Skip to site navigation (Press enter)

[webkit-changes] [254989] trunk/Source/WebKit

bfulgham Thu, 23 Jan 2020 11:07:31 -0800

Title: [254989] trunk/Source/WebKit

Revision: 254989
Author: [email protected]
Date: 2020-01-23 11:05:24 -0800 (Thu, 23 Jan 2020)

Log Message

[iOS] Camera is lost during WebRTC demo
https://bugs.webkit.org/show_bug.cgi?id=206613
<rdar://problem/58764572>


Patch by Per Arne Vollan <[email protected]> on 2020-01-23
Reviewed by Brent Fulgham.

Fix observed sandbox violations in the Networking process.

* Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb:

Modified Paths

trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb

Diff

Modified: trunk/Source/WebKit/ChangeLog (254988 => 254989)


--- trunk/Source/WebKit/ChangeLog	2020-01-23 19:03:42 UTC (rev 254988)
+++ trunk/Source/WebKit/ChangeLog	2020-01-23 19:05:24 UTC (rev 254989)
@@ -1,3 +1,15 @@
+2020-01-23  Per Arne Vollan  <[email protected]>
+
+        [iOS] Camera is lost during WebRTC demo
+        https://bugs.webkit.org/show_bug.cgi?id=206613
+        <rdar://problem/58764572>
+
+        Reviewed by Brent Fulgham.
+
+        Fix observed sandbox violations in the Networking process.
+
+        * Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb:
+
 2020-01-23  Brent Fulgham  <[email protected]>
 
         Stop capturing telemetry for well-understood sandbox rules (206562)

Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb (254988 => 254989)


--- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb	2020-01-23 19:03:42 UTC (rev 254988)
+++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb	2020-01-23 19:05:24 UTC (rev 254989)
@@ -641,3 +641,21 @@
 ;; Various shared memory accesses required by system frameworks
 (allow ipc-posix-shm-read-data
     (ipc-posix-name "/com.apple.AppSSO.version"))
+
+;; Access to ContainerManager
+(allow mach-lookup
+    (global-name "com.apple.containermanagerd"))
+(allow ipc-posix-sem-open
+    (ipc-posix-name "containermanagerd.fb_check"))
+
+(allow file-read*
+    (literal "/dev/random")
+    (literal "/dev/urandom"))
+
+;; Access to MobileGestalt
+(allow mach-lookup
+    (global-name "com.apple.mobilegestalt.xpc"))
+(allow file-read*
+    (well-known-system-group-container-literal "/systemgroup.com.apple.mobilegestaltcache/Library/Caches/com.apple.MobileGestalt.plist"))
+(allow iokit-get-properties
+    (iokit-property "IORegistryEntryPropertyKeys"))

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes