[webkit-changes] [235803] branches/safari-606-branch/Source/WebKit

Fri, 07 Sep 2018 13:09:52 -0700

Title: [235803] branches/safari-606-branch/Source/WebKit
Revision
235803
Author
[email protected]
Date
2018-09-07 13:08:22 -0700 (Fri, 07 Sep 2018)

Log Message

Cherry-pick r235506. rdar://problem/44169670

    [macOS] Whitelist Network process features for VPN
    https://bugs.webkit.org/show_bug.cgi?id=189023
    <rdar://problem/43310000>

    Reviewed by Eric Carlson.

    CFNetwork needs access to some VPN preference files to configure networking, and
    need to be allowed to communicate with the VPN process from the Network Process
    sandbox.

    * NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in:

    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@235506 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Modified Paths

Diff

Modified: branches/safari-606-branch/Source/WebKit/ChangeLog (235802 => 235803)


--- branches/safari-606-branch/Source/WebKit/ChangeLog	2018-09-07 20:08:20 UTC (rev 235802)
+++ branches/safari-606-branch/Source/WebKit/ChangeLog	2018-09-07 20:08:22 UTC (rev 235803)
@@ -1,5 +1,38 @@
 2018-09-06  Babak Shafiei  <[email protected]>
 
+        Cherry-pick r235506. rdar://problem/44169670
+
+    [macOS] Whitelist Network process features for VPN
+    https://bugs.webkit.org/show_bug.cgi?id=189023
+    <rdar://problem/43310000>
+    
+    Reviewed by Eric Carlson.
+    
+    CFNetwork needs access to some VPN preference files to configure networking, and
+    need to be allowed to communicate with the VPN process from the Network Process
+    sandbox.
+    
+    * NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in:
+    
+    
+    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@235506 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+    2018-08-30  Brent Fulgham  <[email protected]>
+
+            [macOS] Whitelist Network process features for VPN
+            https://bugs.webkit.org/show_bug.cgi?id=189023
+            <rdar://problem/43310000>
+
+            Reviewed by Eric Carlson.
+
+            CFNetwork needs access to some VPN preference files to configure networking, and
+            need to be allowed to communicate with the VPN process from the Network Process
+            sandbox.
+
+            * NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in:
+
+2018-09-06  Babak Shafiei  <[email protected]>
+
         Cherry-pick r235569. rdar://problem/44169479
 
     Storage Access API: Maintain access through same-site navigations

Modified: branches/safari-606-branch/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in (235802 => 235803)


--- branches/safari-606-branch/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in	2018-09-07 20:08:20 UTC (rev 235802)
+++ branches/safari-606-branch/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in	2018-09-07 20:08:22 UTC (rev 235803)
@@ -155,6 +155,7 @@
     (global-name "com.apple.cookied")
     (global-name "com.apple.cfnetwork.AuthBrokerAgent")
     (global-name "com.apple.cfnetwork.cfnetworkagent")
+    (global-name "com.apple.ist.ds.appleconnect2.service.kdctunnelcontroller")
     (global-name "com.apple.lsd.mapdb")
     (global-name "com.apple.nesessionmanager.flow-divert-token")
 )
@@ -197,8 +198,17 @@
        (literal "/Library/Preferences/com.apple.security.revocation.plist")
        (home-literal "/Library/Application Support/SyncServices/Local/ClientsWithChanges/com.apple.Keychain")
        (home-literal "/Library/Preferences/com.apple.security.plist")
-       (home-literal "/Library/Preferences/com.apple.security.revocation.plist"))
+       (home-literal "/Library/Preferences/com.apple.security.revocation.plist")
 
+       ; Likewise for <rdar://problem/43310000>
+       (literal "/Library/Preferences/com.apple.ist.ds.appleconnect2.plist")
+       (literal "/Library/Preferences/com.apple.ist.ds.appleconnect2.production.plist")
+       (home-literal "/Library/Preferences/com.apple.ist.ds.appleconnect2.plist")
+       (home-literal "/Library/Preferences/com.apple.ist.ds.appleconnect2.production.plist")
+       (home-regex (string-append "/Library/Preferences/ByHost/com\.apple\.ist\.ds\.appleconnect2\." (uuid-regex-string) "\.plist$"))
+       (home-regex (string-append "/Library/Preferences/ByHost/com\.apple\.ist\.ds\.appleconnect2\.production\." (uuid-regex-string) "\.plist$"))
+)
+
 (allow ipc-posix-shm-read* ipc-posix-shm-write-data
        (ipc-posix-name "com.apple.AppleDatabaseChanged"))
 

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to