237580 2022-03-07 21:06:32 -0800 Expand adattributiond sandbox to prevent sandbox exceptions during main functionality 2022-03-08 09:16:45 -0800 1 1 1 Unclassified WebKit New Bugs WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 1 achristensen achristensen pvollan webkit-bug-importer oldest_to_newest 1849097 0 achristensen 2022-03-07 21:06:32 -0800 Expand adattributiond sandbox to prevent sandbox exceptions during main functionality 1849098 1 454070 achristensen 2022-03-07 21:07:20 -0800 Created attachment 454070 Patch 1849099 2 achristensen 2022-03-07 21:07:24 -0800 <rdar://problem/89855243> 1849259 3 454070 pvollan 2022-03-08 07:31:31 -0800 Comment on attachment 454070 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=454070&action=review R=me. > Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.adattributiond.sb:125 > + "com.apple.containermanagerd" I don't think this is strictly needed. Can you do without it? 1849293 4 454070 achristensen 2022-03-08 09:00:18 -0800 Comment on attachment 454070 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=454070&action=review >> Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.adattributiond.sb:125 >> + "com.apple.containermanagerd" > > I don't think this is strictly needed. Can you do without it? Maybe, but there were sandbox violations without it and all our other processes have it. I'm going to add it for now and we can consider removing it in the future with the others. 1849308 5 ews-feeder 2022-03-08 09:16:42 -0800 Committed r290996 (248174@main): <https://commits.webkit.org/248174@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 454070. 454070 2022-03-07 21:07:20 -0800 2022-03-08 09:16:44 -0800 Patch bug-237580-20220307210719.patch text/plain 5591 achristensen U3VidmVyc2lvbiBSZXZpc2lvbjogMjkwOTcyCmRpZmYgLS1naXQgYS9Tb3VyY2UvV2ViS2l0L0No YW5nZUxvZyBiL1NvdXJjZS9XZWJLaXQvQ2hhbmdlTG9nCmluZGV4IDE2NjZlMDExOTdhYWY2YzZm MjRhMGFkYzQ3ODg1MWE0NTU2NTQyMGIuLjRlNjM5YzZkOGYyY2EwNTBhN2ZmM2RhOGY0OTY1ZTc1 NDk5OTljM2IgMTAwNjQ0Ci0tLSBhL1NvdXJjZS9XZWJLaXQvQ2hhbmdlTG9nCisrKyBiL1NvdXJj ZS9XZWJLaXQvQ2hhbmdlTG9nCkBAIC0xLDMgKzEsMTMgQEAKKzIwMjItMDMtMDcgIEFsZXggQ2hy aXN0ZW5zZW4gIDxhY2hyaXN0ZW5zZW5Ad2Via2l0Lm9yZz4KKworICAgICAgICBFeHBhbmQgYWRh dHRyaWJ1dGlvbmQgc2FuZGJveCB0byBwcmV2ZW50IHNhbmRib3ggZXhjZXB0aW9ucyBkdXJpbmcg bWFpbiBmdW5jdGlvbmFsaXR5CisgICAgICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3df YnVnLmNnaT9pZD0yMzc1ODAKKyAgICAgICAgPHJkYXI6Ly84OTg1NTI0Mz4KKworICAgICAgICBS ZXZpZXdlZCBieSBOT0JPRFkgKE9PUFMhKS4KKworICAgICAgICAqIFJlc291cmNlcy9TYW5kYm94 UHJvZmlsZXMvaW9zL2NvbS5hcHBsZS5XZWJLaXQuYWRhdHRyaWJ1dGlvbmQuc2I6CisKIDIwMjIt MDMtMDcgIEJyZW50IEZ1bGdoYW0gIDxiZnVsZ2hhbUBhcHBsZS5jb20+CiAKICAgICAgICAgUmVt b3ZlIHJlbW5hbnRzIG9mIFdlYktpdC5QbHVnaW4uNjQueHBjIHNlcnZpY2UKZGlmZiAtLWdpdCBh L1NvdXJjZS9XZWJLaXQvUmVzb3VyY2VzL1NhbmRib3hQcm9maWxlcy9pb3MvY29tLmFwcGxlLldl YktpdC5hZGF0dHJpYnV0aW9uZC5zYiBiL1NvdXJjZS9XZWJLaXQvUmVzb3VyY2VzL1NhbmRib3hQ cm9maWxlcy9pb3MvY29tLmFwcGxlLldlYktpdC5hZGF0dHJpYnV0aW9uZC5zYgppbmRleCBlY2Nh MDA5MTlhZGI4ZDhhNDczZTQ5YWZiZjJjZDI0YWY5MTlhZjQ3Li5mZjNhZTFhOGE0Y2IyMjVmYTVj OTk2NzRkNjI0YTA4Y2E1ZTMyZWVhIDEwMDY0NAotLS0gYS9Tb3VyY2UvV2ViS2l0L1Jlc291cmNl cy9TYW5kYm94UHJvZmlsZXMvaW9zL2NvbS5hcHBsZS5XZWJLaXQuYWRhdHRyaWJ1dGlvbmQuc2IK KysrIGIvU291cmNlL1dlYktpdC9SZXNvdXJjZXMvU2FuZGJveFByb2ZpbGVzL2lvcy9jb20uYXBw bGUuV2ViS2l0LmFkYXR0cmlidXRpb25kLnNiCkBAIC00NSwzMyArNDUsMzcgQEAKIAogKGRlZmlu ZSAoc3lzdGVtLW5ldHdvcmspCiAgICAgKGFsbG93IGZpbGUtcmVhZCoKLSAgICAgICAgIChsaXRl cmFsICIvTGlicmFyeS9QcmVmZXJlbmNlcy9jb20uYXBwbGUubmV0d29ya2QucGxpc3QiKQotICAg ICAgICAgKGxpdGVyYWwgIi9wcml2YXRlL3Zhci9kYi9uc3VybHN0b3JhZ2VkL2RhZnNhRGF0YS5i aW4iKSkKKyAgICAgICAgKGxpdGVyYWwgIi9MaWJyYXJ5L1ByZWZlcmVuY2VzL2NvbS5hcHBsZS5u ZXR3b3JrZC5wbGlzdCIpCisgICAgICAgIChsaXRlcmFsICIvcHJpdmF0ZS92YXIvZGIvbnN1cmxz dG9yYWdlZC9kYWZzYURhdGEuYmluIikpCiAgICAgKGRlbnkgbWFjaC1sb29rdXAgKHdpdGggdGVs ZW1ldHJ5KQotICAgICAgICAgKGdsb2JhbC1uYW1lICJjb20uYXBwbGUuU3lzdGVtQ29uZmlndXJh dGlvbi5QUFBDb250cm9sbGVyIikKLSAgICAgICAgIChnbG9iYWwtbmFtZSAiY29tLmFwcGxlLlN5 c3RlbUNvbmZpZ3VyYXRpb24uU0NOZXR3b3JrUmVhY2hhYmlsaXR5IikKLSAgICAgICAgIChnbG9i YWwtbmFtZSAiY29tLmFwcGxlLm5ldHdvcmtkIikKLSAgICAgICAgIChnbG9iYWwtbmFtZSAiY29t LmFwcGxlLm5zdXJsc3RvcmFnZS1jYWNoZSIpCi0gICAgICAgICAoZ2xvYmFsLW5hbWUgImNvbS5h cHBsZS5zeW1wdG9tc2QiKSkKKyAgICAgICAgKGdsb2JhbC1uYW1lICJjb20uYXBwbGUuU3lzdGVt Q29uZmlndXJhdGlvbi5QUFBDb250cm9sbGVyIikKKyAgICAgICAgKGdsb2JhbC1uYW1lICJjb20u YXBwbGUuU3lzdGVtQ29uZmlndXJhdGlvbi5TQ05ldHdvcmtSZWFjaGFiaWxpdHkiKQorICAgICAg ICAoZ2xvYmFsLW5hbWUgImNvbS5hcHBsZS5uZXR3b3JrZCIpCisgICAgICAgIChnbG9iYWwtbmFt ZSAiY29tLmFwcGxlLm5zdXJsc3RvcmFnZS1jYWNoZSIpCisgICAgICAgIChnbG9iYWwtbmFtZSAi Y29tLmFwcGxlLnN5bXB0b21zZCIpKQogICAgIChhbGxvdyBtYWNoLWxvb2t1cAotICAgICAgICAg