[webkit-changes] [289936] branches/safari-613-branch/Source/WebKit/NetworkProcess/mac/ com.apple.WebKit.NetworkProcess.sb.in

Wed, 16 Feb 2022 12:17:08 -0800

Title: [289936] branches/safari-613-branch/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in
Revision
289936
Author
[email protected]
Date
2022-02-16 12:16:15 -0800 (Wed, 16 Feb 2022)

Log Message

Cherry-pick r289858. rdar://problem/88787266

    [macOS] Add access to mach service in the Networking process for all users
    https://bugs.webkit.org/show_bug.cgi?id=236653
    <rdar://88787266>

    Reviewed by Brent Fulgham.

    We currently allow access to "com.apple.trustd" for the root user. Access to this service is needed for all users.
    This issue was introduced in https://trac.webkit.org/changeset/283012/webkit, and this patch also reverts this
    change for older versions of macOS.

    * NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in:

    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@289858 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Modified Paths

Diff

Modified: branches/safari-613-branch/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in (289935 => 289936)


--- branches/safari-613-branch/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in	2022-02-16 20:16:13 UTC (rev 289935)
+++ branches/safari-613-branch/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in	2022-02-16 20:16:15 UTC (rev 289936)
@@ -114,13 +114,24 @@
 (allow mach-lookup (global-name "com.apple.coreservices.launchservicesd"))
 #endif
 
+#if !PLATFORM(MAC) || __MAC_OS_X_VERSION_MIN_REQUIRED < 130000
 (allow mach-lookup
-       (global-name "com.apple.system.opendirectoryd.libinfo")
-       (global-name "com.apple.trustd.agent"))
+    (global-name
+        "com.apple.analyticsd.messagetracer"
+        "com.apple.appsleep"
+        "com.apple.bsd.dirhelper"
+        "com.apple.espd"
+        "com.apple.secinitd"
+        "com.apple.system.DirectoryService.libinfo_v1"
+        "com.apple.system.logger"
+        "com.apple.system.opendirectoryd.membership"
+        "com.apple.xpc.activity.unmanaged"))
+#endif
 
-(with-filter (uid 0)
-    (allow mach-lookup
-       (global-name "com.apple.trustd")))
+(allow mach-lookup
+    (global-name "com.apple.system.opendirectoryd.libinfo")
+    (global-name "com.apple.trustd")
+    (global-name "com.apple.trustd.agent"))
 
 (define (system-network)
     (allow file-read*

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to