Title: [243010] trunk/Source/WebKit
- Revision
- 243010
- Author
- pvol...@apple.com
- Date
- 2019-03-15 14:30:12 -0700 (Fri, 15 Mar 2019)
Log Message
[iOS] Fix sandbox violation
https://bugs.webkit.org/show_bug.cgi?id=195387
<rdar://problem/48442387>
Reviewed by Brent Fulgham.
The sandbox on iOS and macOS needs to allow mach lookup to the "com.apple.nesessionmanager.content-filter"
mach service. Also, mach lookups to "com.apple.nehelper" should be allowed.
* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
* WebProcess/com.apple.WebProcess.sb.in:
Modified Paths
Diff
Modified: trunk/Source/WebKit/ChangeLog (243009 => 243010)
--- trunk/Source/WebKit/ChangeLog 2019-03-15 21:07:23 UTC (rev 243009)
+++ trunk/Source/WebKit/ChangeLog 2019-03-15 21:30:12 UTC (rev 243010)
@@ -1,3 +1,17 @@
+2019-03-15 Per Arne Vollan <pvol...@apple.com>
+
+ [iOS] Fix sandbox violation
+ https://bugs.webkit.org/show_bug.cgi?id=195387
+ <rdar://problem/48442387>
+
+ Reviewed by Brent Fulgham.
+
+ The sandbox on iOS and macOS needs to allow mach lookup to the "com.apple.nesessionmanager.content-filter"
+ mach service. Also, mach lookups to "com.apple.nehelper" should be allowed.
+
+ * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
+ * WebProcess/com.apple.WebProcess.sb.in:
+
2019-03-15 Chris Dumez <cdu...@apple.com>
[PSON] Make sure the WebProcessCache is leverage when relaunching a process after termination
Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb (243009 => 243010)
--- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb 2019-03-15 21:07:23 UTC (rev 243009)
+++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb 2019-03-15 21:30:12 UTC (rev 243010)
@@ -121,6 +121,7 @@
;; Network Extensions / VPN helper.
(allow mach-lookup
(global-name "com.apple.nehelper")
+ (global-name "com.apple.nesessionmanager.content-filter") ;; <rdar://problem/48442387>
(global-name "com.apple.nesessionmanager"))
;; allow 3rd party applications to access nsurlstoraged's top level domain data cache
@@ -531,7 +532,6 @@
(global-name "com.apple.marco")
(global-name "com.apple.mediaserverd")
(global-name "com.apple.mobile.usermanagerd.xpc")
- (global-name "com.apple.nehelper")
(global-name "com.apple.nesessionmanager")
(global-name "com.apple.pegasus")
(global-name "com.apple.pluginkit.pkd")
Modified: trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in (243009 => 243010)
--- trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2019-03-15 21:07:23 UTC (rev 243009)
+++ trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2019-03-15 21:30:12 UTC (rev 243010)
@@ -678,7 +678,7 @@
;; Network Extensions / VPN helper.
(allow mach-lookup
(global-name "com.apple.nehelper")
- (global-name "com.apple.nesessionmanager"))
+ (global-name "com.apple.nesessionmanager.content-filter")) ;; <rdar://problem/48442387>
#if PLATFORM(MAC)
;; FIXME should be removed when <rdar://problem/9347205> + related radar in Safari is fixed
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes