209938 2020-04-02 16:28:13 -0700 Remove unneeded sandbox access to some file paths 2021-02-15 19:23:10 -0800 1 1 1 Unclassified WebKit WebKit Misc. WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED https://bugs.webkit.org/show_bug.cgi?id=221946 InRadar P2 Normal --- 211408 1 bfulgham bfulgham bfulgham pvollan webkit-bug-importer oldest_to_newest 1637137 0 bfulgham 2020-04-02 16:28:13 -0700 The WebContent process sandbox has historically had access to variations of the /etc/passwd file. This access is not needed in the WebContent process, so we should remove it. 1637139 1 bfulgham 2020-04-02 16:28:36 -0700 <rdar://problem/59529620> 1637140 2 395320 bfulgham 2020-04-02 16:30:40 -0700 Created attachment 395320 Patch 1637332 3 395320 pvollan 2020-04-03 06:47:58 -0700 Comment on attachment 395320 Patch R=me. 1637439 4 ews-feeder 2020-04-03 10:43:26 -0700 Committed r259470: <https://trac.webkit.org/changeset/259470> All reviewed patches have been landed. Closing bug and clearing flags on attachment 395320. 1637543 5 bfulgham 2020-04-03 15:17:19 -0700 Follow-up build fix: Committed r259506: <https://trac.webkit.org/changeset/259506> 1640735 6 bfulgham 2020-04-12 13:24:28 -0700 Per Arne fixed iOS here: Committed r259590: <https://trac.webkit.org/changeset/259590> 395320 2020-04-02 16:30:40 -0700 2020-04-03 10:43:27 -0700 Patch bug-209938-20200402163039.patch text/plain 2574 bfulgham U3VidmVyc2lvbiBSZXZpc2lvbjogMjU5NDIxCmRpZmYgLS1naXQgYS9Tb3VyY2UvV2ViS2l0L0No YW5nZUxvZyBiL1NvdXJjZS9XZWJLaXQvQ2hhbmdlTG9nCmluZGV4IGFhZTY3ZTI5YWIwNWZkNmE4 M2IyMGIyMjRkZDBlYTQ3MTg1YWMyYWYuLjNhNDJmMjFjYWM0ZTYzYWI2OTg0N2EyMWQ1MmViY2Nh YzlmNzMwODIgMTAwNjQ0Ci0tLSBhL1NvdXJjZS9XZWJLaXQvQ2hhbmdlTG9nCisrKyBiL1NvdXJj ZS9XZWJLaXQvQ2hhbmdlTG9nCkBAIC0xLDMgKzEsMTggQEAKKzIwMjAtMDQtMDIgIEJyZW50IEZ1 bGdoYW0gIDxiZnVsZ2hhbUBhcHBsZS5jb20+CisKKyAgICAgICAgUmVtb3ZlIHVubmVlZGVkIHNh bmRib3ggYWNjZXNzIHRvIHNvbWUgZmlsZSBwYXRocworICAgICAgICBodHRwczovL2J1Z3Mud2Vi a2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9MjA5OTM4CisgICAgICAgIDxyZGFyOi8vcHJvYmxlbS81 OTUyOTYyMD4KKworICAgICAgICBSZXZpZXdlZCBieSBOT0JPRFkgKE9PUFMhKS4KKworICAgICAg ICBSZW1vdmUgdW5uZWNlc3NhcnkgYWNjZXNzIHRvIHNvbWUgbG9jYXRpb25zIGluIC9ldGMuIFRo ZXNlIG1heSBoYXZlIGJlZW4gbmVlZGVkIGluCisgICAgICAgIHRoZSBwYXN0LCBidXQgdGhlIFdl YkNvbnRlbnQgcHJvY2VzcyBubyBsb25nZXIgcmVxdWlyZXMgdGhpcyBhY2Nlc3MuIFdlIHNob3Vs ZAorICAgICAgICByZW1vdmUgaXQuCisKKyAgICAgICAgKiBSZXNvdXJjZXMvU2FuZGJveFByb2Zp bGVzL2lvcy9jb20uYXBwbGUuV2ViS2l0LldlYkNvbnRlbnQuc2I6CisgICAgICAgICogV2ViUHJv Y2Vzcy9jb20uYXBwbGUuV2ViUHJvY2Vzcy5zYi5pbjoKKwogMjAyMC0wNC0wMiAgRGF2aWQgS2ls emVyICA8ZGRraWx6ZXJAYXBwbGUuY29tPgogCiAgICAgICAgIFdlYlBhZ2VQcm94eSBhdHRhY2ht ZW50IG1ldGhvZHMgc2hvdWxkIHJldHVybiBlYXJseSBpZiBhdHRhY2htZW50IGVsZW1lbnQgaXMg bm90IGVuYWJsZWQKZGlmZiAtLWdpdCBhL1NvdXJjZS9XZWJLaXQvUmVzb3VyY2VzL1NhbmRib3hQ cm9maWxlcy9pb3MvY29tLmFwcGxlLldlYktpdC5XZWJDb250ZW50LnNiIGIvU291cmNlL1dlYktp dC9SZXNvdXJjZXMvU2FuZGJveFByb2ZpbGVzL2lvcy9jb20uYXBwbGUuV2ViS2l0LldlYkNvbnRl bnQuc2IKaW5kZXggZDc0ZTc3YTRiZDJhNmMyOTEzZjE3YzZlZTc2N2RmYzIzYzNhMTMyOC4uNDE3 ZDdlMjQ5ZmY3MTFhYmRiYWZjNTAwOGI5N2Q0ZWMwN2FjZDA5YSAxMDA2NDQKLS0tIGEvU291cmNl L1dlYktpdC9SZXNvdXJjZXMvU2FuZGJveFByb2ZpbGVzL2lvcy9jb20uYXBwbGUuV2ViS2l0Lldl YkNvbnRlbnQuc2IKKysrIGIvU291cmNlL1dlYktpdC9SZXNvdXJjZXMvU2FuZGJveFByb2ZpbGVz L2lvcy9jb20uYXBwbGUuV2ViS2l0LldlYkNvbnRlbnQuc2IKQEAgLTMyMCw3ICszMjAsNiBAQAog ICAobGl0ZXJhbCAiL3ByaXZhdGUvZXRjL2ZzdGFiIgogICAgICAgICAgICAiL3ByaXZhdGUvZXRj L2hvc3RzIgogICAgICAgICAgICAiL3ByaXZhdGUvZXRjL2dyb3VwIgotICAgICAgICAgICAiL3By aXZhdGUvZXRjL3Bhc3N3ZCIKICAgICAgICAgICAgIi9wcml2YXRlL2V0Yy9wcm90b2NvbHMiCiAg ICAgICAgICAgICIvcHJpdmF0ZS9ldGMvc2VydmljZXMiKSkKIApAQCAtNTE1LDYgKzUxNCw5IEBA CiAgICAgcmVxdWlyZWQtZXRjLWZpbGVzCiAgICAgKGxpdGVyYWwgIi8iKSkKIAorKGRlbnkgZmls ZSogKHdpdGggcmVwb3J0KQorICAgIChsaXRlcmFsICIvcHJpdmF0ZS9ldGMvcGFzc3dkIikpCisK IChhbGxvdyBmaWxlLXJlYWQqCiAgICAgICAgKHN1YnBhdGggIi9wcml2YXRlL3Zhci9Nb2JpbGVB c3NldC9QcmVpbnN0YWxsZWRBc3NldHNWMi9JbnN0YWxsV2l0aE9zIikpCiAKZGlmZiAtLWdpdCBh L1NvdXJjZS9XZWJLaXQvV2ViUHJvY2Vzcy9jb20uYXBwbGUuV2ViUHJvY2Vzcy5zYi5pbiBiL1Nv dXJjZS9XZWJLaXQvV2ViUHJvY2Vzcy9jb20uYXBwbGUuV2ViUHJvY2Vzcy5zYi5pbgppbmRleCBj ZDc1YzVmMGU1MDliNjJhMDUyODYzMTllMzJmMWM0NmE3NjNhYjg1Li5iZjg2ZDUzZjViZWZmZTRm NDA4NDM5NTI5MWQ5MGE5ZDk0MDkwM2JjIDEwMDY0NAotLS0gYS9Tb3VyY2UvV2ViS2l0L1dlYlBy b2Nlc3MvY29tLmFwcGxlLldlYlByb2Nlc3Muc2IuaW4KKysrIGIvU291cmNlL1dlYktpdC9XZWJQ cm9jZXNzL2NvbS5hcHBsZS5XZWJQcm9jZXNzLnNiLmluCkBAIC03Miw3ICs3MiwxMyBAQAogKGFs bG93IGZpbGUtcmVhZCoKICAgICAobGl0ZXJhbCAiL2Rldi9hdXRvZnNfbm93YWl0IikKICAgICAo bGl0ZXJhbCAiL2Rldi9yYW5kb20iKQotICAgIChsaXRlcmFsICIvZGV2L3VyYW5kb20iKQorICAg IChsaXRlcmFsICIvZGV2L3VyYW5kb20iKSkKKworKGRlbnkgZmlsZS1yZWFkKgorI2lmIF9fTUFD X09TX1hfVkVSU0lPTl9NSU5fUkVRVUlSRUQgPj0gMTAxNTAwCisgICAgKHdpdGggdGVsZW1ldHJ5 LWJhY2t0cmFjZSkKKyAgICAod2l0aCByZXBvcnQpCisjZW5kaWYKICAgICAobGl0ZXJhbCAiL3By aXZhdGUvZXRjL21hc3Rlci5wYXNzd2QiKQogICAgIChsaXRlcmFsICIvcHJpdmF0ZS9ldGMvcGFz c3dkIikpCiAK