Bug 207482

Summary:

[iOS] Deny mach lookup access to analytics service in the WebContent process

Product:

WebKit

Reporter:

Per Arne Vollan <pvollan>

Component:

WebKit Misc.

Assignee:

Per Arne Vollan <pvollan>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

bfulgham, commit-queue, darin, ggaren, webkit-bug-importer

Priority:

Keywords:

InRadar

Version:

WebKit Nightly Build

Hardware:

Unspecified

OS:

Unspecified

Attachments:

Description	Flags
Patch	darin: review+, commit-queue: commit-queue-

Per Arne Vollan

Reported 2020-02-10 10:55:39 PST

As part of sandbox hardening work, this service should be denied in the WebContent process' sandbox.

Attachments
Patch (3.86 KB, patch) 2020-02-10 11:01 PST, Per Arne Vollan	darin: review+ commit-queue: commit-queue-	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Per Arne Vollan

Comment 1 2020-02-10 11:01:54 PST

Created attachment 390267 [details] Patch

Radar WebKit Bug Importer

Comment 2 2020-02-10 11:02:22 PST

<rdar://problem/59317479>

Per Arne Vollan

Comment 3 2020-02-12 07:13:17 PST

Comment on attachment 390267 [details] Patch Thanks for reviewing!

Per Arne Vollan

Comment 4 2020-02-12 07:13:45 PST

I think the win test failure is unrelated to this patch.

WebKit Commit Bot

Comment 5 2020-02-12 07:33:55 PST

Comment on attachment 390267 [details] Patch Rejecting attachment 390267 [details] from commit-queue. Failed to run "['/Volumes/Data/EWS/WebKit/Tools/Scripts/webkit-patch', '--status-host=webkit-queues.webkit.org', '--bot-id=webkit-cq-01', 'apply-attachment', '--no-update', '--non-interactive', 390267, '--port=mac']" exit_code: 2 cwd: /Volumes/Data/EWS/WebKit Logging in as commit-queue@webkit.org... Fetching: https://bugs.webkit.org/attachment.cgi?id=390267&action=edit Fetching: https://bugs.webkit.org/show_bug.cgi?id=207482&ctype=xml&excludefield=attachmentdata Processing 1 patch from 1 bug. Processing patch 390267 from bug 207482. Fetching: https://bugs.webkit.org/attachment.cgi?id=390267 Failed to run "[u'/Volumes/Data/EWS/WebKit/Tools/Scripts/svn-apply', '--force', '--reviewer', u'Darin Adler']" exit_code: 1 cwd: /Volumes/Data/EWS/WebKit Parsed 5 diffs from patch file(s). patching file Source/WebKit/ChangeLog Hunk #1 succeeded at 1 with fuzz 3. patching file Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb patching file LayoutTests/ChangeLog Hunk #1 succeeded at 1 with fuzz 3. patching file LayoutTests/fast/sandbox/ios/sandbox-mach-lookup-expected.txt Hunk #1 FAILED at 17. 1 out of 1 hunk FAILED -- saving rejects to file LayoutTests/fast/sandbox/ios/sandbox-mach-lookup-expected.txt.rej patching file LayoutTests/fast/sandbox/ios/sandbox-mach-lookup.html Hunk #1 FAILED at 20. 1 out of 1 hunk FAILED -- saving rejects to file LayoutTests/fast/sandbox/ios/sandbox-mach-lookup.html.rej Failed to run "[u'/Volumes/Data/EWS/WebKit/Tools/Scripts/svn-apply', '--force', '--reviewer', u'Darin Adler']" exit_code: 1 cwd: /Volumes/Data/EWS/WebKit Full output: https://webkit-queues.webkit.org/results/13321366

Per Arne Vollan

Comment 6 2020-02-12 10:53:30 PST

Committed r256455: <https://trac.webkit.org/changeset/256455/webkit>

Note You need to log in before you can comment on or make changes to this bug.