[webkit-changes] [212883] trunk/Source/WebKit2

[eric . carlson]

Title: [212883] trunk/Source/WebKit2

Revision

212883

Author

eric.carl...@apple.com

Date

2017-02-23 07:13:16 -0800 (Thu, 23 Feb 2017)

Log Message

[MediaStream iOS] Allow web process sandbox to be extended for media capture
https://bugs.webkit.org/show_bug.cgi?id=168756

Reviewed by Brent Fulgham.

* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb: Add rules to dynamically
extend the sandbox to allow access to the camera and/or microphone.

Modified Paths

• trunk/Source/WebKit2/ChangeLog
• trunk/Source/WebKit2/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb

Diff

Modified: trunk/Source/WebKit2/ChangeLog (212882 => 212883)

--- trunk/Source/WebKit2/ChangeLog	2017-02-23 11:27:10 UTC (rev 212882)
+++ trunk/Source/WebKit2/ChangeLog	2017-02-23 15:13:16 UTC (rev 212883)
@@ -1,3 +1,13 @@
+2017-02-23  Eric Carlson  <eric.carl...@apple.com>
+
+        [MediaStream iOS] Allow web process sandbox to be extended for media capture
+        https://bugs.webkit.org/show_bug.cgi?id=168756
+
+        Reviewed by Brent Fulgham.
+
+        * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb: Add rules to dynamically
+        extend the sandbox to allow access to the camera and/or microphone.
+
 2017-02-23  Tomas Popela  <tpop...@redhat.com>
 
         [GTK] Drag and drop is always moving the content even if copy is requested

Modified: trunk/Source/WebKit2/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb (212882 => 212883)

--- trunk/Source/WebKit2/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb	2017-02-23 11:27:10 UTC (rev 212882)
+++ trunk/Source/WebKit2/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb	2017-02-23 15:13:16 UTC (rev 212883)
@@ -101,3 +101,27 @@
 ;; Allow CoreMedia to communicate with mediaserverd in order to implement custom media loading
 (allow mach-lookup
     (global-name "com.apple.coremedia.customurlloader.xpc"))
+
+;; Media capture, microphone access
+(with-filter (extension "com.apple.webkit.microphone")
+    (allow device-microphone))
+
+;; Media capture, camera access
+(with-filter (extension "com.apple.webkit.camera")
+    (shared-preferences-read "com.apple.coremedia")
+    (allow file-read* (subpath "/Library/CoreMediaIO/Plug-Ins/DAL"))
+    (allow mach-lookup (extension "com.apple.app-sandbox.mach"))
+    (allow mach-lookup
+        (global-name "com.apple.coremedia.videoqueue")
+        (global-name "com.apple.cmio.AppleCameraAssistant")
+        ;; Apple DAL assistants
+        (global-name "com.apple.cmio.VDCAssistant")
+        (global-name "com.apple.cmio.AVCAssistant")
+        (global-name "com.apple.cmio.IIDCVideoAssistant")
+        ;; QuickTimeIIDCDigitizer assistant
+        (global-name "com.apple.IIDCAssistant"))
+    (allow iokit-open
+        ;; QuickTimeUSBVDCDigitizer
+        (iokit-user-client-class "IOUSBDeviceUserClientV2")
+        (iokit-user-client-class "IOUSBInterfaceUserClientV2"))
+    (allow device-camera))

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes