Changeset 251688 in webkit
- Timestamp:
- Oct 28, 2019 5:21:53 PM (4 years ago)
- Location:
- trunk/Source/WebKit
- Files:
-
- 2 edited
-
ChangeLog (modified) (1 diff)
-
Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebKit/ChangeLog
r251687 r251688 1 2019-10-28 Per Arne Vollan <pvollan@apple.com> 2 3 [iOS] Fix sandbox violations 4 https://bugs.webkit.org/show_bug.cgi?id=203505 5 6 Reviewed by Brent Fulgham. 7 8 Running layout tests shows that allowing mach lookup is needed for a set of services which was previously denied. 9 This patch add rules for allowing these services again. The service 'com.apple.logd.events' is still denied, since 10 it has not been observed to be in use. 11 12 No new tests, covered by existing tests. 13 14 * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb: 15 1 16 2019-10-28 Alex Christensen <achristensen@webkit.org> 2 17 -
trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb
r251612 r251688 452 452 (extension "com.apple.fileprovider.read-write"))) 453 453 454 (deny mach-lookup (with no-report) 455 (global-name "com.apple.logd") 454 (allow mach-lookup 455 (global-name "com.apple.logd")) 456 457 (deny mach-lookup (with send-signal SIGKILL) 456 458 (global-name "com.apple.logd.events")) 459 460 (allow mach-lookup 461 (global-name "com.apple.cfprefsd.daemon")) 457 462 458 463 (allow ipc-posix-shm-read* 459 464 (ipc-posix-name-prefix "apple.cfprefs.")) 465 466 (allow mach-lookup 467 (global-name "com.apple.lsd.mapdb")) 460 468 461 469 ;; <rdar://problem/12413942> … … 485 493 (literal "/private/var/run/syslog")) 486 494 487 ( deny mach-lookup (with no-report)495 (allow mach-lookup 488 496 (global-name "com.apple.system.notification_center")) 489 ( deny ipc-posix-shm-read* (with no-report)497 (allow ipc-posix-shm-read* 490 498 (ipc-posix-name "apple.shm.notification_center")) 491 499
Note: See TracChangeset
for help on using the changeset viewer.
