[webkit-changes] [243900] trunk/Source/WebKit

Thu, 04 Apr 2019 13:48:17 -0700

Title: [243900] trunk/Source/WebKit
Revision
243900
Author
pvol...@apple.com
Date
2019-04-04 13:44:50 -0700 (Thu, 04 Apr 2019)

Log Message

[macOS] Fix sandbox violations
https://bugs.webkit.org/show_bug.cgi?id=196616
<rdar://problem/49498040>

Reviewed by Brent Fulgham.

Fix some observed sandbox violations in the WebContent process on macOS.

* WebProcess/com.apple.WebProcess.sb.in:

Modified Paths

Diff

Modified: trunk/Source/WebKit/ChangeLog (243899 => 243900)


--- trunk/Source/WebKit/ChangeLog	2019-04-04 20:44:29 UTC (rev 243899)
+++ trunk/Source/WebKit/ChangeLog	2019-04-04 20:44:50 UTC (rev 243900)
@@ -1,3 +1,15 @@
+2019-04-04  Per Arne Vollan  <pvol...@apple.com>
+
+        [macOS] Fix sandbox violations
+        https://bugs.webkit.org/show_bug.cgi?id=196616
+        <rdar://problem/49498040>
+
+        Reviewed by Brent Fulgham.
+
+        Fix some observed sandbox violations in the WebContent process on macOS.
+
+        * WebProcess/com.apple.WebProcess.sb.in:
+
 2019-04-04  Eric Carlson  <eric.carl...@apple.com>
 
         [MediaStream] Host should be able to mute screen capture and camera/microphone independently

Modified: trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in (243899 => 243900)


--- trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in	2019-04-04 20:44:29 UTC (rev 243899)
+++ trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in	2019-04-04 20:44:50 UTC (rev 243900)
@@ -375,6 +375,7 @@
     (iokit-property "cail_properties")
     (iokit-property "dpm")
 #endif
+    (iokit-property "IOGVAH264EncodeCapabilities") ;; <rdar://problem/49498040>
 )
 
 #if !PLATFORM(MAC) || __MAC_OS_X_VERSION_MIN_REQUIRED >= 101300
@@ -641,7 +642,7 @@
        (subpath "/private/var/db/mds")
        (literal "/private/var/db/DetachedSignatures"))
 
-(allow ipc-posix-shm-read* ipc-posix-shm-write-data
+(allow ipc-posix-shm-read* ipc-posix-shm-write-data ipc-posix-shm-write-create
        (ipc-posix-name "com.apple.AppleDatabaseChanged"))
 
 ;; CoreFoundation. We don't import com.apple.corefoundation.sb, because it allows unnecessary access to pasteboard.

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to