Title: [259474] trunk/Source/WebKit
- Revision
- 259474
- Author
- [email protected]
- Date
- 2020-04-03 10:55:09 -0700 (Fri, 03 Apr 2020)
Log Message
[macOS] Update sandbox rules for correct sanitizer paths in current OS releases
https://bugs.webkit.org/show_bug.cgi?id=209818
<rdar://problem/58422996>
Unreviewed follow-up based on feedback from the sanitizer team.
The change in r259317 left the original, incorrect, 'literal' form of the path, rather
than the correct 'subpath' form. This corrects that issue.
* NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in:
* WebProcess/com.apple.WebProcess.sb.in:
Modified Paths
Diff
Modified: trunk/Source/WebKit/ChangeLog (259473 => 259474)
--- trunk/Source/WebKit/ChangeLog 2020-04-03 17:54:42 UTC (rev 259473)
+++ trunk/Source/WebKit/ChangeLog 2020-04-03 17:55:09 UTC (rev 259474)
@@ -1,5 +1,19 @@
2020-04-03 Brent Fulgham <[email protected]>
+ [macOS] Update sandbox rules for correct sanitizer paths in current OS releases
+ https://bugs.webkit.org/show_bug.cgi?id=209818
+ <rdar://problem/58422996>
+
+ Unreviewed follow-up based on feedback from the sanitizer team.
+
+ The change in r259317 left the original, incorrect, 'literal' form of the path, rather
+ than the correct 'subpath' form. This corrects that issue.
+
+ * NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in:
+ * WebProcess/com.apple.WebProcess.sb.in:
+
+2020-04-03 Brent Fulgham <[email protected]>
+
Remove unneeded sandbox access to some file paths
https://bugs.webkit.org/show_bug.cgi?id=209938
<rdar://problem/59529620>
Modified: trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in (259473 => 259474)
--- trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in 2020-04-03 17:54:42 UTC (rev 259473)
+++ trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in 2020-04-03 17:55:09 UTC (rev 259474)
@@ -44,7 +44,7 @@
(subpath "/System/Library/Frameworks")
(subpath "/System/Library/PrivateFrameworks")
(subpath "/usr/lib")
- (literal "/usr/local/lib/sanitizers") ;; FIXME(209820)
+ (subpath "/usr/local/lib/sanitizers") ;; FIXME(209820)
(subpath "/usr/appleinternal/lib/sanitizers"))
(allow file-read-metadata
@@ -87,7 +87,7 @@
(literal "/dev/dtracehelper"))
(allow file-read*
- (literal "/usr/local/lib/sanitizers") ;; FIXME(209820)
+ (subpath "/usr/local/lib/sanitizers") ;; FIXME(209820)
(subpath "/usr/appleinternal/lib/sanitizers"))
(allow file-write-create
Modified: trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in (259473 => 259474)
--- trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2020-04-03 17:54:42 UTC (rev 259473)
+++ trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2020-04-03 17:55:09 UTC (rev 259474)
@@ -58,7 +58,7 @@
(subpath "/System/Library/Frameworks")
(subpath "/System/Library/PrivateFrameworks")
(subpath "/usr/lib")
- (literal "/usr/local/lib/sanitizers") ;; FIXME(209820)
+ (subpath "/usr/local/lib/sanitizers") ;; FIXME(209820)
(subpath "/usr/appleinternal/lib/sanitizers"))
(allow file-read-metadata
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
