[webkit-changes] [204461] trunk/Source/WebKit2

[bfulgham]

Title: [204461] trunk/Source/WebKit2

Revision

204461

Author

bfulg...@apple.com

Date

2016-08-15 09:10:09 -0700 (Mon, 15 Aug 2016)

Log Message

Add Sandbox profile for Enterprise support version of Flash Player
https://bugs.webkit.org/show_bug.cgi?id=160753
<rdar://problem/17614483>

Reviewed by Andy Estes.

* Resources/PlugInSandboxProfiles/com.macromedia.Flash Player ESR.plugin.sb: Added.
* WebKit2.xcodeproj/project.pbxproj: Add reference to new sandbox profile.

Modified Paths

• trunk/Source/WebKit2/ChangeLog
• trunk/Source/WebKit2/WebKit2.xcodeproj/project.pbxproj

Added Paths

• trunk/Source/WebKit2/Resources/PlugInSandboxProfiles/com.macromedia.Flash Player ESR.plugin.sb

Diff

Modified: trunk/Source/WebKit2/ChangeLog (204460 => 204461)

--- trunk/Source/WebKit2/ChangeLog	2016-08-15 09:56:18 UTC (rev 204460)
+++ trunk/Source/WebKit2/ChangeLog	2016-08-15 16:10:09 UTC (rev 204461)
@@ -1,3 +1,14 @@
+2016-08-10  Brent Fulgham  <bfulg...@apple.com>
+
+        Add Sandbox profile for Enterprise support version of Flash Player
+        https://bugs.webkit.org/show_bug.cgi?id=160753
+        <rdar://problem/17614483>
+
+        Reviewed by Andy Estes.
+
+        * Resources/PlugInSandboxProfiles/com.macromedia.Flash Player ESR.plugin.sb: Added.
+        * WebKit2.xcodeproj/project.pbxproj: Add reference to new sandbox profile.
+
 2016-08-14  Dan Bernstein  <m...@apple.com>
 
         [Cocoa] Remove deprecated _WKFormDelegate

Added: trunk/Source/WebKit2/Resources/PlugInSandboxProfiles/com.macromedia.Flash Player ESR.plugin.sb (0 => 204461)

--- trunk/Source/WebKit2/Resources/PlugInSandboxProfiles/com.macromedia.Flash Player ESR.plugin.sb	                        (rev 0)
+++ trunk/Source/WebKit2/Resources/PlugInSandboxProfiles/com.macromedia.Flash Player ESR.plugin.sb	2016-08-15 16:10:09 UTC (rev 204461)
@@ -0,0 +1,64 @@
+; Copyright (C) 2016 Apple Inc. All rights reserved.
+;
+; Redistribution and use in source and binary forms, with or without
+; modification, are permitted provided that the following conditions
+; are met:
+; 1. Redistributions of source code must retain the above copyright
+;    notice, this list of conditions and the following disclaimer.
+; 2. Redistributions in binary form must reproduce the above copyright
+;    notice, this list of conditions and the following disclaimer in the
+;    documentation and/or other materials provided with the distribution.
+;
+; THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
+; AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
+; THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+; PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
+; BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+; CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+; SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+; INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+; CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+; ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+; THE POSSIBILITY OF SUCH DAMAGE.
+
+(webkit-powerbox)
+(webkit-printing)
+(webkit-camera)
+(webkit-microphone)
+
+(allow ipc-posix-sem
+    (ipc-posix-name "MacromediaSemaphoreDig")
+    (ipc-posix-name "59918130"))
+
+(allow file-read*
+    (home-literal "/mm.cfg")
+    (home-literal "/mms.cfg"))
+
+(deny file-read-xattr (with no-log)
+    (home-library-literal "/Caches")
+    (home-library-preferences-literal "/"))
+
+(allow file-read* file-write-create file-write-mode file-write-owner
+    (home-library-literal "/Caches/Adobe")
+    (home-library-preferences-literal "/Macromedia"))
+
+(allow file-read* file-write*
+    (literal "/Library/Application Support/Macromedia/mms.cfg")
+    (home-library-literal "/Application Support/Macromedia/mms.cfg")
+    (home-library-subpath "/Caches/Adobe/Flash Player")
+    (home-library-preferences-subpath "/Macromedia/Flash Player"))
+
+(allow file-read*
+    (literal "/Library/PreferencePanes/Flash Player.prefPane")
+    (home-library-literal "/PreferencePanes/Flash Player.prefPane")
+    (home-library-regex "/Application Support/Macromedia/ss\.(cfg|cfn|sgn)$"))
+
+(allow file-read* file-write*
+    (mount-relative-regex #"^/\.TemporaryItems/"))
+
+(deny file-read* (with no-log)
+    (literal "/Library/Application Support/Macromedia/FlashAuthor.cfg")
+    (subpath "/Library/Application Support/Macromedia/FlashPlayerTrust"))
+
+(allow network-bind (local ip))
+

