Skip to site navigation (Press enter)

[webkit-changes] [265520] trunk/Source/WebKit

pvollan Tue, 11 Aug 2020 14:38:46 -0700

Title: [265520] trunk/Source/WebKit

Revision: 265520
Author: [email protected]
Date: 2020-08-11 14:37:07 -0700 (Tue, 11 Aug 2020)

Log Message

[macOS] Deny access to directory for compiled WebKit sandboxes
https://bugs.webkit.org/show_bug.cgi?id=215384


Reviewed by Brent Fulgham.

A WebKit process on macOS should not be allowed access to the directory containing compiled sandboxes
after entering the sandbox itself.

* GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in:
* NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in:
* WebProcess/com.apple.WebProcess.sb.in:

Modified Paths

trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in
trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in
trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in

Diff

Modified: trunk/Source/WebKit/ChangeLog (265519 => 265520)


--- trunk/Source/WebKit/ChangeLog	2020-08-11 21:32:19 UTC (rev 265519)
+++ trunk/Source/WebKit/ChangeLog	2020-08-11 21:37:07 UTC (rev 265520)
@@ -1,3 +1,17 @@
+2020-08-11  Per Arne Vollan  <[email protected]>
+
+        [macOS] Deny access to directory for compiled WebKit sandboxes
+        https://bugs.webkit.org/show_bug.cgi?id=215384
+
+        Reviewed by Brent Fulgham.
+
+        A WebKit process on macOS should not be allowed access to the directory containing compiled sandboxes
+        after entering the sandbox itself.
+
+        * GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in:
+        * NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in:
+        * WebProcess/com.apple.WebProcess.sb.in:
+
 2020-08-11  Tim Horton  <[email protected]>
 
         iOS: Scrolling and touch events sporadically stop working after navigating

Modified: trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in (265519 => 265520)


--- trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in	2020-08-11 21:32:19 UTC (rev 265519)
+++ trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in	2020-08-11 21:37:07 UTC (rev 265520)
@@ -551,6 +551,12 @@
 
 (if (positive? (string-length (param "DARWIN_USER_CACHE_DIR")))
     (allow-read-write-directory-and-issue-read-write-extensions (param "DARWIN_USER_CACHE_DIR")))
+    (deny file-read* file-write*
+        (subpath (string-append (param "DARWIN_USER_CACHE_DIR") "/com.apple.WebKit.WebContent.Sandbox")))
+    (deny file-read* file-write*
+        (subpath (string-append (param "DARWIN_USER_CACHE_DIR") "/com.apple.WebKit.Networking.Sandbox")))
+    (deny file-read* file-write*
+        (subpath (string-append (param "DARWIN_USER_CACHE_DIR") "/com.apple.WebKit.GPU.Sandbox")))
 
 (if (positive? (string-length (param "DARWIN_USER_TEMP_DIR")))
     (allow-read-write-directory-and-issue-read-write-extensions (param "DARWIN_USER_TEMP_DIR")))

Modified: trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in (265519 => 265520)


--- trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in	2020-08-11 21:32:19 UTC (rev 265519)
+++ trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in	2020-08-11 21:37:07 UTC (rev 265520)
@@ -276,6 +276,13 @@
 
 (allow file-read* file-write* (subpath (param "DARWIN_USER_CACHE_DIR")))
 
+(deny file-read* file-write*
+    (subpath (string-append (param "DARWIN_USER_CACHE_DIR") "/com.apple.WebKit.WebContent.Sandbox")))
+(deny file-read* file-write*
+    (subpath (string-append (param "DARWIN_USER_CACHE_DIR") "/com.apple.WebKit.Networking.Sandbox")))
+(deny file-read* file-write*
+    (subpath (string-append (param "DARWIN_USER_CACHE_DIR") "/com.apple.WebKit.GPU.Sandbox")))
+
 (allow file-read* file-write* (subpath (param "DARWIN_USER_TEMP_DIR")))
 
 ;; IOKit user clients

Modified: trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in (265519 => 265520)


--- trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in	2020-08-11 21:32:19 UTC (rev 265519)
+++ trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in	2020-08-11 21:37:07 UTC (rev 265520)
@@ -632,6 +632,12 @@
 
 (if (positive? (string-length (param "DARWIN_USER_CACHE_DIR")))
     (allow-read-write-directory-and-issue-read-write-extensions (param "DARWIN_USER_CACHE_DIR")))
+    (deny file-read* file-write*
+        (subpath (string-append (param "DARWIN_USER_CACHE_DIR") "/com.apple.WebKit.WebContent.Sandbox")))
+    (deny file-read* file-write*
+        (subpath (string-append (param "DARWIN_USER_CACHE_DIR") "/com.apple.WebKit.Networking.Sandbox")))
+    (deny file-read* file-write*
+        (subpath (string-append (param "DARWIN_USER_CACHE_DIR") "/com.apple.WebKit.GPU.Sandbox")))
 
 (if (positive? (string-length (param "DARWIN_USER_TEMP_DIR")))
     (allow-read-write-directory-and-issue-read-write-extensions (param "DARWIN_USER_TEMP_DIR")))

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes