Title: [254364] trunk
- Revision
- 254364
- Author
- [email protected]
- Date
- 2020-01-10 13:38:08 -0800 (Fri, 10 Jan 2020)
Log Message
[iOS] Remove 'com.apple.cookied' from the WebContent process sandbox
https://bugs.webkit.org/show_bug.cgi?id=206083
<rdar://problem/56963865>
Reviewed by Per Arne Vollan.
Telemetry and testing have confirmed that we no longer use the 'com.apple.cookied' mach connection
in the WebContent process on iOS. We should remove this from the WebContent process sandbox
Source/WebKit:
Tested by fast/sandbox/ios/sandbox-mach-lookup.html.
* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
LayoutTests:
* fast/sandbox/ios/sandbox-mach-lookup-expected.txt:
* fast/sandbox/ios/sandbox-mach-lookup.html:
Modified Paths
Diff
Modified: trunk/LayoutTests/ChangeLog (254363 => 254364)
--- trunk/LayoutTests/ChangeLog 2020-01-10 20:39:31 UTC (rev 254363)
+++ trunk/LayoutTests/ChangeLog 2020-01-10 21:38:08 UTC (rev 254364)
@@ -1,5 +1,19 @@
2020-01-10 Brent Fulgham <[email protected]>
+ [iOS] Remove 'com.apple.cookied' from the WebContent process sandbox
+ https://bugs.webkit.org/show_bug.cgi?id=206083
+ <rdar://problem/56963865>
+
+ Reviewed by Per Arne Vollan.
+
+ Telemetry and testing have confirmed that we no longer use the 'com.apple.cookied' mach connection
+ in the WebContent process on iOS. We should remove this from the WebContent process sandbox
+
+ * fast/sandbox/ios/sandbox-mach-lookup-expected.txt:
+ * fast/sandbox/ios/sandbox-mach-lookup.html:
+
+2020-01-10 Brent Fulgham <[email protected]>
+
Remove com.apple.locationd.registration from the WebContent sandbox
https://bugs.webkit.org/show_bug.cgi?id=206021
<rdar://problem/58451384>
Modified: trunk/LayoutTests/fast/sandbox/ios/sandbox-mach-lookup-expected.txt (254363 => 254364)
--- trunk/LayoutTests/fast/sandbox/ios/sandbox-mach-lookup-expected.txt 2020-01-10 20:39:31 UTC (rev 254363)
+++ trunk/LayoutTests/fast/sandbox/ios/sandbox-mach-lookup-expected.txt 2020-01-10 21:38:08 UTC (rev 254364)
@@ -6,6 +6,7 @@
PASS internals.hasSandboxMachLookupAccessToXPCServiceName("com.apple.WebKit.WebContent", "com.apple.apple-extension-service") is false
PASS internals.hasSandboxMachLookupAccessToXPCServiceName("com.apple.WebKit.WebContent", "com.apple.viewservice") is false
PASS internals.hasSandboxMachLookupAccessToGlobalName("com.apple.WebKit.WebContent", "com.apple.TextInput") is false
+PASS internals.hasSandboxMachLookupAccessToGlobalName("com.apple.WebKit.WebContent", "com.apple.cookied") is false
PASS internals.hasSandboxMachLookupAccessToGlobalName("com.apple.WebKit.WebContent", "com.apple.locationd.registration") is false
PASS internals.hasSandboxMachLookupAccessToGlobalName("com.apple.WebKit.WebContent", "com.apple.nehelper") is false
PASS internals.hasSandboxMachLookupAccessToGlobalName("com.apple.WebKit.WebContent", "com.apple.nesessionmanager") is false
Modified: trunk/LayoutTests/fast/sandbox/ios/sandbox-mach-lookup.html (254363 => 254364)
--- trunk/LayoutTests/fast/sandbox/ios/sandbox-mach-lookup.html 2020-01-10 20:39:31 UTC (rev 254363)
+++ trunk/LayoutTests/fast/sandbox/ios/sandbox-mach-lookup.html 2020-01-10 21:38:08 UTC (rev 254364)
@@ -9,6 +9,7 @@
shouldBeFalse("internals.hasSandboxMachLookupAccessToXPCServiceName(\"com.apple.WebKit.WebContent\", \"com.apple.apple-extension-service\")");
shouldBeFalse("internals.hasSandboxMachLookupAccessToXPCServiceName(\"com.apple.WebKit.WebContent\", \"com.apple.viewservice\")");
shouldBeFalse("internals.hasSandboxMachLookupAccessToGlobalName(\"com.apple.WebKit.WebContent\", \"com.apple.TextInput\")");
+ shouldBeFalse("internals.hasSandboxMachLookupAccessToGlobalName(\"com.apple.WebKit.WebContent\", \"com.apple.cookied\")");
shouldBeFalse("internals.hasSandboxMachLookupAccessToGlobalName(\"com.apple.WebKit.WebContent\", \"com.apple.locationd.registration\")");
shouldBeFalse("internals.hasSandboxMachLookupAccessToGlobalName(\"com.apple.WebKit.WebContent\", \"com.apple.nehelper\")");
shouldBeFalse("internals.hasSandboxMachLookupAccessToGlobalName(\"com.apple.WebKit.WebContent\", \"com.apple.nesessionmanager\")");
Modified: trunk/Source/WebKit/ChangeLog (254363 => 254364)
--- trunk/Source/WebKit/ChangeLog 2020-01-10 20:39:31 UTC (rev 254363)
+++ trunk/Source/WebKit/ChangeLog 2020-01-10 21:38:08 UTC (rev 254364)
@@ -1,5 +1,20 @@
2020-01-10 Brent Fulgham <[email protected]>
+ [iOS] Remove 'com.apple.cookied' from the WebContent process sandbox
+ https://bugs.webkit.org/show_bug.cgi?id=206083
+ <rdar://problem/56963865>
+
+ Reviewed by Per Arne Vollan.
+
+ Telemetry and testing have confirmed that we no longer use the 'com.apple.cookied' mach connection
+ in the WebContent process on iOS. We should remove this from the WebContent process sandbox
+
+ Tested by fast/sandbox/ios/sandbox-mach-lookup.html.
+
+ * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
+
+2020-01-10 Brent Fulgham <[email protected]>
+
Remove com.apple.locationd.registration from the WebContent sandbox
https://bugs.webkit.org/show_bug.cgi?id=206021
<rdar://problem/58451384>
Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb (254363 => 254364)
--- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb 2020-01-10 20:39:31 UTC (rev 254363)
+++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb 2020-01-10 21:38:08 UTC (rev 254364)
@@ -939,7 +939,6 @@
(global-name "com.apple.analyticsd"))
(allow mach-lookup (with report) (with telemetry)
- (global-name "com.apple.cookied")
(global-name "com.apple.PowerManagement.control"))
(deny file-write-create (vnode-type SYMLINK))
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
