Bug 197895

Summary: Allow NSFileCoordinator to be called from WebContent process
Product: WebKit Reporter: Alex Christensen <achristensen>
Component: New BugsAssignee: Alex Christensen <achristensen>
Status: RESOLVED FIXED    
Severity: Normal CC: bfulgham, commit-queue, pvollan, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch none

Description Alex Christensen 2019-05-14 14:28:06 PDT
Allow NSFileCoordinator to be called from WebContent process
Comment 1 Alex Christensen 2019-05-14 14:30:58 PDT
Created attachment 369893 [details]
Patch
Comment 2 Alex Christensen 2019-05-14 14:31:00 PDT
<rdar://problem/50107679>
Comment 3 Brent Fulgham 2019-05-14 15:13:19 PDT
Comment on attachment 369893 [details]
Patch

r=me
Comment 4 Per Arne Vollan 2019-05-14 15:28:32 PDT
Comment on attachment 369893 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=369893&action=review

> Source/WebKit/WebProcess/com.apple.WebProcess.sb.in:598
> +(allow mach-lookup
> +    (global-name "com.apple.FileCoordination"))
> +

Would it be possible to broker the NSFileCoordinator call to the UI process, to avoid allowing this mach-lookup?
Comment 5 Per Arne Vollan 2019-05-14 15:55:43 PDT
Comment on attachment 369893 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=369893&action=review

>> Source/WebKit/WebProcess/com.apple.WebProcess.sb.in:598
>> +
> 
> Would it be possible to broker the NSFileCoordinator call to the UI process, to avoid allowing this mach-lookup?

Or perhaps we could issue a mach lookup sandbox extension from the UI process in the injected bundle case?
Comment 6 Alex Christensen 2019-05-15 07:27:35 PDT
Comment on attachment 369893 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=369893&action=review

>>> Source/WebKit/WebProcess/com.apple.WebProcess.sb.in:598
>>> +
>> 
>> Would it be possible to broker the NSFileCoordinator call to the UI process, to avoid allowing this mach-lookup?
> 
> Or perhaps we could issue a mach lookup sandbox extension from the UI process in the injected bundle case?

The mach-lookup is now matching iOS, so I'm not too concerned about adding it.  I do regret the additional syscalls, and I'm not sure if you can make sandbox extensions for syscalls.
Comment 7 WebKit Commit Bot 2019-05-15 07:55:17 PDT
Comment on attachment 369893 [details]
Patch

Clearing flags on attachment: 369893

Committed r245322: <https://trac.webkit.org/changeset/245322>
Comment 8 WebKit Commit Bot 2019-05-15 07:55:19 PDT
All reviewed patches have been landed.  Closing bug.