181995 2018-01-23 11:03:06 -0800 [macOS] WebProcess needs TCC entitlements for media capture 2018-05-09 14:40:09 -0700 1 1 1 Unclassified WebKit WebKit2 WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 1 bfulgham bfulgham bfulgham eric.carlson mitz webkit-bug-importer oldest_to_newest 1392131 0 bfulgham 2018-01-23 11:03:06 -0800 Now that TCC controls access to camera and microphone on macOS, the web process needs to have the following entitlements for our dynamic sandbox extension to work: com.apple.tcc.delegated-services kTCCServiceCamera kTCCServiceMicrophone 1392133 1 bfulgham 2018-01-23 11:03:35 -0800 <rdar://problem/36674649> 1392134 2 332041 bfulgham 2018-01-23 11:04:32 -0800 Created attachment 332041 Patch 1392214 3 bfulgham 2018-01-23 12:50:52 -0800 Committed r227436: <https://trac.webkit.org/changeset/227436> 1403135 4 332041 mitz 2018-03-01 21:42:37 -0800 Comment on attachment 332041 Patch WebContent-OSX.entitlements is only used when the Web Content services needs the domain extension entitlement, which is only when it is relocatable (such as in Safari Technology Preview). Was this patch intended to grant the service this entitlement also when it’s installed as part of macOS or a Safari update? 1403242 5 bfulgham 2018-03-02 09:03:50 -0800 (In reply to mitz from comment #4) > Comment on attachment 332041 [details] > Patch > > WebContent-OSX.entitlements is only used when the Web Content services needs > the domain extension entitlement, which is only when it is relocatable (such > as in Safari Technology Preview). Was this patch intended to grant the > service this entitlement also when it’s installed as part of macOS or a > Safari update? Yes! Where do those entitlements live? 1422493 6 bfulgham 2018-05-09 14:40:09 -0700 Dan answered this question in comment 5 in bug 184485. 332041 2018-01-23 11:04:32 -0800 2018-01-23 12:16:49 -0800 Patch bug-181995-20180123110431.patch text/plain 1354 bfulgham SW5kZXg6IFNvdXJjZS9XZWJLaXQvQ2hhbmdlTG9nCj09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIFNvdXJjZS9XZWJL aXQvQ2hhbmdlTG9nCShyZXZpc2lvbiAyMjc0MjQpCisrKyBTb3VyY2UvV2ViS2l0L0NoYW5nZUxv Zwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDE0IEBACisyMDE4LTAxLTIzICBCcmVudCBGdWxn aGFtICA8YmZ1bGdoYW1AYXBwbGUuY29tPgorCisgICAgICAgIFttYWNPU10gV2ViUHJvY2VzcyBu ZWVkcyBUQ0MgZW50aXRsZW1lbnRzIGZvciBtZWRpYSBjYXB0dXJlCisgICAgICAgIGh0dHBzOi8v YnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD0xODE5OTUKKyAgICAgICAgPHJkYXI6Ly9w cm9ibGVtLzM2Njc0NjQ5PgorCisgICAgICAgIFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgor CisgICAgICAgICogQ29uZmlndXJhdGlvbnMvV2ViQ29udGVudC1PU1guZW50aXRsZW1lbnRzOiBB ZGQgZGVsZWdhdGVkIHNlcnZpY2VzIG5lZWRlZCB0byBzdXBwb3J0IG1lZGlhCisgICAgICAgIGNh cHR1cmUgZmVhdHVyZXMuCisKIDIwMTgtMDEtMjMgIENvbW1pdCBRdWV1ZSAgPGNvbW1pdC1xdWV1 ZUB3ZWJraXQub3JnPgogCiAgICAgICAgIFVucmV2aWV3ZWQsIHJvbGxpbmcgb3V0IHIyMjcyNzkg YW5kIHIyMjczNzMuCkluZGV4OiBTb3VyY2UvV2ViS2l0L0NvbmZpZ3VyYXRpb25zL1dlYkNvbnRl bnQtT1NYLmVudGl0bGVtZW50cwo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2UvV2ViS2l0L0NvbmZpZ3Vy YXRpb25zL1dlYkNvbnRlbnQtT1NYLmVudGl0bGVtZW50cwkocmV2aXNpb24gMjI3NDE0KQorKysg U291cmNlL1dlYktpdC9Db25maWd1cmF0aW9ucy9XZWJDb250ZW50LU9TWC5lbnRpdGxlbWVudHMJ KHdvcmtpbmcgY29weSkKQEAgLTIsNiArMiwxMSBAQAogPCFET0NUWVBFIHBsaXN0IFBVQkxJQyAi LS8vQXBwbGUvL0RURCBQTElTVCAxLjAvL0VOIiAiaHR0cDovL3d3dy5hcHBsZS5jb20vRFREcy9Q cm9wZXJ0eUxpc3QtMS4wLmR0ZCI+CiA8cGxpc3QgdmVyc2lvbj0iMS4wIj4KIDxkaWN0PgorCTxr ZXk+Y29tLmFwcGxlLnRjYy5kZWxlZ2F0ZWQtc2VydmljZXM8L2tleT4KKwk8YXJyYXk+CisJCTxz dHJpbmc+a1RDQ1NlcnZpY2VDYW1lcmE8L3N0cmluZz4KKwkJPHN0cmluZz5rVENDU2VydmljZU1p Y3JvcGhvbmU8L3N0cmluZz4KKwk8L2FycmF5PgogCTxrZXk+Y29tLmFwcGxlLnByaXZhdGUueHBj LmRvbWFpbi1leHRlbnNpb248L2tleT4KIAk8dHJ1ZS8+CiA8L2RpY3Q+Cg==