Bug 209339

Summary: [Cocoa] Deny access to database mapping service
Product: WebKit Reporter: Per Arne Vollan <pvollan>
Component: WebKit Misc.Assignee: Per Arne Vollan <pvollan>
Status: RESOLVED FIXED    
Severity: Normal CC: benjamin, bfulgham, cdumez, cmarcelo, commit-queue, ews-watchlist, jacob_uphoff, simon.fraser, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on: 209459    
Bug Blocks:    
Attachments:
Description Flags
Patch
none
Patch
none
Patch
none
Patch
none
Patch
none
Patch
none
Patch none

Description Per Arne Vollan 2020-03-20 08:34:36 PDT 
On macOS and iOS, the WebContent process should not have access to "com.apple.lsd.mapdb".
Comment 1 Per Arne Vollan 2020-03-20 08:35:48 PDT 
rdar://problem/56966010
Comment 2 Per Arne Vollan 2020-03-20 08:53:41 PDT 
Created attachment 394086 [details]
Patch
Comment 3 Per Arne Vollan 2020-03-20 09:17:56 PDT 
Created attachment 394090 [details]
Patch
Comment 4 Per Arne Vollan 2020-03-20 13:15:32 PDT 
Created attachment 394114 [details]
Patch
Comment 5 Brent Fulgham 2020-03-20 17:15:00 PDT 
Comment on attachment 394114 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=394114&action=review

r=me

> Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm:107
> +#import <MobileCoreServices/MobileCoreServices.h>

Does this need to be inside PLATFORM(IOS) or anything? It is available on all Cocoa ports? EWS seems happy, so I guess it does!
Comment 6 Per Arne Vollan 2020-03-20 17:27:14 PDT 
Comment on attachment 394114 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=394114&action=review

>> Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm:107
>> +#import <MobileCoreServices/MobileCoreServices.h>
> 
> Does this need to be inside PLATFORM(IOS) or anything? It is available on all Cocoa ports? EWS seems happy, so I guess it does!

It is inside PLATFORM(IOS_FAMILY), but the section was too long for it to be visible in the diff :)
Comment 7 Per Arne Vollan 2020-03-20 17:27:58 PDT 
Comment on attachment 394114 [details]
Patch

Thanks for reviewing!
Comment 8 Simon Fraser (smfr) 2020-03-20 17:52:56 PDT 
Comment on attachment 394114 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=394114&action=review

> Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm:284
> +        auto r = adoptCF(UTTypeCreatePreferredIdentifierForTag(kUTTagClassMIMEType, CFSTR("text/html"), 0));

r could use a better name. Does it even need one?
Comment 9 EWS 2020-03-20 18:10:47 PDT 
Committed r258803: <https://trac.webkit.org/changeset/258803>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 394114 [details].
Comment 10 Jacob Uphoff 2020-03-23 07:38:28 PDT 
Reverted r258803 for reason:

This revision caused many layout tests and 10 API tests to start failing/crashing

Committed r258841: <https://trac.webkit.org/changeset/258841>
Comment 11 Per Arne Vollan 2020-03-23 12:50:57 PDT 
Created attachment 394291 [details]
Patch
Comment 12 Per Arne Vollan 2020-03-23 13:52:41 PDT 
Created attachment 394298 [details]
Patch
Comment 13 Per Arne Vollan 2020-03-23 15:55:25 PDT 
Created attachment 394315 [details]
Patch
Comment 14 EWS 2020-03-23 17:15:29 PDT 
Committed r258891: <https://trac.webkit.org/changeset/258891>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 394315 [details].
Comment 15 WebKit Commit Bot 2020-03-23 18:30:20 PDT 
Re-opened since this is blocked by bug 209459
Comment 16 Per Arne Vollan 2020-03-24 09:31:22 PDT 
Created attachment 394373 [details]
Patch
Comment 17 EWS 2020-03-24 10:14:49 PDT 
Committed r258915: <https://trac.webkit.org/changeset/258915>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 394373 [details].