Bug 179674

Summary: Consolidate sysctl-read rules in WebProcess sandbox
Product: WebKit Reporter: Brent Fulgham <bfulgham>
Component: WebKit2Assignee: Brent Fulgham <bfulgham>
Status: RESOLVED FIXED    
Severity: Normal CC: achristensen, bfulgham, dino, ggaren
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on: 179548    
Bug Blocks:    
Attachments:
Description Flags
Patch
none
Patch dino: review+

Description Brent Fulgham 2017-11-14 10:38:59 PST
Consolidate the various sysctl-read rules we imported from 'system.sb' sandbox in Bug 179548 into our WebContent sandbox.

This will allow us to tighten things down further than we could using the global sandbox.

<rdar://problem/35367154>
Comment 1 Brent Fulgham 2017-11-14 10:48:26 PST
Created attachment 326890 [details]
Patch
Comment 2 Brent Fulgham 2017-11-14 11:31:33 PST
Created attachment 326897 [details]
Patch
Comment 3 Brent Fulgham 2017-11-14 12:09:57 PST
Committed r224830: <https://trac.webkit.org/changeset/224830>