Bug 218982

Summary: [macOS] The WebContent sandbox does not apply for open source builds
Product: WebKit Reporter: Per Arne Vollan <pvollan>
Component: WebKit Misc.Assignee: Per Arne Vollan <pvollan>
Status: RESOLVED FIXED    
Severity: Normal CC: ap, benjamin, bfulgham, cdumez, cmarcelo, ews-watchlist, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch
ap: review+
Patch
ews-feeder: commit-queue-
Patch none

Per Arne Vollan
Reported 2020-11-16 07:09:37 PST
The WebContent sandbox does not apply for open source builds on macOS, since it has enabled message filtering, which requires a private entitlement.
Attachments
Patch (6.79 KB, patch)
2020-11-16 07:12 PST, Per Arne Vollan 		ap: review+
DetailsFormatted DiffDiff
Patch (7.32 KB, patch)
2020-11-16 10:16 PST, Per Arne Vollan 		ews-feeder: commit-queue-
DetailsFormatted DiffDiff
Patch (7.36 KB, patch)
2020-11-16 10:29 PST, Per Arne Vollan 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Per Arne Vollan
Comment 1 2020-11-16 07:12:18 PST
Created attachment 414232 [details] Patch
Alexey Proskuryakov
Comment 2 2020-11-16 09:27:50 PST
Comment on attachment 414232 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=414232&action=review > Source/WebKit/WebProcess/com.apple.WebProcess.sb.in:115 > +#if USE(APPLE_INTERNAL_SDK) && __MAC_OS_X_VERSION_MIN_REQUIRED > 110000 It may be nicer to add and use HAVE(SANDBOX_MESSAGE_FILTERING) instead of version checks everywhere.
Per Arne Vollan
Comment 3 2020-11-16 09:55:45 PST
(In reply to Alexey Proskuryakov from comment #2) > Comment on attachment 414232 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=414232&action=review > > > Source/WebKit/WebProcess/com.apple.WebProcess.sb.in:115 > > +#if USE(APPLE_INTERNAL_SDK) && __MAC_OS_X_VERSION_MIN_REQUIRED > 110000 > > It may be nicer to add and use HAVE(SANDBOX_MESSAGE_FILTERING) instead of > version checks everywhere. Ah, good point, will fix. Thanks for reviewing!
Per Arne Vollan
Comment 4 2020-11-16 10:16:30 PST
Created attachment 414247 [details] Patch
Per Arne Vollan
Comment 5 2020-11-16 10:29:42 PST
Created attachment 414250 [details] Patch
EWS
Comment 6 2020-11-16 11:53:06 PST
Committed r269867: <https://trac.webkit.org/changeset/269867> All reviewed patches have been landed. Closing bug and clearing flags on attachment 414250 [details].
Radar WebKit Bug Importer
Comment 7 2020-11-16 11:54:17 PST
<rdar://problem/71451891>
Note You need to log in before you can comment on or make changes to this bug.