Title: [101860] trunk/Source/WebKit2
- Revision
- 101860
- Author
- [email protected]
- Date
- 2011-12-02 14:56:23 -0800 (Fri, 02 Dec 2011)
Log Message
Update sandbox rules
https://bugs.webkit.org/show_bug.cgi?id=73675
<rdar://problem/9276430>
Reviewed by Sam Weinig.
* WebProcess/com.apple.WebProcess.sb:
Modified Paths
Diff
Modified: trunk/Source/WebKit2/ChangeLog (101859 => 101860)
--- trunk/Source/WebKit2/ChangeLog 2011-12-02 22:49:58 UTC (rev 101859)
+++ trunk/Source/WebKit2/ChangeLog 2011-12-02 22:56:23 UTC (rev 101860)
@@ -1,3 +1,13 @@
+2011-12-02 Alexey Proskuryakov <[email protected]>
+
+ Update sandbox rules
+ https://bugs.webkit.org/show_bug.cgi?id=73675
+ <rdar://problem/9276430>
+
+ Reviewed by Sam Weinig.
+
+ * WebProcess/com.apple.WebProcess.sb:
+
2011-12-02 Andy Estes <[email protected]>
WebKit2: Freeze the state of the layer tree until frame load completion if incremental rendering is suppressed
Modified: trunk/Source/WebKit2/WebProcess/com.apple.WebProcess.sb (101859 => 101860)
--- trunk/Source/WebKit2/WebProcess/com.apple.WebProcess.sb 2011-12-02 22:49:58 UTC (rev 101859)
+++ trunk/Source/WebKit2/WebProcess/com.apple.WebProcess.sb 2011-12-02 22:56:23 UTC (rev 101860)
@@ -24,11 +24,13 @@
(subpath "/Library/Dictionaries")
(subpath "/Library/Fonts")
(subpath "/Library/Frameworks")
- (subpath "/Library/Keychains")
(subpath "/private/var/db/mds")
(subpath "/private/var/db/DetachedSignatures")
(regex #"^/private/etc/(hosts|group|passwd)$")
+ ;; FIXME: This should be removed when <rdar://problem/10479685> is fixed.
+ (subpath "/Library/Keychains")
+
;; System and user preferences
(literal "/Library/Preferences/.GlobalPreferences.plist")
(literal "/Library/Preferences/com.apple.crypto.plist")
@@ -86,16 +88,10 @@
(home-subpath "/Library/Caches/com.apple.WebProcess")
(home-regex "/Library/Preferences/ByHost/com\.apple\.HIToolbox\.")
(home-regex "/Library/Preferences/com\.apple\.WebProcess\.")
- (home-subpath "/Library/Keychains")
- ;; FIXME: This should be removed when <rdar://problem/9276430> is fixed.
- (home-literal "/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV2")
- (home-literal "/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV2-journal"))
+ ;; FIXME: This should be removed when <rdar://problem/10479685> is fixed.
+ (home-subpath "/Library/Keychains"))
-(allow file-read-data
- ;; FIXME: This should be removed when <rdar://problem/9276430> is fixed.
- (home-literal "/Library/Preferences"))
-
;; Non-user Security mds caches
(allow file*
(subpath "/private/var/db/mds/system"))
@@ -166,8 +162,6 @@
(global-name "com.apple.system.opendirectoryd.api")
(global-name "com.apple.window_proxies")
(global-name "com.apple.windowserver.active")
-
- ;; FIXME: This will be superfluous once <rdar://problem/10420555> is fixed.
(global-name "com.apple.cfnetwork.AuthBrokerAgent")
;; FIXME: This should be removed when <rdar://problem/9276393> is fixed.
@@ -209,6 +203,10 @@
(literal "/private/etc/services")
(literal "/private/etc/host"))
-;; FIXME: Should be removed after <rdar://problem/9422957> is fixed
(deny file-read* file-write* (with no-log)
- (home-literal "/Library/Caches/Cache.db"))
+ ;; FIXME: Should be removed after <rdar://problem/9422957> is fixed.
+ (home-literal "/Library/Caches/Cache.db")
+
+ ;; FIXME: Should be removed after <rdar://problem/10463881> is fixed.
+ (home-literal "/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV2")
+ (home-literal "/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV2-journal"))
_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes
