Title: [245247] branches/safari-608.1.24-branch/Source/WebKit
- Revision
- 245247
- Author
- alanc...@apple.com
- Date
- 2019-05-13 13:10:43 -0700 (Mon, 13 May 2019)
Log Message
Cherry-pick r245246. rdar://problem/50727815
Correct the sandbox to allow loading libraries from /Library/Apple
https://bugs.webkit.org/show_bug.cgi?id=197844
Reviewed by Per Arne Vollan.
Grant access to '/Library/Apple' as an appropriate place to load
system frameworks.
* WebProcess/com.apple.WebProcess.sb.in:
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245246 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Modified Paths
Diff
Modified: branches/safari-608.1.24-branch/Source/WebKit/ChangeLog (245246 => 245247)
--- branches/safari-608.1.24-branch/Source/WebKit/ChangeLog 2019-05-13 19:53:44 UTC (rev 245246)
+++ branches/safari-608.1.24-branch/Source/WebKit/ChangeLog 2019-05-13 20:10:43 UTC (rev 245247)
@@ -1,3 +1,32 @@
+2019-05-13 Alan Coon <alanc...@apple.com>
+
+ Cherry-pick r245246. rdar://problem/50727815
+
+ Correct the sandbox to allow loading libraries from /Library/Apple
+ https://bugs.webkit.org/show_bug.cgi?id=197844
+
+ Reviewed by Per Arne Vollan.
+
+ Grant access to '/Library/Apple' as an appropriate place to load
+ system frameworks.
+
+ * WebProcess/com.apple.WebProcess.sb.in:
+
+
+ git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245246 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+ 2019-05-13 Brent Fulgham <bfulg...@apple.com>
+
+ Correct the sandbox to allow loading libraries from /Library/Apple
+ https://bugs.webkit.org/show_bug.cgi?id=197844
+
+ Reviewed by Per Arne Vollan.
+
+ Grant access to '/Library/Apple' as an appropriate place to load
+ system frameworks.
+
+ * WebProcess/com.apple.WebProcess.sb.in:
+
2019-05-12 Babak Shafiei <bshaf...@apple.com>
Cherry-pick r245195. rdar://problem/46548586
Modified: branches/safari-608.1.24-branch/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in (245246 => 245247)
--- branches/safari-608.1.24-branch/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2019-05-13 19:53:44 UTC (rev 245246)
+++ branches/safari-608.1.24-branch/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2019-05-13 20:10:43 UTC (rev 245247)
@@ -40,6 +40,7 @@
(allow file-read*
(require-all (file-mode #o0004)
(require-any (subpath "/Library/Filesystems/NetFSPlugins")
+ (subpath "/Library/Apple/System")
(subpath "/Library/Preferences/Logging") ; Logging Rethink
(subpath "/System")
(subpath "/private/var/db/dyld")
@@ -53,6 +54,15 @@
(subpath "/AppleInternal/Library/Preferences/Logging")
(system-attribute apple-internal)))
+;;; Allow mapping of system frameworks + dylibs
+(allow file-map-executable
+ (subpath "/Library/Apple/System/Library/Frameworks")
+ (subpath "/Library/Apple/System/Library/PrivateFrameworks")
+ (subpath "/System/Library/Frameworks")
+ (subpath "/System/Library/PrivateFrameworks")
+ (subpath "/usr/lib")
+ (literal "/usr/local/lib/sanitizers"))
+
(allow file-read-metadata
(literal "/etc")
(literal "/tmp")
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