KGdsb2JhbC1uYW1lICJjb20uYXBwbGUuZG5zc2Quc2VydmljZSIpCi0gICAgICAgICAoZ2xvYmFs LW5hbWUgImNvbS5hcHBsZS5uZWhlbHBlciIpCi0gICAgICAgICAoZ2xvYmFsLW5hbWUgImNvbS5h cHBsZS5uZXNlc3Npb25tYW5hZ2VyIikKLSAgICAgICAgIChnbG9iYWwtbmFtZSAiY29tLmFwcGxl LnVzeW1wdG9tc2QiKSkKKyAgICAgICAgKGdsb2JhbC1uYW1lICJjb20uYXBwbGUudHJ1c3RkIikK KyAgICAgICAgKGdsb2JhbC1uYW1lICJjb20uYXBwbGUudHJ1c3RkLmFnZW50IikKKyAgICAgICAg KGdsb2JhbC1uYW1lICJjb20uYXBwbGUuc3lzdGVtLm5vdGlmaWNhdGlvbl9jZW50ZXIiKQorICAg ICAgICAoZ2xvYmFsLW5hbWUgImNvbS5hcHBsZS5sb2dkIikKKyAgICAgICAgKGdsb2JhbC1uYW1l ICJjb20uYXBwbGUuZG5zc2Quc2VydmljZSIpCisgICAgICAgIChnbG9iYWwtbmFtZSAiY29tLmFw cGxlLm5laGVscGVyIikKKyAgICAgICAgKGdsb2JhbC1uYW1lICJjb20uYXBwbGUubmVzZXNzaW9u bWFuYWdlciIpCisgICAgICAgIChnbG9iYWwtbmFtZSAiY29tLmFwcGxlLnVzeW1wdG9tc2QiKSkK ICAgICAoYWxsb3cgbmV0d29yay1vdXRib3VuZAotICAgICAgICAgKGNvbnRyb2wtbmFtZSAiY29t LmFwcGxlLm5ldHNyYyIpKQorICAgICAgICAoY29udHJvbC1uYW1lICJjb20uYXBwbGUubmV0c3Jj IikpCiAgICAgKGRlbnkgc3lzdGVtLXNvY2tldCAod2l0aCB0ZWxlbWV0cnkpCi0gICAgICAgICAg KHNvY2tldC1kb21haW4gQUZfUk9VVEUpKQorICAgICAgICAoc29ja2V0LWRvbWFpbiBBRl9ST1VU RSkpCiAgICAgKGFsbG93IHN5c3RlbS1zb2NrZXQKLSAgICAgICAgIChyZXF1aXJlLWFsbCAoc29j a2V0LWRvbWFpbiBBRl9TWVNURU0pCisgICAgICAgIChyZXF1aXJlLWFsbCAoc29ja2V0LWRvbWFp biBBRl9TWVNURU0pCiAgICAgICAgICAgICAgICAgICAgICAgKHNvY2tldC1wcm90b2NvbCAyKSkp IDsgU1lTUFJPVE9fQ09OVFJPTAogICAgIChhbGxvdyBtYWNoLWxvb2t1cAotICAgICAgICAgKGds b2JhbC1uYW1lICJjb20uYXBwbGUuQXBwU1NPLnNlcnZpY2UteHBjIikpCisgICAgICAgIChnbG9i YWwtbmFtZSAiY29tLmFwcGxlLkFwcFNTTy5zZXJ2aWNlLXhwYyIpKQogICAgIChkZW55IGlwYy1w b3NpeC1zaG0tcmVhZC1kYXRhICh3aXRoIHRlbGVtZXRyeSkKICAgICAgICAgIChpcGMtcG9zaXgt bmFtZSAiL2NvbS5hcHBsZS5BcHBTU08udmVyc2lvbiIpKSkKIAogKGFsbG93IGZpbGUtcmVhZCog ZmlsZS13cml0ZSoKLSAgICAoc3VicGF0aCAiL3Zhci9tb2JpbGUvTGlicmFyeS9jb20uYXBwbGUu d2Via2l0LmFkYXR0cmlidXRpb25kIikpCisgICAgKHN1YnBhdGggIi9wcml2YXRlL3Zhci9tb2Jp bGUvTGlicmFyeS9jb20uYXBwbGUud2Via2l0LmFkYXR0cmlidXRpb25kIikpCiAKIChhbGxvdyBm aWxlLXJlYWQqIGZpbGUtbWFwLWV4ZWN1dGFibGUKICAgICAoc3VicGF0aCAiL1N5c3RlbS9MaWJy YXJ5L0ZyYW1ld29ya3MiKQpAQCAtMTE4LDYgKzEyMiw3IEBACiA7OyBWYXJpb3VzIHNlcnZpY2Vz IHJlcXVpcmVkIGJ5IENGTmV0d29yayBhbmQgb3RoZXIgZnJhbWV3b3JrcwogKGFsbG93IG1hY2gt bG9va3VwCiAgICAgKGdsb2JhbC1uYW1lCisgICAgICAgICJjb20uYXBwbGUuY29udGFpbmVybWFu YWdlcmQiCiAgICAgICAgICJjb20uYXBwbGUudXN5bXB0b21zZCIKICAgICAgICAgImNvbS5hcHBs