Bug 203697

Summary: [iOS] Fix mach lookup sandbox violations in the Mail app
Product: WebKit Reporter: Per Arne Vollan <pvollan>
Component: WebKit Misc.Assignee: Per Arne Vollan <pvollan>
Status: RESOLVED FIXED    
Severity: Normal CC: ap, bfulgham, commit-queue, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch
none
Patch
ap: review+
Patch none

Per Arne Vollan
Reported 2019-10-31 13:59:08 PDT
The following services are being used by the Mail app, and needs to be allowed. 1) com.apple.logd.events 2) com.apple.distributed_notifications@1v3
Attachments
Patch (1.44 KB, patch)
2019-10-31 14:03 PDT, Per Arne Vollan 		no flags
DetailsFormatted DiffDiff
Patch (1.61 KB, patch)
2019-10-31 14:32 PDT, Per Arne Vollan 		ap: review+
DetailsFormatted DiffDiff
Patch (1.69 KB, patch)
2019-10-31 16:30 PDT, Per Arne Vollan 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Per Arne Vollan
Comment 1 2019-10-31 13:59:30 PDT
rdar://problem/56765698
Per Arne Vollan
Comment 2 2019-10-31 14:03:38 PDT
Created attachment 382499 [details] Patch
Per Arne Vollan
Comment 3 2019-10-31 14:32:09 PDT
Created attachment 382501 [details] Patch
Alexey Proskuryakov
Comment 4 2019-10-31 16:19:08 PDT
Comment on attachment 382501 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=382501&action=review > Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:624 > +(allow mach-lookup > (global-name "com.apple.logd.events")) > > (allow mach-lookup > + (global-name "com.apple.distributed_notifications@1v3")) > + > +(allow mach-lookup > + (global-name "com.apple.aggregated")) > + > +(allow mach-lookup > (global-name "com.apple.cfprefsd.daemon")) Should these all be combined into one "allow mach-lookup" expression?
Per Arne Vollan
Comment 5 2019-10-31 16:30:50 PDT
Created attachment 382518 [details] Patch
Per Arne Vollan
Comment 6 2019-10-31 16:33:17 PDT
(In reply to Alexey Proskuryakov from comment #4) > Comment on attachment 382501 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=382501&action=review > > > Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:624 > > +(allow mach-lookup > > (global-name "com.apple.logd.events")) > > > > (allow mach-lookup > > + (global-name "com.apple.distributed_notifications@1v3")) > > + > > +(allow mach-lookup > > + (global-name "com.apple.aggregated")) > > + > > +(allow mach-lookup > > (global-name "com.apple.cfprefsd.daemon")) > > Should these all be combined into one "allow mach-lookup" expression? Done. Thanks for reviewing!
WebKit Commit Bot
Comment 7 2019-10-31 17:32:04 PDT
Comment on attachment 382518 [details] Patch Clearing flags on attachment: 382518 Committed r251897: <https://trac.webkit.org/changeset/251897>
Note You need to log in before you can comment on or make changes to this bug.