Summary: | Restrict database process profile | ||||||
---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Oliver Hunt <oliver> | ||||
Component: | New Bugs | Assignee: | Oliver Hunt <oliver> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | Normal | ||||||
Priority: | P2 | ||||||
Version: | 528+ (Nightly build) | ||||||
Hardware: | Unspecified | ||||||
OS: | Unspecified | ||||||
Attachments: |
|
Description
Oliver Hunt
2014-06-11 10:59:51 PDT
Created attachment 232875 [details]
Patch
Comment on attachment 232875 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=232875&action=review > Source/WebKit2/Resources/SandboxProfiles/ios/com.apple.WebKit.Databases.sb:47 > +;; FIXME: Should be removed once <rdar://problem/16329087> is fixed. > +(deny file-write-xattr (xattr "com.apple.quarantine") (with no-log)) Please remove this, there is no quarantine. > Source/WebKit2/Resources/SandboxProfiles/ios/com.apple.WebKit.Databases.sb:50 > +;; Reserve a namespace for additional protected extended attributes. > +(deny file-read-xattr file-write-xattr (xattr-regex #"^com\.apple\.security\.private\.")) Do any iOS profiles have this, or is it an OS X only thing? Committed r169821: <http://trac.webkit.org/changeset/169821> |