Modified: trunk/Source/WebKit2/WebKit2.xcodeproj/project.pbxproj (204460 => 204461)

--- trunk/Source/WebKit2/WebKit2.xcodeproj/project.pbxproj	2016-08-15 09:56:18 UTC (rev 204460)
+++ trunk/Source/WebKit2/WebKit2.xcodeproj/project.pbxproj	2016-08-15 16:10:09 UTC (rev 204461)
@@ -1076,6 +1076,7 @@
 		75A8D2E1187DEC1A00C39C9E /* APISession.h in Headers */ = {isa = PBXBuildFile; fileRef = 75A8D2DE187DE87400C39C9E /* APISession.h */; };
 		75A8D2E2187DEC1E00C39C9E /* APISession.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 75A8D2DD187DE87400C39C9E /* APISession.cpp */; };
 		762B748D120BC75C00819339 /* WKPreferencesRefPrivate.h in Headers */ = {isa = PBXBuildFile; fileRef = 762B7484120BBA2D00819339 /* WKPreferencesRefPrivate.h */; settings = {ATTRIBUTES = (Private, ); }; };
+		7A5E394A1D5BD8BE00B4B7CE /* com.macromedia.Flash Player ESR.plugin.sb in Resources */ = {isa = PBXBuildFile; fileRef = 7A5E39491D5BD8A700B4B7CE /* com.macromedia.Flash Player ESR.plugin.sb */; };
 		7A791EFA1C7CFCF100C4C52B /* WebResourceLoadStatisticsStoreMessageReceiver.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 7A791EF91C7CFB3700C4C52B /* WebResourceLoadStatisticsStoreMessageReceiver.cpp */; };
 		7A791EFB1C7CFD0100C4C52B /* WebResourceLoadStatisticsStoreMessages.h in Headers */ = {isa = PBXBuildFile; fileRef = 7A791EF81C7CFB1000C4C52B /* WebResourceLoadStatisticsStoreMessages.h */; };
 		7A791EFC1C7D08C500C4C52B /* WebResourceLoadStatisticsStore.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 7A9CD8C01C77984900D9F6C7 /* WebResourceLoadStatisticsStore.cpp */; };
@@ -3147,6 +3148,7 @@
 		75A8D2DE187DE87400C39C9E /* APISession.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = APISession.h; path = UIProcess/API/APISession.h; sourceTree = SOURCE_ROOT; };
 		762B7481120BBA0100819339 /* FontSmoothingLevel.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = FontSmoothingLevel.h; sourceTree = "<group>"; };
 		762B7484120BBA2D00819339 /* WKPreferencesRefPrivate.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WKPreferencesRefPrivate.h; sourceTree = "<group>"; };
+		7A5E39491D5BD8A700B4B7CE /* com.macromedia.Flash Player ESR.plugin.sb */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = "com.macromedia.Flash Player ESR.plugin.sb"; sourceTree = "<group>"; };
 		7A791EF81C7CFB1000C4C52B /* WebResourceLoadStatisticsStoreMessages.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WebResourceLoadStatisticsStoreMessages.h; sourceTree = "<group>"; };
 		7A791EF91C7CFB3700C4C52B /* WebResourceLoadStatisticsStoreMessageReceiver.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = WebResourceLoadStatisticsStoreMessageReceiver.cpp; sourceTree = "<group>"; };
 		7A9CD8C01C77984900D9F6C7 /* WebResourceLoadStatisticsStore.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = WebResourceLoadStatisticsStore.cpp; sourceTree = "<group>"; };
@@ -5778,6 +5780,7 @@
 				7CB16FE31724B9B5007A0A95 /* com.apple.QuickTime Plugin.plugin.sb */,
 				7CB16FE41724B9B5007A0A95 /* com.apple.WebKit.plugin-common.sb */,
 				7CB16FE51724B9B5007A0A95 /* com.macromedia.Flash Player.plugin.sb */,
+				7A5E39491D5BD8A700B4B7CE /* com.macromedia.Flash Player ESR.plugin.sb */,
 				7CB16FE61724B9B5007A0A95 /* com.microsoft.SilverlightPlugin.sb */,
 				7CB16FE71724B9B5007A0A95 /* com.oracle.java.JavaAppletPlugin.sb */,
 			);
@@ -8568,6 +8571,7 @@
 				E11D35AE16B63D1B006D23D7 /* com.apple.WebProcess.sb in Resources */,
 				8DC2EF530486A6940098B216 /* InfoPlist.strings in Resources */,
 				93A2A3461D246125002B59D3 /* mediaIcon.pdf in Resources */,
+				7A5E394A1D5BD8BE00B4B7CE /* com.macromedia.Flash Player ESR.plugin.sb in Resources */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes