problem/9883999> com.apple.assistant.support preference domain needs to be unsandboxed 235 "com.apple.assistant.support" 236 "com.apple.EmojiPreferences" 237 ; For CarPlay screen aspect ratio (rdar://problem/20062770). 238 "com.apple.iapd" 239 ; <rdar://problem/8477596> com.apple.InputModePreferences 240 "com.apple.InputModePreferences" 241 ; <rdar://problem/8206632> Weather(1038) deny file-read-data ~/Library/Preferences/com.apple.keyboard.plist 242 "com.apple.keyboard" 243 ; <rdar://problem/25130834> Spotlight suggestions in Lookup preference should be readable by any process 244 "com.apple.lookup.shared" 245 ; <rdar://problem/9384085> 246 "com.apple.Preferences") 247 248 ;; <rdar://problem/12985925> Need read access to /var/mobile/Library/Fonts to all apps 249 (allow file-read* 250 (home-subpath "/Library/Fonts")) 251 252 ;; <rdar://problem/23803332>, <rdar://problem/9457549>, <rdar://problem/13237899> 253 (allow mach-lookup 254 (global-name "com.apple.assistant.analytics") 255 (global-name "com.apple.assistant.dictation") 256 (global-name "com.apple.dictationd.recognition")) 257 258 ;; For copy-and-paste. 259 (allow mach-lookup 260 (global-name "com.apple.UIKit.pasteboardd") 261 (global-name "com.apple.pasteboard.pasted")) 262 263 ;; <rdar://problem/9749387> 264 (allow file-read* 265 (literal "/private/var/preferences/SystemConfiguration/com.apple.accounts.exists.plist")) 266 267 ;; For Social.framework 268 ;; <rdar://problem/13239172> 269 (allow file-read* 270 (literal "/private/var/preferences/SystemConfiguration/com.apple.sinaweibo.plist") 271 (literal "/private/var/preferences/SystemConfiguration/com.apple.twitter.plist") 272 (literal "/private/var/preferences/SystemConfiguration/com.apple.facebook.plist") 273 (literal "/private/var/preferences/SystemConfiguration/com.apple.linkedin.plist")) 274 275 ;; <rdar://problem/7344719&26323449> LaunchServices app icons 276 (allow file-read* 277 (well-known-system-group-container-subpath "/systemgroup.com.apple.lsd.iconscache")) 278 (allow mach-lookup 279 (xpc-service-name "com.apple.lsdiconservice")) 280 281 ;; <rdar://problem/14184130> SpringBoard needs read/write to statusbar cache folder - all apps need read 282 (allow file-read* 283 (home-subpath "/Library/Caches/com.apple.UIStatusBar")) 284 285 ;; <rdar://problem/22346174> Allow read-only access from the container profile to ~/Library/TVWallpaper 286 (when tv? 287 (allow file-read* 288 (home-subpath "/Library/TVWallpaper"))) 289 290 ;; Common mach services needed by UIKit. 291 (allow mach-lookup 292 (global-name "com.apple.CARenderServer") 293 (global-name "com.apple.KeyboardServices.TextReplacementService") 294 (global-name "com.apple.UIKit.statusbarserver") 295 (global-name "com.apple.uikit.GestureServer") 296 (global-name "com.apple.assertiond.applicationstateconnection") 297 (global-name "com.apple.assertiond.expiration") 298 (global-name "com.apple.assertiond.processinfoservice") 299 (global-name "com.apple.audio.hapticd") 300 (global-name "com.apple.audio.SystemSoundServer-iOS") 301 (global-name "com.apple.backboard.TouchDeliveryPolicyServer") 302 (global-name "com.apple.backboard.animation-fence-arbiter") 303 (global-name "com.apple.backboard.display.services") 304 (global-name "com.apple.backboard.hid.focus") 305 (global-name "com.apple.backboard.hid.services") 306 (global-name "com.apple.iohideventsystem") 307 (global-name "com.apple.iphone.axserver-systemwide") 308 (global-name "com.apple.frontboard.workspace") 309 (global-name "com.apple.frontboard.systemappservices") 310 (global-name "com.apple.progressd")) 311 312 (pasteboard-client) 313 (springboard-services) 314 315 (when gizmo? 316 (mobile-preferences-read "com.apple.nano") 317 (allow mach-lookup 318 (global-name "com.apple.appaudiod") 319 (global-name "com.apple.Carousel.ButtonTapAssertion") 320 (global-name "com.apple.Carousel.CSLSBackgroundTaskRequestService") 321 (global-name "com.apple.Carousel.CSLSDockStatusService") 322 (global-name "com.apple.Carousel.activatingUIAssertion") 323 (global-name "com.apple.Carousel.alertSuppression") 324 (global-name "com.apple.Carousel.appOnWake") 325 (global-name "com.apple.Carousel.suspendSystemGestureAssertion") 326 (global-name "com.apple.carousel.backlightxpc") 327 (global-name "com.apple.carousel.brightnesscalculator") 328 (global-name "com.apple.carousel.connectionstatusservice") 329 (global-name "com.apple.Carousel.contextuallock") 330 (global-name "com.apple.carousel.fetchschedulingservice") 331 (global-name "com.apple.carousel.snapshotservice") 332 (global-name "com.apple.carousel.uiscalingservice") 333 (global-name "com.apple.carousel.unblankingsynchronization") 334 (global-name "com.apple.pepperuicore.statusbaritemserver"))) 335 336 ;; AirDrop from the activity sheet. 337 ;; <rdar://problem/12715391>, <rdar://problem/12847034>, <rdar://problem/16400661> 338 (allow mach-lookup 339 (global-name "com.apple.sharingd") 340 (global-name "com.apple.sharingd.nsxpc") 341 (with report) 342 (with message "This rule is being removed in rdar://15713112 -- please report this violation to Sandbox_profiles | all")) 343 (allow-preferences-common) 344 (allow user-preference-read 345 (preference-domain "com.apple.Sharing") 346 (with report) 347 (with message "This rule is being removed in rdar://15713112 -- please report this violation to Sandbox_profiles | all")) 348 349 ;; <rdar://problem/30874167> Create a new CacheDelete mach service to allow for public API for purgeable space requests 350 (allow mach-lookup 351 (global-name "com.apple.cache_delete.public")) 352 353 ;; MIDI 354 (allow ipc-posix-shm-read* ipc-posix-shm-write-data 355 (ipc-posix-name-regex #"^Apple MIDI (in|out) [0-9]+$")) 356 357 ;; CoreMotion 358 (mobile-preferences-read "com.apple.CoreMotion") 359 360 ;; CoreMotion’s deviceMotion API 361 (with-filter 362 (require-any 363 (iokit-registry-entry-class "AppleOscarNub") 364 (iokit-registry-entry-class "AppleSPUHIDInterface")) 365 (allow iokit-get-properties 366 (iokit-property "gyro-interrupt-calibration"))) 367 (with-filter (iokit-registry-entry-class "IOHIDEventServiceFastPathUserClient") 368 (allow iokit-open) 369 (allow iokit-get-properties iokit-set-properties 370 (iokit-property "interval" 371 "mode" 372 "QueueSize" 373 "useMag")) 234 (global-name "com.apple.appaudiod") 235 (global-name "com.apple.Carousel.ButtonTapAssertion") 236 (global-name "com.apple.Carousel.CSLSBackgroundTaskRequestService") 237 (global-name "com.apple.Carousel.CSLSDockStatusService") 238 (global-name "com.apple.Carousel.activatingUIAssertion") 239 (global-name "com.apple.Carousel.alertSuppression") 240 (global-name "com.apple.Carousel.appOnWake") 241 (global-name "com.apple.Carousel.suspendSystemGestureAssertion") 242 (global-name "com.apple.carousel.backlightxpc") 243 (global-name "com.apple.carousel.brightnesscalculator") 244 (global-name "com.apple.carousel.connectionstatusservice") 245 (global-name "com.apple.Carousel.contextuallock") 246 (global-name "com.apple.carousel.fetchschedulingservice") 247 (global-name "com.apple.carousel.snapshotservice") 248 (global-name "com.apple.carousel.uiscalingservice") 249 (global-name "com.apple.carousel.unblankingsynchronization") 250 (global-name "com.apple.pepperuicore.statusbaritemserver"))) 251 252 ;; AirDrop from the activity sheet. 253 ;; <rdar://problem/12715391>, <rdar://problem/12847034>, <rdar://problem/16400661> 254 (allow mach-lookup 255 (global-name "com.apple.sharingd") 256 (global-name "com.apple.sharingd.nsxpc") 257 (with report) 258 (with message "This rule is being removed in rdar://15713112 -- please report this violation to Sandbox_profiles | all")) 259 (allow-preferences-common) 260 (allow user-preference-read 261 (preference-domain "com.apple.Sharing") 262 (with report) 263 (with message "This rule is being removed in rdar://15713112 -- please report this violation to Sandbox_profiles | all")) 264 265 ;; CoreMotion 266 (mobile-preferences-read "com.apple.CoreMotion") 267 268 ;; CoreMotion’s deviceMotion API 269 (with-filter 270 (require-any 271 (iokit-registry-entry-class "AppleOscarNub") 272 (iokit-registry-entry-class "AppleSPUHIDInterface")) 374 273 (allow iokit-get-properties 375 (iokit-property "client"))) 376 377 ;; Common preferences read by UIKit. 378 (mobile-preferences-read "com.apple.Accessibility" 379 "com.apple.UIKit" 380 "com.apple.WebUI" 381 "com.apple.airplay" 382 "com.apple.avkit" 383 "com.apple.coreanimation" 384 "com.apple.mt" 385 "com.apple.preferences.sounds" 386 "com.apple.telephonyutilities.dialassist") 387 388 ;; Silence sandbox violations from apps trying to create the empty plist if it doesn't exist. 389 ;; <rdar://problem/13796537> 390 (deny file-write-create 391 (home-prefix "/Library/Preferences/com.apple.UIKit.plist") 392 (with no-report)) 393 394 ;; <rdar://problem/10809394> 395 (deny file-write-create 396 (home-prefix "/Library/Preferences/com.apple.Accessibility.plist") 397 (with no-report)) 398 399 ;; <rdar://problem/9404009> 400 (mobile-preferences-read "kCFPreferencesAnyApplication") 401 402 ;; <rdar://problem/10266866> 403 (marco-logging-client) 404 405 ;; <rdar://problem/12250145> 406 (mobile-preferences-read "com.apple.mediaaccessibility") 407 408 ; Dictionary Services used by UITextFields. 409 ; <rdar://problem/9386926> 410 (allow-create-directory 411 (home-literal "/Library/Caches/com.apple.DictionaryServices")) 412 413 ; <rdar://problem/11204655> 414 (mobile-preferences-read "com.apple.MapKit.internal") 415 416 ;; Required to detect whether Airplane mode is enabled. 417 (allow file-read* 418 (literal "/private/var/preferences/SystemConfiguration/com.apple.radios.plist")) 419 420 (when (memq 'with-printing rest) 421 (allow file-read-metadata network-outbound 422 (literal "/private/var/run/printd")) 423 (allow mach-lookup 424 (xpc-service-name "com.apple.PrintKit.PrinterTool"))) 425 426 ; <rdar://problem/9007191> , <rdar://problem/9244785> 427 (when (memq 'with-gamekit-data rest) 428 (allow file-read* 429 (home-regex "/Library/GameKit/Data/[^/]+\.gcdata$")) 430 (allow file-read-metadata 431 (home-literal "/Library/GameKit/Data"))) 432 433 ; rfc3484 -- from common.sb 434 (unless (memq 'without-network rest) 435 (allow-network-common)) 436 437 ; <rdar://problem/8548856> Sub-TLF: Sandbox change for apps for read-only access to the dictionary directory/data 438 (allow file-read* 439 ; XXX - /Library ought to be allowed in all UI profiles but isn't (CF, MobileSafari) 440 (subpath "/Library/Dictionaries") 441 (home-subpath "/Library/Dictionaries")) 442 443 ; <rdar://problem/8440231> 444 (allow file-read* 445 (home-literal "/Library/Caches/DateFormats.plist")) 446 ; Silently deny writes when CFData attempts to write to the cache directory. 447 (deny file-write* 448 (home-literal "/Library/Caches/DateFormats.plist") 449 (with no-log)) 450 451 ; UIKit-required IOKit nodes. 452 (allow iokit-open 453 (iokit-user-client-class "AppleJPEGDriverUserClient") 454 (iokit-user-client-class "IOSurfaceAcceleratorClient") 455 (iokit-user-client-class "IOSurfaceSendRight") 456 ;; Requires by UIView -> UITextMagnifierRenderer -> UIWindow 457 (iokit-user-client-class "IOSurfaceRootUserClient")) 458 459 ;; <rdar://problem/12675621> 460 (allow iokit-open 461 (iokit-user-client-class "IOHIDLibUserClient")) 462 463 (framebuffer-access) 464 465 ;; <rdar://problem/7822790> 466 (mobile-keybag-access) 467 468 ; <rdar://problem/7595408> , <rdar://problem/7643881> 469 (if (memq 'with-opengl rest) 470 (opengl)) 471 472 (if (memq 'with-geoservices rest) 473 (geoservices)) 474 475 (if (memq 'with-location-services rest) 476 (location-services)) 477 478 ; <rdar://problem/8181749> Allow access to iTunes database files in container.sb 479 (if (memq 'with-itunes-db rest) 480 (itunes-db-read)) 481 482 (if (memq 'with-push-notifications rest) 483 (push-notifications)) 484 485 (if (memq 'with-in-app-purchases rest) 486 (in-app-purchases)) 487 488 ; CRCopyRestrictionsDictionary periodically tries to CFPreferencesAppSynchronize com.apple.springboard.plist 489 ; which will attempt to create the plist if it doesn't exist -- from any application. Only SpringBoard is 490 ; allowed to write its plist; ignore all others, they don't know what they are doing. 491 ; See <rdar://problem/9375027> for sample backtraces. 492 (deny file-write* 493 (home-prefix "/Library/Preferences/com.apple.springboard.plist") 494 (with no-log)) 495 496 ;; For <rdar://problem/29428318> Allow DragUI mach service lookups for all UIKit apps 497 (allow mach-lookup 498 (global-name "com.apple.DragUI.druid.destination") 499 (global-name "com.apple.DragUI.druid.source")) 500 501 ;; <rdar://problem/30544378> Allow global lookup of com.apple.contactsd 502 (allow mach-lookup 503 (global-name "com.apple.contactsd")) 504 505 ;; <rdar://problem/31571441> need AX Drag-and-drop mach services added to default sandbox profile 506 (allow mach-lookup 507 (global-name "com.apple.VoiceOverTouch.drag.xpc") 508 (global-name "com.apple.assistivetouchd.drag.xpc")) 509 510 ;; <rdar://problem/34092690> 511 (allow mach-lookup 512 (xpc-service-name "com.apple.avkit.SharedPreferences")) 513 514 ;; <rdar://problem/34437589> 515 (allow mach-lookup 516 (global-name "com.apple.ap.adtrackingd.attribution")) 517 518 ;; <rdar://problem/34986314> Sandbox Profiles changes for indigo pref 519 (mobile-preferences-read "com.apple.indigo") 520 521 ;; <rdar://problem/35417382>, <rdar://problem/35518557> 522 (allow mach-lookup 523 (global-name "com.apple.corespotlightservice")) 524 525 ;; <rdar://problem/35446577> 526 (allow mach-lookup 527 (global-name "com.apple.coremedia.endpointplaybacksession.xpc")) 528 529 ;; For the (define... nesting. 530 ) 274 (iokit-property "gyro-interrupt-calibration"))) 275 (with-filter (iokit-registry-entry-class "IOHIDEventServiceFastPathUserClient") 276 (allow iokit-open) 277 (allow iokit-get-properties iokit-set-properties 278 (iokit-property "interval" 279 "mode" 280 "QueueSize" 281 "useMag")) 282 (allow iokit-get-properties 283 (iokit-property "client"))) 284 285 ;; Common preferences read by UIKit. 286 (mobile-preferences-read "com.apple.Accessibility" 287 "com.apple.UIKit" 288 "com.apple.WebUI" 289 "com.apple.airplay" 290 "com.apple.avkit" 291 "com.apple.coreanimation" 292 "com.apple.mt" 293 "com.apple.preferences.sounds" 294 "com.apple.telephonyutilities.dialassist") 295 296 ;; Silence sandbox violations from apps trying to create the empty plist if it doesn't exist. 297 ;; <rdar://problem/13796537> 298 (deny file-write-create 299 (home-prefix "/Library/Preferences/com.apple.UIKit.plist") 300 (with no-report)) 301 302 ;; <rdar://problem/10809394> 303 (deny file-write-create 304 (home-prefix "/Library/Preferences/com.apple.Accessibility.plist") 305 (with no-report)) 306 307 ;; <rdar://problem/9404009> 308 (mobile-preferences-read "kCFPreferencesAnyApplication") 309 310 ;; <rdar://problem/10266866> 311 (marco-logging-client) 312 313 ;; <rdar://problem/12250145> 314 (mobile-preferences-read "com.apple.mediaaccessibility") 315 316 ; Dictionary Services used by UITextFields. 317 ; <rdar://problem/9386926> 318 (allow-create-directory 319 (home-literal "/Library/Caches/com.apple.DictionaryServices")) 320 321 (allow-network-common)) 322 323 ; <rdar://problem/8548856> Sub-TLF: Sandbox change for apps for read-only access to the dictionary directory/data 324 (allow file-read* 325 ; XXX - /Library ought to be allowed in all UI profiles but isn't (CF, MobileSafari) 326 (subpath "/Library/Dictionaries") 327 (home-subpath "/Library/Dictionaries")) 328 329 ; <rdar://problem/8440231> 330 (allow file-read* 331 (home-literal "/Library/Caches/DateFormats.plist")) 332 ; Silently deny writes when CFData attempts to write to the cache directory. 333 (deny file-write* 334 (home-literal "/Library/Caches/DateFormats.plist") 335 (with no-log)) 336 337 ; UIKit-required IOKit nodes. 338 (allow iokit-open 339 (iokit-user-client-class "AppleJPEGDriverUserClient") 340 (iokit-user-client-class "IOSurfaceAcceleratorClient") 341 (iokit-user-client-class "IOSurfaceSendRight") 342 ;; Requires by UIView -> UITextMagnifierRenderer -> UIWindow 343 (iokit-user-client-class "IOSurfaceRootUserClient")) 344 345 ;; <rdar://problem/12675621> 346 (allow iokit-open 347 (iokit-user-client-class "IOHIDLibUserClient")) 348 349 (framebuffer-access) 350 351 ;; <rdar://problem/7822790> 352 (mobile-keybag-access) 353 354 ; <rdar://problem/7595408> , <rdar://problem/7643881> 355 (opengl) 356 357 (location-services) 358 359 ; CRCopyRestrictionsDictionary periodically tries to CFPreferencesAppSynchronize com.apple.springboard.plist 360 ; which will attempt to create the plist if it doesn't exist -- from any application. Only SpringBoard is 361 ; allowed to write its plist; ignore all others, they don't know what they are doing. 362 ; See <rdar://problem/9375027> for sample backtraces. 363 (deny file-write* 364 (home-prefix "/Library/Preferences/com.apple.springboard.plist") 365 (with no-log)) 366 367 ;; For <rdar://problem/29428318> Allow DragUI mach service lookups for all UIKit apps 368 (allow mach-lookup 369 (global-name "com.apple.DragUI.druid.destination") 370 (global-name "com.apple.DragUI.druid.source")) 371 372 ;; <rdar://problem/30544378> Allow global lookup of com.apple.contactsd 373 (allow mach-lookup 374 (global-name "com.apple.contactsd")) 375 376 ;; <rdar://problem/31571441> need AX Drag-and-drop mach services added to default sandbox profile 377 (allow mach-lookup 378 (global-name "com.apple.VoiceOverTouch.drag.xpc") 379 (global-name "com.apple.assistivetouchd.drag.xpc")) 380 381 ;; <rdar://problem/34092690> 382 (allow mach-lookup 383 (xpc-service-name "com.apple.avkit.SharedPreferences")) 384 385 ;; <rdar://problem/34986314> 386 (mobile-preferences-read "com.apple.indigo") 387 388 ;; <rdar://problem/35417382>, <rdar://problem/35518557> 389 (allow mach-lookup 390 (global-name "com.apple.corespotlightservice")) 391 392 ;; <rdar://problem/35446577> 393 (allow mach-lookup 394 (global-name "com.apple.coremedia.endpointplaybacksession.xpc")) 531 395 532 396 ;;; 533 397 ;;; End UIKit-apps.sb content 534 398 ;;; 535 536 (uikit-app 'with-opengl 'with-location-services)537 399 538 400 ;; Access to media controls
Note: See TracChangeset
for help on using the changeset viewer.