[webkit-changes] [140754] trunk/Source/WebKit2

Thu, 24 Jan 2013 17:07:58 -0800

Title: [140754] trunk/Source/WebKit2
Revision
140754
Author
[email protected]
Date
2013-01-24 17:09:46 -0800 (Thu, 24 Jan 2013)

Log Message

        <rdar://problem/9971916> [WK2] Update sandbox extension usage
        https://bugs.webkit.org/show_bug.cgi?id=107861

        Reviewed by Sam Weinig.

        * Shared/SandboxExtension.h:
        * Shared/mac/SandboxExtensionMac.mm:
        (WebKit::wkSandboxExtensionType):
        * UIProcess/Downloads/DownloadProxy.cpp:
        (WebKit::DownloadProxy::decideDestinationWithSuggestedFilename):
        * UIProcess/WebContext.cpp:
        (WebKit::WebContext::createNewWebProcess):
        (WebKit::WebContext::processDidFinishLaunching):
        (WebKit::WebContext::startMemorySampler):
        * WebProcess/com.apple.WebProcess.sb.in:

Modified Paths

Diff

Modified: trunk/Source/WebKit2/ChangeLog (140753 => 140754)


--- trunk/Source/WebKit2/ChangeLog	2013-01-25 01:02:47 UTC (rev 140753)
+++ trunk/Source/WebKit2/ChangeLog	2013-01-25 01:09:46 UTC (rev 140754)
@@ -1,3 +1,21 @@
+2013-01-24  Alexey Proskuryakov  <[email protected]>
+
+        <rdar://problem/9971916> [WK2] Update sandbox extension usage
+        https://bugs.webkit.org/show_bug.cgi?id=107861
+
+        Reviewed by Sam Weinig.
+
+        * Shared/SandboxExtension.h:
+        * Shared/mac/SandboxExtensionMac.mm:
+        (WebKit::wkSandboxExtensionType):
+        * UIProcess/Downloads/DownloadProxy.cpp:
+        (WebKit::DownloadProxy::decideDestinationWithSuggestedFilename):
+        * UIProcess/WebContext.cpp:
+        (WebKit::WebContext::createNewWebProcess):
+        (WebKit::WebContext::processDidFinishLaunching):
+        (WebKit::WebContext::startMemorySampler):
+        * WebProcess/com.apple.WebProcess.sb.in:
+
 2013-01-24  Brady Eidson  <[email protected]>
 
         Move Authentication and Downloads from WebProcess to Shared.

Modified: trunk/Source/WebKit2/Shared/SandboxExtension.h (140753 => 140754)


--- trunk/Source/WebKit2/Shared/SandboxExtension.h	2013-01-25 01:02:47 UTC (rev 140753)
+++ trunk/Source/WebKit2/Shared/SandboxExtension.h	2013-01-25 01:09:46 UTC (rev 140754)
@@ -47,8 +47,7 @@
 public:
     enum Type {
         ReadOnly,
-        WriteOnly,
-        ReadWrite,
+        ReadWrite
     };
 
     class Handle {

Modified: trunk/Source/WebKit2/Shared/mac/SandboxExtensionMac.mm (140753 => 140754)


--- trunk/Source/WebKit2/Shared/mac/SandboxExtensionMac.mm	2013-01-25 01:02:47 UTC (rev 140753)
+++ trunk/Source/WebKit2/Shared/mac/SandboxExtensionMac.mm	2013-01-25 01:09:46 UTC (rev 140754)
@@ -160,14 +160,11 @@
     switch (type) {
     case SandboxExtension::ReadOnly:
         return WKSandboxExtensionTypeReadOnly;
-    case SandboxExtension::WriteOnly:
-        return WKSandboxExtensionTypeWriteOnly;
     case SandboxExtension::ReadWrite:
         return WKSandboxExtensionTypeReadWrite;
     }
 
-    ASSERT_NOT_REACHED();
-    return WKSandboxExtensionTypeReadOnly;
+    CRASH();
 }
 
 static CString resolveSymlinksInPath(const CString& path)

Modified: trunk/Source/WebKit2/UIProcess/Downloads/DownloadProxy.cpp (140753 => 140754)


--- trunk/Source/WebKit2/UIProcess/Downloads/DownloadProxy.cpp	2013-01-25 01:02:47 UTC (rev 140753)
+++ trunk/Source/WebKit2/UIProcess/Downloads/DownloadProxy.cpp	2013-01-25 01:09:46 UTC (rev 140754)
@@ -159,7 +159,7 @@
     destination = m_webContext->downloadClient().decideDestinationWithSuggestedFilename(m_webContext.get(), this, filename, allowOverwrite);
 
     if (!destination.isNull())
-        SandboxExtension::createHandle(destination, SandboxExtension::WriteOnly, sandboxExtensionHandle);
+        SandboxExtension::createHandle(destination, SandboxExtension::ReadWrite, sandboxExtensionHandle);
 }
 
 void DownloadProxy::didCreateDestination(const String& path)

Modified: trunk/Source/WebKit2/UIProcess/WebContext.cpp (140753 => 140754)


--- trunk/Source/WebKit2/UIProcess/WebContext.cpp	2013-01-25 01:02:47 UTC (rev 140753)
+++ trunk/Source/WebKit2/UIProcess/WebContext.cpp	2013-01-25 01:09:46 UTC (rev 140754)
@@ -474,7 +474,7 @@
 
     parameters.cookieStorageDirectory = cookieStorageDirectory();
     if (!parameters.cookieStorageDirectory.isEmpty())
-        SandboxExtension::createHandle(parameters.cookieStorageDirectory, SandboxExtension::ReadWrite, parameters.cookieStorageDirectoryExtensionHandle);
+        SandboxExtension::createHandleForReadWriteDirectory(parameters.cookieStorageDirectory, parameters.cookieStorageDirectoryExtensionHandle);
 
     parameters.shouldTrackVisitedLinks = m_historyClient.shouldTrackVisitedLinks();
     parameters.cacheModel = m_cacheModel;
@@ -597,7 +597,7 @@
         SandboxExtension::Handle sampleLogSandboxHandle;        
         double now = WTF::currentTime();
         String sampleLogFilePath = String::format("WebProcess%llupid%d", static_cast<unsigned long long>(now), process->processIdentifier());
-        sampleLogFilePath = SandboxExtension::createHandleForTemporaryFile(sampleLogFilePath, SandboxExtension::WriteOnly, sampleLogSandboxHandle);
+        sampleLogFilePath = SandboxExtension::createHandleForTemporaryFile(sampleLogFilePath, SandboxExtension::ReadWrite, sampleLogSandboxHandle);
         
         process->send(Messages::WebProcess::StartMemorySampler(sampleLogSandboxHandle, sampleLogFilePath, m_memorySamplerInterval), 0);
     }
@@ -965,7 +965,7 @@
     SandboxExtension::Handle sampleLogSandboxHandle;    
     double now = WTF::currentTime();
     String sampleLogFilePath = String::format("WebProcess%llu", static_cast<unsigned long long>(now));
-    sampleLogFilePath = SandboxExtension::createHandleForTemporaryFile(sampleLogFilePath, SandboxExtension::WriteOnly, sampleLogSandboxHandle);
+    sampleLogFilePath = SandboxExtension::createHandleForTemporaryFile(sampleLogFilePath, SandboxExtension::ReadWrite, sampleLogSandboxHandle);
     
     sendToAllProcesses(Messages::WebProcess::StartMemorySampler(sampleLogSandboxHandle, sampleLogFilePath, interval));
 }

Modified: trunk/Source/WebKit2/WebProcess/com.apple.WebProcess.sb.in (140753 => 140754)


--- trunk/Source/WebKit2/WebProcess/com.apple.WebProcess.sb.in	2013-01-25 01:02:47 UTC (rev 140753)
+++ trunk/Source/WebKit2/WebProcess/com.apple.WebProcess.sb.in	2013-01-25 01:09:46 UTC (rev 140754)
@@ -76,17 +76,22 @@
 
        (home-subpath "/Library/Dictionaries"))
 
-;; This should be updated when <rdar://problem/9355830> is fixed.
-;; Read-only extensions from UIProcess
-(if (defined? 'extension-class)
-    (allow file-read* (extension "com.apple.app-sandbox.read")))
+;; Sandbox extensions
+(define (apply-read-and-issue-extension op path-filter)
+    (op file-read* path-filter)
+    (op file-issue-extension (require-all (extension-class "com.apple.app-sandbox.read") path-filter)))
+(define (apply-write-and-issue-extension op path-filter)
+    (op file-write* path-filter)
+    (op file-issue-extension (require-all (extension-class "com.apple.app-sandbox.read-write") path-filter)))
+(define (read-only-and-issue-extensions path-filter)
+    (apply-read-and-issue-extension allow path-filter))
+(define (read-write-and-issue-extensions path-filter)
+    (apply-read-and-issue-extension allow path-filter)
+    (apply-write-and-issue-extension allow path-filter))
+(read-only-and-issue-extensions (extension "com.apple.app-sandbox.read"))
+(read-write-and-issue-extensions (extension "com.apple.app-sandbox.read-write"))
+(allow mach-lookup (extension "com.apple.app-sandbox.mach")) ;; FIXME: Should be removed when <rdar://problem/13066206> is fixed.
 
-;; Read-write extensions from UIProcess
-(allow file-read* file-write* (extension))
-
-;; Mach lookup extensions from the UIProcess
-(allow mach-lookup (extension "com.apple.app-sandbox.mach"))
-
 ;; Writable preferences and temporary files
 (allow file*
        (home-regex #"/Library/Preferences/ByHost/com\.apple\.HIToolbox\.")

_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to