Skip to site navigation (Press enter)

[webkit-changes] [262496] trunk/Source/WebKit

bfulgham Wed, 03 Jun 2020 11:40:26 -0700

Title: [262496] trunk/Source/WebKit

Revision: 262496
Author: [email protected]
Date: 2020-06-03 11:39:02 -0700 (Wed, 03 Jun 2020)

Log Message

[iOS] Reduce sandbox logging by permitting necessary sysctl
https://bugs.webkit.org/show_bug.cgi?id=212710
<rdar://problem/63900239>


Reviewed by Per Arne Vollan.

Telemetry indicates that we need to access "sysctl.name2oid" in the
Network process during error handling for HTTP connections. Allow this
access and avoid generating unnecessary logging for this case.

* Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb:

Modified Paths

trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb

Diff

Modified: trunk/Source/WebKit/ChangeLog (262495 => 262496)


--- trunk/Source/WebKit/ChangeLog	2020-06-03 18:07:49 UTC (rev 262495)
+++ trunk/Source/WebKit/ChangeLog	2020-06-03 18:39:02 UTC (rev 262496)
@@ -1,3 +1,17 @@
+2020-06-03  Brent Fulgham  <[email protected]>
+
+        [iOS] Reduce sandbox logging by permitting necessary sysctl
+        https://bugs.webkit.org/show_bug.cgi?id=212710
+        <rdar://problem/63900239>
+
+        Reviewed by Per Arne Vollan.
+
+        Telemetry indicates that we need to access "sysctl.name2oid" in the
+        Network process during error handling for HTTP connections. Allow this
+        access and avoid generating unnecessary logging for this case.
+
+        * Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb:
+
 2020-06-03  Youenn Fablet  <[email protected]>
 
         Add more logging related to service worker fetch event handling

Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb (262495 => 262496)


--- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb	2020-06-03 18:07:49 UTC (rev 262495)
+++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb	2020-06-03 18:39:02 UTC (rev 262496)
@@ -481,7 +481,6 @@
     (sysctl-name "kern.usrstack64")
     (sysctl-name "kern.waketime")
     (sysctl-name "security.mac.sandbox.sentinel")
-    (sysctl-name "sysctl.name2oid")
     (sysctl-name "vm.loadavg")
     (sysctl-name-prefix "kern.argmax")
     (sysctl-name-prefix "kern.proc.pid.")
@@ -566,6 +565,7 @@
         "kern.secure_kernel" ;; Needed by XPC bundle resolution
         "kern.tcsm_available" ;; Needed for IndexedDB support
         "kern.version"
+        "sysctl.name2oid"
         "vm.footprint_suspend"))
 
 ;; Access to client's cache folder & re-vending to CFNetwork.

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes