Bug 208660

Summary: [macOS] Create sandbox extension for "com.apple.tccd"
Product: WebKit Reporter: Brent Fulgham <bfulgham>
Component: WebKit2Assignee: Brent Fulgham <bfulgham>
Status: RESOLVED FIXED    
Severity: Normal CC: bfulgham, commit-queue, eric.carlson, ews-watchlist, glenn, jer.noble, philipj, pvollan, sergio, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on: 204367    
Bug Blocks:    
Attachments:
Description Flags
Patch
none
Patch for landing none

Description Brent Fulgham 2020-03-05 12:44:40 PST 
We should do the same work on macOS that we did for Bug 204367. Namely:

"When camera or microphone access has been granted by the user, have the UI process create a sandbox extension for "com.apple.tccd", and send it to the WebContent process."

On macOS, we actually have to create extensions to 'com.apple.tccd' and 'com.apple.tccd.system'.
Comment 1 Brent Fulgham 2020-03-05 12:46:17 PST 
<rdar://problem/57666569>
Comment 2 Brent Fulgham 2020-03-05 12:52:54 PST 
Created attachment 392610 [details]
Patch
Comment 3 Per Arne Vollan 2020-03-05 13:14:24 PST 
Comment on attachment 392610 [details]
Patch

R=me.
Comment 4 Brent Fulgham 2020-03-05 15:08:22 PST 
After talking with the TCC team, it seems like various frameworks need to check in with 'com.apple.tccd.system' (including Accessibility). We should keep the blanket allow for this, and just act like iOS.

I'll revise the patch to match.
Comment 5 Brent Fulgham 2020-03-05 15:14:20 PST 
Created attachment 392632 [details]
Patch for landing
Comment 6 WebKit Commit Bot 2020-03-05 16:06:57 PST 
Comment on attachment 392632 [details]
Patch for landing

Clearing flags on attachment: 392632

Committed r257956: <https://trac.webkit.org/changeset/257956>
Comment 7 WebKit Commit Bot 2020-03-05 16:06:58 PST 
All reviewed patches have been landed.  Closing bug.