Title: [228341] trunk/Source/WebKit
- Revision
- 228341
- Author
- bfulg...@apple.com
- Date
- 2018-02-09 15:56:41 -0800 (Fri, 09 Feb 2018)
Log Message
Sandbox violating attempting to read log formatting preference file
https://bugs.webkit.org/show_bug.cgi?id=182648
<rdar://problem/36629495>
Reviewed by Eric Carlson.
Various frameworks attempt to read logging format information from /usr/local/lib/log. The sandbox is blocking
this, generating log spam and preventing some logging features from working properly. We should allow read
access to this path.
* NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in:
* Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb:
* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
* WebProcess/com.apple.WebProcess.sb.in:
Modified Paths
Diff
Modified: trunk/Source/WebKit/ChangeLog (228340 => 228341)
--- trunk/Source/WebKit/ChangeLog 2018-02-09 23:41:34 UTC (rev 228340)
+++ trunk/Source/WebKit/ChangeLog 2018-02-09 23:56:41 UTC (rev 228341)
@@ -1,3 +1,20 @@
+2018-02-09 Brent Fulgham <bfulg...@apple.com>
+
+ Sandbox violating attempting to read log formatting preference file
+ https://bugs.webkit.org/show_bug.cgi?id=182648
+ <rdar://problem/36629495>
+
+ Reviewed by Eric Carlson.
+
+ Various frameworks attempt to read logging format information from /usr/local/lib/log. The sandbox is blocking
+ this, generating log spam and preventing some logging features from working properly. We should allow read
+ access to this path.
+
+ * NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in:
+ * Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb:
+ * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
+ * WebProcess/com.apple.WebProcess.sb.in:
+
2018-02-08 Chris Dumez <cdu...@apple.com>
There should be a way to disable [OverrideBuiltins] behavior in a given DOMWrapperWorld
Modified: trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in (228340 => 228341)
--- trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in 2018-02-09 23:41:34 UTC (rev 228340)
+++ trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in 2018-02-09 23:56:41 UTC (rev 228341)
@@ -110,6 +110,10 @@
(subpath (param "WEBKIT2_FRAMEWORK_DIR")))
(allow system-fsctl (fsctl-command (_IO "h" 47)))
+(allow file-read-data
+ (literal "/usr/local/lib/log") ; <rdar://problem/36629495>
+)
+
;; Sandbox extensions
(define (apply-read-and-issue-extension op path-filter)
(op file-read* path-filter)
Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb (228340 => 228341)
--- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb 2018-02-09 23:41:34 UTC (rev 228340)
+++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb 2018-02-09 23:56:41 UTC (rev 228341)
@@ -66,6 +66,10 @@
(allow-well-known-system-group-container-subpath-read
"/systemgroup.com.apple.nsurlstoragedresources/Library/dafsaData.bin")
+(allow file-read-data
+ (literal "/usr/local/lib/log") ; <rdar://problem/36629495>
+)
+
;; Security framework
(allow mach-lookup
(global-name "com.apple.ocspd")
Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb (228340 => 228341)
--- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb 2018-02-09 23:41:34 UTC (rev 228340)
+++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb 2018-02-09 23:56:41 UTC (rev 228341)
@@ -370,6 +370,10 @@
;; Allow ManagedPreference access
(allow file-read* (literal "/private/var/Managed Preferences/mobile/com.apple.webcontentfilter.plist"))
+(allow file-read-data
+ (literal "/usr/local/lib/log") ; <rdar://problem/36629495>
+)
+
;; Allow mediaserverd to issue file extensions for the purposes of reading media
(allow file-issue-extension (require-all
(extension "com.apple.app-sandbox.read")
Modified: trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in (228340 => 228341)
--- trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2018-02-09 23:41:34 UTC (rev 228340)
+++ trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2018-02-09 23:56:41 UTC (rev 228341)
@@ -439,6 +439,7 @@
(home-subpath "/Library/Dictionaries"))
(allow file-read-data
+ (literal "/usr/local/lib/log") ; <rdar://problem/36629495>
;; Needed for AES3 support
(subpath "/Library/Audio/Plug-Ins/Components"))
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes