135908 2014-08-13 15:09:34 -0700 Opening Web Inspector causes a large amount of sandbox violations 2014-08-13 15:31:06 -0700 1 1 1 Unclassified WebKit WebKit2 528+ (Nightly build) Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 1 joepeck joepeck ap commit-queue sam timothy oldest_to_newest 1028920 0 joepeck 2014-08-13 15:09:34 -0700 * SUMMARY Opening Web Inspector causes a large amount of "deny file-issue-extension" sandbox violations: > com.apple.WebKit(93849) deny file-issue-extension /System/Library/PrivateFrameworks/WebInspectorUI.framework/Versions/A/Resources/Main.html > com.apple.WebKit(93849) deny file-issue-extension /System/Library/PrivateFrameworks/WebInspectorUI.framework/Versions/A/Resources/CodeMirror.css > com.apple.WebKit(93849) deny file-issue-extension /System/Library/PrivateFrameworks/WebInspectorUI.framework/Versions/A/Resources/Main.css > ... * NOTES This doesn't happen with local builds which does not use /S/L/PF/WebInspectorUI.framework but instead your own built WebInspectorUI.framework. <rdar://problem/17998706> 1028921 1 236555 joepeck 2014-08-13 15:13:05 -0700 Created attachment 236555 [PATCH] Proposed Fix 1028924 2 236555 timothy 2014-08-13 15:17:03 -0700 Comment on attachment 236555 [PATCH] Proposed Fix View in context: https://bugs.webkit.org/attachment.cgi?id=236555&action=review > Source/WebKit2/WebProcess/com.apple.WebProcess.sb.in:97 > +(allow-read-directory-and-issue-read-extensions "/System/Library/PrivateFrameworks/WebInspectorUI.framework") Do we also need to add /System/Library/StagedFrameworks/Safari/WebInspectorUI.framework? 1028925 3 ap 2014-08-13 15:20:41 -0700 r=me as well. We shouldn't need StagedFrameworks, because WebInspectorUI.framework ends up being in the same directory as WebKit.framework, and thus the existing rule does the trick: (allow-read-directory-and-issue-read-extensions (param "WEBKIT2_FRAMEWORK_DIR")) 1028930 4 236555 commit-queue 2014-08-13 15:31:03 -0700 Comment on attachment 236555 [PATCH] Proposed Fix Clearing flags on attachment: 236555 Committed r172539: <http://trac.webkit.org/changeset/172539> 1028932 5 commit-queue 2014-08-13 15:31:06 -0700 All reviewed patches have been landed. Closing bug. 236555 2014-08-13 15:13:05 -0700 2014-08-13 15:31:03 -0700 [PATCH] Proposed Fix sandbox.patch text/plain 1568 joepeck ZGlmZiAtLWdpdCBhL1NvdXJjZS9XZWJLaXQyL0NoYW5nZUxvZyBiL1NvdXJjZS9XZWJLaXQyL0No YW5nZUxvZwppbmRleCA0MjVhMzdlLi5iYTNmOGE3IDEwMDY0NAotLS0gYS9Tb3VyY2UvV2ViS2l0 Mi9DaGFuZ2VMb2cKKysrIGIvU291cmNlL1dlYktpdDIvQ2hhbmdlTG9nCkBAIC0xLDMgKzEsMTUg QEAKKzIwMTQtMDgtMTMgIEpvc2VwaCBQZWNvcmFybyAgPHBlY29yYXJvQGFwcGxlLmNvbT4KKwor ICAgICAgICBPcGVuaW5nIFdlYiBJbnNwZWN0b3IgY2F1c2VzIGEgbGFyZ2UgYW1vdW50IG9mIHNh bmRib3ggdmlvbGF0aW9ucworICAgICAgICBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1 Zy5jZ2k/aWQ9MTM1OTA4CisKKyAgICAgICAgUmV2aWV3ZWQgYnkgTk9CT0RZIChPT1BTISkuCisK KyAgICAgICAgKiBXZWJQcm9jZXNzL2NvbS5hcHBsZS5XZWJQcm9jZXNzLnNiLmluOgorICAgICAg ICBQZXJtaXQgdGhlIFdlYkNvbnRlbnQgcHJvY2VzcyB0byBjcmVhdGUgZmlsZSByZWFkIGV4dGVu c2lvbnMgZm9yIHRoZQorICAgICAgICBzeXN0ZW0gV2ViSW5zcGVjdG9yVUkuZnJhbWV3b3JrIHdo aWNoIHRoZSBOZXR3b3JrIHByb2Nlc3MgY2FuIGFscmVhZHkKKyAgICAgICAgcmVhZCBhbnl3YXlz LgorCiAyMDE0LTA4LTEyICBUaW0gSG9ydG9uICA8dGltb3RoeV9ob3J0b25AYXBwbGUuY29tPgog CiAgICAgICAgIERvbid0IHNob3cgdGhlIGNvbWJpbmVkIG1lbnUgaWYgdGhlcmUgYXJlIG5vIHNl cnZpY2VzIGF2YWlsYWJsZQpkaWZmIC0tZ2l0IGEvU291cmNlL1dlYktpdDIvV2ViUHJvY2Vzcy9j b20uYXBwbGUuV2ViUHJvY2Vzcy5zYi5pbiBiL1NvdXJjZS9XZWJLaXQyL1dlYlByb2Nlc3MvY29t LmFwcGxlLldlYlByb2Nlc3Muc2IuaW4KaW5kZXggOGNkODcxYy4uZmJhMWM1MCAxMDA2NDQKLS0t IGEvU291cmNlL1dlYktpdDIvV2ViUHJvY2Vzcy9jb20uYXBwbGUuV2ViUHJvY2Vzcy5zYi5pbgor KysgYi9Tb3VyY2UvV2ViS2l0Mi9XZWJQcm9jZXNzL2NvbS5hcHBsZS5XZWJQcm9jZXNzLnNiLmlu CkBAIC05Miw2ICs5MiwxMCBAQAogOzsgYW5kIHRvIGFsbG93IGlzc3VpbmcgZXh0ZW5zaW9ucy4K IChhbGxvdy1yZWFkLWRpcmVjdG9yeS1hbmQtaXNzdWUtcmVhZC1leHRlbnNpb25zIChwYXJhbSAi V0VCS0lUMl9GUkFNRVdPUktfRElSIikpCiAKKzs7IEFsbG93IGlzc3VpbmcgZXh0ZW5zaW9ucyB0 byBzeXN0ZW0gbGlicmFyaWVzIHRoYXQgdGhlIE5ldHdvcmsgcHJvY2VzcyBjYW4gYWxyZWFkeSBy ZWFkLgorOzsgVGhpcyBpcyB0byBhdm9pZCB3YXJuaW5ncyBhdHRlbXB0aW5nIHRvIGNyZWF0ZSBl eHRlbnNpb25zIGZvciB0aGVzZSByZXNvdXJjZXMuCisoYWxsb3ctcmVhZC1kaXJlY3RvcnktYW5k LWlzc3VlLXJlYWQtZXh0ZW5zaW9ucyAiL1N5c3RlbS9MaWJyYXJ5L1ByaXZhdGVGcmFtZXdvcmtz L1dlYkluc3BlY3RvclVJLmZyYW1ld29yayIpCisKIDs7IFNhbmRib3ggZXh0ZW5zaW9ucwogKGRl ZmluZSAoYXBwbHktcmVhZC1hbmQtaXNzdWUtZXh0ZW5zaW9uIG9wIHBhdGgtZmlsdGVyKQogICAg IChvcCBmaWxlLXJlYWQqIHBhdGgtZmlsdGVyKQo=