Bug 203626

Summary: Investigate if mach lookup access to *.apple-extension-service, *.viewservice, and com.apple.uikit.viewservice.* can be denied
Product: WebKit Reporter: Per Arne Vollan <pvollan>
Component: WebKit Misc.Assignee: Per Arne Vollan <pvollan>
Status: RESOLVED FIXED    
Severity: Normal CC: ap, bfulgham, commit-queue, ggaren, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch
none
Patch
none
Patch none

Per Arne Vollan
Reported 2019-10-30 14:03:23 PDT
These services have not been observed being in use while running layout test, and should be denied in the WebContent Sandbox.
Attachments
Patch (2.16 KB, patch)
2019-10-30 14:06 PDT, Per Arne Vollan 		no flags
DetailsFormatted DiffDiff
Patch (2.04 KB, patch)
2019-10-30 14:10 PDT, Per Arne Vollan 		no flags
DetailsFormatted DiffDiff
Patch (1.82 KB, patch)
2019-11-01 11:23 PDT, Per Arne Vollan 		no flags
DetailsFormatted DiffDiff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2019-10-30 14:03:41 PDT
<rdar://problem/56757653>
Per Arne Vollan
Comment 2 2019-10-30 14:06:16 PDT
Created attachment 382348 [details] Patch
Per Arne Vollan
Comment 3 2019-10-30 14:10:54 PDT
Created attachment 382351 [details] Patch
Brent Fulgham
Comment 4 2019-10-30 14:58:16 PDT
Comment on attachment 382351 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=382351&action=review I am worried about this change. Please make sure to test on a device with this sandbox, using MobileMaill and MobileSafari, and attempting to share URLs. > Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:434 > (xpc-service-name-regex #"\.apple-extension-service$") ;; <rdar://problem/19525887> I can't see this radar, but this could be related to sharing services. We should make sure to test with share sheet before checking this change in. > Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:435 > (xpc-service-name-regex #"\.viewservice$") ;; <rdar://problem/31252371> I'm worried about this denial: According to <rdar://problem/31252371>, this was triggered in MobileSafari. Unless you have run MobileSafari with this change, I wouldn't want to land this.
Per Arne Vollan
Comment 5 2019-10-30 15:33:08 PDT
(In reply to Brent Fulgham from comment #4) > Comment on attachment 382351 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=382351&action=review > > I am worried about this change. Please make sure to test on a device with > this sandbox, using MobileMaill and MobileSafari, and attempting to share > URLs. > > > Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:434 > > (xpc-service-name-regex #"\.apple-extension-service$") ;; <rdar://problem/19525887> > > I can't see this radar, but this could be related to sharing services. We > should make sure to test with share sheet before checking this change in. > > > Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:435 > > (xpc-service-name-regex #"\.viewservice$") ;; <rdar://problem/31252371> > > I'm worried about this denial: According to <rdar://problem/31252371>, this > was triggered in MobileSafari. Unless you have run MobileSafari with this > change, I wouldn't want to land this. I will perform tests with MobileMail and MobileSafari, sharing URLs and testing with share sheet. Thanks for reviewing!
Alexey Proskuryakov
Comment 6 2019-10-30 23:18:42 PDT
Comment on attachment 382351 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=382351&action=review > Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:432 > + (deny mach-lookup (with send-signal SIGKILL) Sending SIGKILL is potentially super disruptive to a lot of people if we miss something in testing. At the very least, there should be a bug that tracks removing SIGKILL before shipping, but really, we need a better mechanism to learn about sandbox violations.
Per Arne Vollan
Comment 7 2019-11-01 11:23:46 PDT
Created attachment 382599 [details] Patch
Alexey Proskuryakov
Comment 8 2019-11-01 11:49:55 PDT
Comment on attachment 382599 [details] Patch OK. I don't know what "with telemetry" does, but it sounds appropriate :)
Per Arne Vollan
Comment 9 2019-11-01 11:52:52 PDT
(In reply to Alexey Proskuryakov from comment #8) > Comment on attachment 382599 [details] > Patch > > OK. I don't know what "with telemetry" does, but it sounds appropriate :) Thanks for reviewing :)
WebKit Commit Bot
Comment 10 2019-11-01 13:19:18 PDT
Comment on attachment 382599 [details] Patch Clearing flags on attachment: 382599 Committed r251935: <https://trac.webkit.org/changeset/251935>
WebKit Commit Bot
Comment 11 2019-11-01 13:19:20 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.