Summary: | Need to disable FakeSYSVSHM when sandboxing is not enabled | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Simon Cooper <scooper> | ||||||||
Component: | WebKit2 | Assignee: | Simon Cooper <scooper> | ||||||||
Status: | RESOLVED FIXED | ||||||||||
Severity: | Critical | CC: | ap, buildbot, commit-queue, rniwa, scooper | ||||||||
Priority: | P1 | Keywords: | InRadar | ||||||||
Version: | 528+ (Nightly build) | ||||||||||
Hardware: | Mac | ||||||||||
OS: | Unspecified | ||||||||||
Attachments: |
|
Description
Simon Cooper
2013-08-22 17:07:17 PDT
Created attachment 209408 [details]
Patch
To test this, a) Visit Youtube.com (make sure you are not in the HTML5 beta, so that you get flash) b) use activity monitor to verify the flash player is sandboxed c) use "sudo ipcs" to see if there are any shared memory segments registered (there should not be any -- specific none with the key "0x53414e44") d) Go to Safari -> Preferences -> Security -> Manage Webite Settings. Allow the Flash Player to "Run in Unsafe Mode" for Youtube.com. e) Refresh the page f) use activity monitor to see that there is now a flash player that is unsandboxed (note, you may also see a sandboxed player if you did not stop / start Safari) g) use "sudo ipcs" to see that there is now a shared memory segment registered using the key "0x53414e44". Comment on attachment 209408 [details] Patch Attachment 209408 [details] did not pass mac-wk2-ews (mac-wk2): Output: http://webkit-queues.appspot.com/results/1523745 Comment on attachment 209408 [details] Patch Attachment 209408 [details] did not pass mac-ews (mac): Output: http://webkit-queues.appspot.com/results/1526472 Created attachment 209413 [details]
Patch
Because this uses header information not available on the open source builders I’ve had to guard and include the specific pieces that are necessary. The updated patch will work on both internal and external builders (and create the same result). Comment on attachment 209413 [details] Patch Attachment 209413 [details] did not pass mac-wk2-ews (mac-wk2): Output: http://webkit-queues.appspot.com/results/1546130 Comment on attachment 209413 [details] Patch Attachment 209413 [details] did not pass mac-ews (mac): Output: http://webkit-queues.appspot.com/results/1555092 Created attachment 209426 [details]
Patch
The file is Objective-C++ but sandbox_check() is a C function, so need to declare it correctly for the open source webkit builders. Comment on attachment 209426 [details] Patch Clearing flags on attachment: 209426 Committed r154473: <http://trac.webkit.org/changeset/154473> All reviewed patches have been landed. Closing bug. |