226051 2021-05-20 16:28:28 -0700 [iOS] Remove com.apple.QuartzCore.secure-mode entitlement from WebContent and GPUProcess 2021-05-20 16:46:10 -0700 1 1 1 Unclassified WebKit WebKit Misc. WebKit Nightly Build Unspecified Unspecified RESOLVED INVALID InRadar P2 Normal --- 1 bfulgham bfulgham oldest_to_newest 1762201 0 bfulgham 2021-05-20 16:28:28 -0700 We currently entitle the WebContent and GPUProcess with 'com.apple.QuartzCore.secure-mode'. We sandbox away the various features that should be possible with this entitlement, and clearly do not need it. We should also remove the entitlement. 1762202 1 bfulgham 2021-05-20 16:28:47 -0700 <rdar://problem/77179328> 1762204 2 429239 bfulgham 2021-05-20 16:34:25 -0700 Created attachment 429239 Patch 1762209 3 bfulgham 2021-05-20 16:45:55 -0700 Oops! This entitlement actually is still needed to draw while a phone screen is locked, so we need to keep it. 429239 2021-05-20 16:34:25 -0700 2021-05-20 16:46:10 -0700 Patch bug-226051-20210520163424.patch text/plain 2207 bfulgham U3VidmVyc2lvbiBSZXZpc2lvbjogMjc3ODM1CmRpZmYgLS1naXQgYS9Tb3VyY2UvV2ViS2l0L0No YW5nZUxvZyBiL1NvdXJjZS9XZWJLaXQvQ2hhbmdlTG9nCmluZGV4IDI3Nzk5OTExMmM3NWQyNTQ5 YjZjYTM1YTU4YzA1ODUyZDFkNTY1Y2IuLjUzNjEwYjU3NTMxN2Y2OTMwZWNmZDU4NmZjOWQzZDA2 NWI4M2VkNGYgMTAwNjQ0Ci0tLSBhL1NvdXJjZS9XZWJLaXQvQ2hhbmdlTG9nCisrKyBiL1NvdXJj ZS9XZWJLaXQvQ2hhbmdlTG9nCkBAIC0xLDMgKzEsMTcgQEAKKzIwMjEtMDUtMjAgIEJyZW50IEZ1 bGdoYW0gIDxiZnVsZ2hhbUBhcHBsZS5jb20+CisKKyAgICAgICAgW2lPU10gUmVtb3ZlIGNvbS5h cHBsZS5RdWFydHpDb3JlLnNlY3VyZS1tb2RlIGVudGl0bGVtZW50IGZyb20gV2ViQ29udGVudCBh bmQgR1BVUHJvY2VzcworICAgICAgICBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5j Z2k/aWQ9MjI2MDUxCisgICAgICAgIDxyZGFyOi8vcHJvYmxlbS83NzE3OTMyOD4KKworICAgICAg ICBSZXZpZXdlZCBieSBOT0JPRFkgKE9PUFMhKS4KKworICAgICAgICBXZSBjdXJyZW50bHkgZW50 aXRsZSB0aGUgV2ViQ29udGVudCBhbmQgR1BVUHJvY2VzcyB3aXRoICdjb20uYXBwbGUuUXVhcnR6 Q29yZS5zZWN1cmUtbW9kZScuIFdlIHNhbmRib3ggYXdheSB0aGUgdmFyaW91cyBmZWF0dXJlcwor ICAgICAgICB0aGF0IHRoaXMgZW50aXRsZW1lbnQgYWxsb3dzLCBhbmQgZG8gbm90IG5lZWQgKG9y IHdhbnQpIGl0LiBXZSBzaG91bGQgcmVtb3ZlIHRoZSBlbnRpdGxlbWVudCBzbyB0aGF0IHdlIGRv IG5vdCBmb3JnZXQgdG8gc2FuZGJveAorICAgICAgICBmdXR1cmUgZmVhdHVyZXMgZW5hYmxlZCBi eSB0aGlzIGVudGl0bGVtZW50LgorCisgICAgICAgICogU2NyaXB0cy9wcm9jZXNzLWVudGl0bGVt ZW50cy5zaDoKKwogMjAyMS0wNS0yMCAgRXJpYyBDYXJsc29uICA8ZXJpYy5jYXJsc29uQGFwcGxl LmNvbT4KIAogICAgICAgICBBbGxvdyBHUFUgcHJvY2VzcyBsb2cgY2hhbm5lbHMgdG8gYmUgY29u ZmlndXJlZApkaWZmIC0tZ2l0IGEvU291cmNlL1dlYktpdC9TY3JpcHRzL3Byb2Nlc3MtZW50aXRs ZW1lbnRzLnNoIGIvU291cmNlL1dlYktpdC9TY3JpcHRzL3Byb2Nlc3MtZW50aXRsZW1lbnRzLnNo CmluZGV4IGY0MzYzOWUwZjY4NGMyNzZkNmZkYzYyNmM5Y2VlZDgzNjczZmZmY2UuLmM0ZmFmMWQ3 YWU4YmI4OGUxNzJjYTEwOWZiMmJiYjMzYmNiMWIxNzMgMTAwNzU1Ci0tLSBhL1NvdXJjZS9XZWJL aXQvU2NyaXB0cy9wcm9jZXNzLWVudGl0bGVtZW50cy5zaAorKysgYi9Tb3VyY2UvV2ViS2l0L1Nj cmlwdHMvcHJvY2Vzcy1lbnRpdGxlbWVudHMuc2gKQEAgLTIxMCw3ICsyMTAsNiBAQCBmdW5jdGlv biBtYWNjYXRhbHlzdF9wcm9jZXNzX3BsdWdpbl9lbnRpdGxlbWVudHMoKQogCiBmdW5jdGlvbiBp b3NfZmFtaWx5X3Byb2Nlc3Nfd2ViY29udGVudF9lbnRpdGxlbWVudHMoKQogewotICAgIHBsaXN0 YnVkZHkgQWRkIDpjb20uYXBwbGUuUXVhcnR6Q29yZS5zZWN1cmUtbW9kZSBib29sIFlFUwogICAg IHBsaXN0YnVkZHkgQWRkIDpjb20uYXBwbGUuUXVhcnR6Q29yZS53ZWJraXQtZW5kLXBvaW50cyBi b29sIFlFUwogICAgIHBsaXN0YnVkZHkgYWRkIDpjb20uYXBwbGUuUXVhcnR6Q29yZS53ZWJraXQt bGltaXRlZC10eXBlcyBib29sIFlFUwogICAgIHBsaXN0YnVkZHkgQWRkIDpjb20uYXBwbGUuZGV2 ZWxvcGVyLmNvcmVtZWRpYS5hbGxvdy1hbHRlcm5hdGUtdmlkZW8tZGVjb2Rlci1zZWxlY3Rpb24g Ym9vbCBZRVMKQEAgLTI0MCw3ICsyMzksNiBAQCBmdW5jdGlvbiBpb3NfZmFtaWx5X3Byb2Nlc3Nf d2ViY29udGVudF9lbnRpdGxlbWVudHMoKQogCiBmdW5jdGlvbiBpb3NfZmFtaWx5X3Byb2Nlc3Nf Z3B1X2VudGl0bGVtZW50cygpCiB7Ci0gICAgcGxpc3RidWRkeSBBZGQgOmNvbS5hcHBsZS5RdWFy dHpDb3JlLnNlY3VyZS1tb2RlIGJvb2wgWUVTCiAgICAgcGxpc3RidWRkeSBBZGQgOmNvbS5hcHBs ZS5RdWFydHpDb3JlLndlYmtpdC1lbmQtcG9pbnRzIGJvb2wgWUVTCiAgICAgcGxpc3RidWRkeSBh ZGQgOmNvbS5hcHBsZS5RdWFydHpDb3JlLndlYmtpdC1saW1pdGVkLXR5cGVzIGJvb2wgWUVTCiAg ICAgcGxpc3RidWRkeSBBZGQgOmNvbS5hcHBsZS5kZXZlbG9wZXIuY29yZW1lZGlhLmFsbG93LWFs dGVybmF0ZS12aWRlby1kZWNvZGVyLXNlbGVjdGlvbiBib29sIFlFUwo=