Title: [283012] trunk/Source/WebKit
- Revision
- 283012
- Author
- [email protected]
- Date
- 2021-09-23 14:57:21 -0700 (Thu, 23 Sep 2021)
Log Message
Remove access to unused services in the Networking access
https://bugs.webkit.org/show_bug.cgi?id=230715
<rdar://problem/83462947>
Reviewed by Brent Fulgham.
Telemetry is showing that some services allowed in the Networking process' sandbox are unused. These should be removed.
* NetworkProcess/cocoa/NetworkSessionCocoa.mm:
(-[WKNetworkSessionDelegate URLSession:task:didReceiveChallenge:completionHandler:]):
* NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in:
Modified Paths
Diff
Modified: trunk/Source/WebKit/ChangeLog (283011 => 283012)
--- trunk/Source/WebKit/ChangeLog 2021-09-23 21:54:28 UTC (rev 283011)
+++ trunk/Source/WebKit/ChangeLog 2021-09-23 21:57:21 UTC (rev 283012)
@@ -1,5 +1,19 @@
2021-09-23 Per Arne Vollan <[email protected]>
+ Remove access to unused services in the Networking access
+ https://bugs.webkit.org/show_bug.cgi?id=230715
+ <rdar://problem/83462947>
+
+ Reviewed by Brent Fulgham.
+
+ Telemetry is showing that some services allowed in the Networking process' sandbox are unused. These should be removed.
+
+ * NetworkProcess/cocoa/NetworkSessionCocoa.mm:
+ (-[WKNetworkSessionDelegate URLSession:task:didReceiveChallenge:completionHandler:]):
+ * NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in:
+
+2021-09-23 Per Arne Vollan <[email protected]>
+
Remove access to unused services in the GPU process
https://bugs.webkit.org/show_bug.cgi?id=230716
<rdar://problem/83464232>
Modified: trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in (283011 => 283012)
--- trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in 2021-09-23 21:54:28 UTC (rev 283011)
+++ trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in 2021-09-23 21:57:21 UTC (rev 283012)
@@ -113,21 +113,8 @@
(ipc-posix-name-prefix "apple.cfprefs."))
(allow mach-lookup (with report) (with telemetry)
- (global-name "com.apple.analyticsd.messagetracer")
- (global-name "com.apple.appsleep")
- (global-name "com.apple.bsd.dirhelper")
- (global-name "com.apple.cfprefsd.agent")
- (global-name "com.apple.cfprefsd.daemon")
- (global-name "com.apple.espd")
- (global-name "com.apple.secinitd")
- (global-name "com.apple.system.DirectoryService.libinfo_v1")
- (global-name "com.apple.system.logger")
(global-name "com.apple.system.opendirectoryd.libinfo")
- (global-name "com.apple.system.opendirectoryd.membership")
- (global-name "com.apple.trustd")
- (global-name "com.apple.trustd.agent")
- (global-name "com.apple.xpc.activity.unmanaged")
- (local-name "com.apple.cfprefsd.agent"))
+ (global-name "com.apple.trustd.agent"))
(with-filter (system-attribute apple-internal)
(allow mach-lookup (global-name "com.apple.internal.objc_trace")))
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
