231079 2021-10-01 07:40:07 -0700 Block access in sandbox to capability which is allowed by default 2021-10-12 02:46:19 -0700 1 1 1 Unclassified WebKit WebKit Misc. WebKit Nightly Build Unspecified Unspecified REOPENED InRadar P2 Normal --- 231567 1 pvollan pvollan bfulgham commit-queue gavin.p mazander webkit-bug-importer oldest_to_newest 1799295 0 pvollan 2021-10-01 07:40:07 -0700 Some capabilities are allowed by default, and needs to be explicitly denied in the sandbox. 1799296 1 pvollan 2021-10-01 07:40:54 -0700 <rdar://66586853> 1799298 2 439859 pvollan 2021-10-01 07:42:52 -0700 Created attachment 439859 Patch 1799337 3 439859 bfulgham 2021-10-01 09:23:18 -0700 Comment on attachment 439859 Patch r=me 1802569 4 pvollan 2021-10-11 03:40:49 -0700 (In reply to Brent Fulgham from comment #3) > Comment on attachment 439859 [details] > Patch > > r=me I have tested this change locally, and it does not appear to introduce a regression related to JIT code generation. Thanks for reviewing! 1802570 5 440772 pvollan 2021-10-11 03:45:54 -0700 Created attachment 440772 Patch 1802576 6 ews-feeder 2021-10-11 04:50:32 -0700 Committed r283890 (242767@main): <https://commits.webkit.org/242767@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 440772. 1803048 7 commit-queue 2021-10-12 02:46:19 -0700 Re-opened since this is blocked by bug 231567 439859 2021-10-01 07:42:52 -0700 2021-10-01 09:23:18 -0700 Patch bug-231079-20211001164248.patch text/plain 1689 pvollan SW5kZXg6IFNvdXJjZS9XZWJLaXQvQ2hhbmdlTG9nCj09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIFNvdXJjZS9XZWJL aXQvQ2hhbmdlTG9nCShyZXZpc2lvbiAyODMzNjYpCisrKyBTb3VyY2UvV2ViS2l0L0NoYW5nZUxv Zwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDE2IEBACisyMDIxLTEwLTAxICBQZXIgQXJuZSAg PHB2b2xsYW5AYXBwbGUuY29tPgorCisgICAgICAgIEJsb2NrIGFjY2VzcyBpbiBzYW5kYm94IHRv IGNhcGFiaWxpdHkgd2hpY2ggaXMgYWxsb3dlZCBieSBkZWZhdWx0CisgICAgICAgIGh0dHBzOi8v YnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD0yMzEwNzkKKyAgICAgICAgPHJkYXI6Ly82 NjU4Njg1Mz4KKworICAgICAgICBSZXZpZXdlZCBieSBOT0JPRFkgKE9PUFMhKS4KKworICAgICAg ICBTb21lIGNhcGFiaWxpdGllcyBhcmUgYWxsb3dlZCBieSBkZWZhdWx0LCBhbmQgbmVlZHMgdG8g YmUgZXhwbGljaXRseSBkZW5pZWQgaW4gdGhlIHNhbmRib3guCisKKyAgICAgICAgKiBSZXNvdXJj ZXMvU2FuZGJveFByb2ZpbGVzL2lvcy9jb20uYXBwbGUuV2ViS2l0LldlYkNvbnRlbnQuc2IuaW46 CisgICAgICAgICogV2ViUHJvY2Vzcy9jb20uYXBwbGUuV2ViUHJvY2Vzcy5zYi5pbjoKKwogMjAy MS0xMC0wMSAgQ2FybG9zIEdhcmNpYSBDYW1wb3MgIDxjZ2FyY2lhQGlnYWxpYS5jb20+CiAKICAg ICAgICAgW0dUS11bYTExeV0gQWRkIGluaXRpYWwgaW1wbGVtZW50YXRpb24gb2YgYWNjZXNzaWJs ZSBpbnRlcmZhY2Ugd2hlbiBidWlsZGluZyB3aXRoIEFUU1BJCkluZGV4OiBTb3VyY2UvV2ViS2l0 L1Jlc291cmNlcy9TYW5kYm94UHJvZmlsZXMvaW9zL2NvbS5hcHBsZS5XZWJLaXQuV2ViQ29udGVu dC5zYi5pbgo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2UvV2ViS2l0L1Jlc291cmNlcy9TYW5kYm94UHJv ZmlsZXMvaW9zL2NvbS5hcHBsZS5XZWJLaXQuV2ViQ29udGVudC5zYi5pbgkocmV2aXNpb24gMjgz MzYwKQorKysgU291cmNlL1dlYktpdC9SZXNvdXJjZXMvU2FuZGJveFByb2ZpbGVzL2lvcy9jb20u YXBwbGUuV2ViS2l0LldlYkNvbnRlbnQuc2IuaW4JKHdvcmtpbmcgY29weSkKQEAgLTE1NjUsMyAr MTU2NSw1IEBACiAod2hlbiAoZGVmaW5lZD8gJ2Rhcndpbi1ub3RpZmljYXRpb24tcG9zdCkKICAg ICAoYWxsb3cgZGFyd2luLW5vdGlmaWNhdGlvbi1wb3N0ICh3aXRoIHRlbGVtZXRyeSkpCiApCisK KyhkZW55IGR5bmFtaWMtY29kZS1nZW5lcmF0aW9uKQpJbmRleDogU291cmNlL1dlYktpdC9XZWJQ cm9jZXNzL2NvbS5hcHBsZS5XZWJQcm9jZXNzLnNiLmluCj09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIFNvdXJjZS9X ZWJLaXQvV2ViUHJvY2Vzcy9jb20uYXBwbGUuV2ViUHJvY2Vzcy5zYi5pbgkocmV2aXNpb24gMjgz MzYwKQorKysgU291cmNlL1dlYktpdC9XZWJQcm9jZXNzL2NvbS5hcHBsZS5XZWJQcm9jZXNzLnNi LmluCSh3b3JraW5nIGNvcHkpCkBAIC0yMzAwLDMgKzIzMDAsNSBAQAogICAgICkKICkKICNlbmRp ZgorCisoZGVueSBkeW5hbWljLWNvZGUtZ2VuZXJhdGlvbikK 440772 2021-10-11 03:45:54 -0700 2021-10-11 04:50:33 -0700 Patch bug-231079-20211011124552.patch text/plain 1659 pvollan SW5kZXg6IFNvdXJjZS9XZWJLaXQvQ2hhbmdlTG9nCj09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIFNvdXJjZS9XZWJL aXQvQ2hhbmdlTG9nCShyZXZpc2lvbiAyODM4ODcpCisrKyBTb3VyY2UvV2ViS2l0L0NoYW5nZUxv Zwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDE2IEBACisyMDIxLTEwLTExICBQZXIgQXJuZSBW b2xsYW4gPHB2b2xsYW5AYXBwbGUuY29tPgorCisgICAgICAgIEJsb2NrIGFjY2VzcyBpbiBzYW5k Ym94IHRvIGNhcGFiaWxpdHkgd2hpY2ggaXMgYWxsb3dlZCBieSBkZWZhdWx0CisgICAgICAgIGh0 dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD0yMzEwNzkKKyAgICAgICAgPHJk YXI6Ly82NjU4Njg1Mz4KKworICAgICAgICBSZXZpZXdlZCBieSBCcmVudCBGdWxnaGFtLgorCisg ICAgICAgIFNvbWUgY2FwYWJpbGl0aWVzIGFyZSBhbGxvd2VkIGJ5IGRlZmF1bHQsIGFuZCBuZWVk cyB0byBiZSBleHBsaWNpdGx5IGRlbmllZCBpbiB0aGUgc2FuZGJveC4KKworICAgICAgICAqIFJl c291cmNlcy9TYW5kYm94UHJvZmlsZXMvaW9zL2NvbS5hcHBsZS5XZWJLaXQuV2ViQ29udGVudC5z Yi5pbjoKKyAgICAgICAgKiBXZWJQcm9jZXNzL2NvbS5hcHBsZS5XZWJQcm9jZXNzLnNiLmluOgor CiAyMDIxLTEwLTExICBQZXIgQXJuZSBWb2xsYW4gPHB2b2xsYW5AYXBwbGUuY29tPgogCiAgICAg ICAgIFtpT1NdIEFkZCBtZXNzYWdlIGZpbHRlciBpbiB0aGUgV2ViQ29udGVudCBwcm9jZXNzJyBz YW5kYm94CkluZGV4OiBTb3VyY2UvV2ViS2l0L1Jlc291cmNlcy9TYW5kYm94UHJvZmlsZXMvaW9z L2NvbS5hcHBsZS5XZWJLaXQuV2ViQ29udGVudC5zYi5pbgo9PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2Uv V2ViS2l0L1Jlc291cmNlcy9TYW5kYm94UHJvZmlsZXMvaW9zL2NvbS5hcHBsZS5XZWJLaXQuV2Vi Q29udGVudC5zYi5pbgkocmV2aXNpb24gMjgzODg3KQorKysgU291cmNlL1dlYktpdC9SZXNvdXJj ZXMvU2FuZGJveFByb2ZpbGVzL2lvcy9jb20uYXBwbGUuV2ViS2l0LldlYkNvbnRlbnQuc2IuaW4J KHdvcmtpbmcgY29weSkKQEAgLTE1NzQsMyArMTU3NCw1IEBACiAod2hlbiAoZGVmaW5lZD8gJ2Rh cndpbi1ub3RpZmljYXRpb24tcG9zdCkKICAgICAoYWxsb3cgZGFyd2luLW5vdGlmaWNhdGlvbi1w b3N0ICh3aXRoIHRlbGVtZXRyeSkpCiApCisKKyhkZW55IGR5bmFtaWMtY29kZS1nZW5lcmF0aW9u KQpJbmRleDogU291cmNlL1dlYktpdC9XZWJQcm9jZXNzL2NvbS5hcHBsZS5XZWJQcm9jZXNzLnNi LmluCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT0KLS0tIFNvdXJjZS9XZWJLaXQvV2ViUHJvY2Vzcy9jb20uYXBwbGUuV2Vi UHJvY2Vzcy5zYi5pbgkocmV2aXNpb24gMjgzODg3KQorKysgU291cmNlL1dlYktpdC9XZWJQcm9j ZXNzL2NvbS5hcHBsZS5XZWJQcm9jZXNzLnNiLmluCSh3b3JraW5nIGNvcHkpCkBAIC0yMjg5LDMg KzIyODksNSBAQAogICAgICkKICkKICNlbmRpZgorCisoZGVueSBkeW5hbWljLWNvZGUtZ2VuZXJh dGlvbikK