ZS5jb29raWVkIgogICAgICAgICAiY29tLmFwcGxlLmRpc3RyaWJ1dGVkX25vdGlmaWNhdGlvbnNA VXYzIgpAQCAtMTI1LDE2ICsxMzAsMzUgQEAKICAgICAgICAgImNvbS5hcHBsZS5sc2QubWFwZGIi CiAgICAgICAgICJjb20uYXBwbGUubHNkLm1vZGlmeWRiIikpCiAKKzs7IDxyZGFyOi8vcHJvYmxl bS8xMDY0Mjg4MT4KKyhhbGxvdyBmaWxlLXJlYWQqCisgICAgICAgKGxpdGVyYWwgIi9wcml2YXRl L3Zhci9wcmVmZXJlbmNlcy9jb20uYXBwbGUubmV0d29ya2QucGxpc3QiKSkKKworKGFsbG93IGZp bGUtcmVhZC1kYXRhCisgICAgKGxpdGVyYWwgIi9TeXN0ZW0vTGlicmFyeS9Db3JlU2VydmljZXMv U3lzdGVtVmVyc2lvbi5wbGlzdCIpCisgICAgKGxpdGVyYWwgIi91c3IvbGliL2xvZyIpCisgICAg KGxpdGVyYWwgIi91c3IvbG9jYWwvbGliL2xvZyIpKSA7IDxyZGFyOi8vcHJvYmxlbS8zNjYyOTQ5 NT4KKwogOzsgU2VjdXJpdHkgZnJhbWV3b3JrCiAoYWxsb3cgbWFjaC1sb29rdXAgKGdsb2JhbC1u YW1lICJjb20uYXBwbGUuU2VjdXJpdHlTZXJ2ZXIiKQotKGdsb2JhbC1uYW1lICJjb20uYXBwbGUu b2NzcGQiKSkKKyAgICAoZ2xvYmFsLW5hbWUgImNvbS5hcHBsZS5vY3NwZCIpKQogKGFsbG93IGZp bGUtcmVhZCoKKyAgICAobGl0ZXJhbCAiL2Rldi91cmFuZG9tIikKKyAgICAobGl0ZXJhbCAiL3By aXZhdGUvZXRjL21hc3Rlci5wYXNzd2QiKQorICAgIChzdWJwYXRoICIvcHJpdmF0ZS92YXIvcHJl ZmVyZW5jZXMvTG9nZ2luZyIpCiAgICAgKHN1YnBhdGggIi9MaWJyYXJ5L0tleWNoYWlucyIpCiAg ICAgKHN1YnBhdGggIi9wcml2YXRlL3Zhci9kYi9tZHMiKQogICAgIChsaXRlcmFsICIvTGlicmFy eS9QcmVmZXJlbmNlcy9jb20uYXBwbGUuc2VjdXJpdHkucGxpc3QiKQogICAgIChob21lLWxpdGVy YWwgIi9MaWJyYXJ5L1ByZWZlcmVuY2VzL2NvbS5hcHBsZS5zZWN1cml0eS5wbGlzdCIpKQogCi0o YWxsb3cgZmlsZS1yZWFkKiAoc3VicGF0aCAiL3Vzci9zaGFyZS96b25laW5mbyIpKQorOzs7IEFs bG93IHJlYWRpbmcgaW50ZXJuYWwgcHJvZmlsZXMgb24gZGV2ZWxvcG1lbnQgYnVpbGRzCisoYWxs b3cgZmlsZS1yZWFkKgorICAgIChyZXF1aXJlLWFsbCAoZmlsZS1tb2RlICNvMDAwNCkKKyAgICAo c3VicGF0aCAiL0FwcGxlSW50ZXJuYWwvTGlicmFyeS9QcmVmZXJlbmNlcy9Mb2dnaW5nIikKKyAg ICAoc3lzdGVtLWF0dHJpYnV0ZSBhcHBsZS1pbnRlcm5hbCkpKQorCisKKyhhbGxvdyBmaWxlLXJl YWQqIChzdWJwYXRoICIvdXNyL3NoYXJlIikpCiAKIChhbGxvdyBmaWxlLXJlYWQqIChsaXRlcmFs ICIvTGlicmFyeS9BcHBsaWNhdGlvbiBTdXBwb3J0L0NyYXNoUmVwb3J0ZXIvU3VibWl0RGlhZ0lu Zm8uZG9tYWlucyIpKQogCkBAIC0xNDIsNiArMTY2LDggQEAKICAgICAoaXBjLXBvc2l4LW5hbWUg ImNvbS5hcHBsZS5BcHBsZURhdGFiYXNlQ2hhbmdlZCIpKQogKGFsbG93IGlwYy1wb3NpeC1zaG0t d3JpdGUtZGF0YQogICAgIChpcGMtcG9zaXgtbmFtZSAiY29tLmFwcGxlLkFwcGxlRGF0YWJhc2VD aGFuZ2VkIikpCisoYWxsb3cgaXBjLXBvc2l4LXNobS1yZWFkKgorICAgIChpcGMtcG9zaXgtbmFt ZSAiYXBwbGUuc2htLm5vdGlmaWNhdGlvbl9jZW50ZXIiKSkgOzsgTmVlZGVkIGJ5IG9zX2xvZ19j cmVhdGUKIAogOzsgUmVhZC1vbmx5IHByZWZlcmVuY2VzIGFuZCBkYXRhCiAoYWxsb3cgZmlsZS1y ZWFkKgo=