Bug 223192

Summary:

Enforce subcommand filtering

Product:

WebKit

Reporter:

Per Arne Vollan <pvollan>

Component:

WebKit Misc.

Assignee:

Per Arne Vollan <pvollan>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

bfulgham, webkit-bug-importer

Priority:

Keywords:

InRadar

Version:

WebKit Nightly Build

Hardware:

Unspecified

OS:

Unspecified

Attachments:

Description	Flags
Patch	none
Patch	none
Patch	none
Patch	bfulgham: review+
Patch	bfulgham: review-, bfulgham: commit-queue-
Patch	bfulgham: review+

Per Arne Vollan

Reported 2021-03-15 10:31:18 PDT

Enforce subcommand filtering in the WebContent process' sandbox.

Attachments
Patch (7.43 KB, patch) 2021-03-15 10:37 PDT, Per Arne Vollan	no flags	Details Formatted Diff Diff
Patch (8.32 KB, patch) 2021-03-15 10:43 PDT, Per Arne Vollan	no flags	Details Formatted Diff Diff
Patch (8.65 KB, patch) 2021-03-15 11:38 PDT, Per Arne Vollan	no flags	Details Formatted Diff Diff
Patch (8.55 KB, patch) 2021-03-15 12:31 PDT, Per Arne Vollan	bfulgham: review+	Details Formatted Diff Diff
Patch (8.70 KB, patch) 2021-03-15 13:06 PDT, Per Arne Vollan	bfulgham: review- bfulgham: commit-queue-	Details Formatted Diff Diff
Patch (8.70 KB, patch) 2021-03-15 13:19 PDT, Per Arne Vollan	bfulgham: review+	Details Formatted Diff Diff
Show Obsolete (4) View All Add attachment proposed patch, testcase, etc.

Per Arne Vollan

Comment 1 2021-03-15 10:31:47 PDT

<rdar://75434409>

Per Arne Vollan

Comment 2 2021-03-15 10:37:02 PDT

Created attachment 423195 [details] Patch

Per Arne Vollan

Comment 3 2021-03-15 10:43:33 PDT

Created attachment 423197 [details] Patch

Brent Fulgham

Comment 4 2021-03-15 10:56:50 PDT

Comment on attachment 423197 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=423197&action=review r=me > Source/WebKit/WebProcess/com.apple.WebProcess.sb.in:1549 > + (allow file-ioctl (literal "/dev/dtracehelper")) Whoops!

Per Arne Vollan

Comment 5 2021-03-15 11:38:32 PDT

Created attachment 423208 [details] Patch

Per Arne Vollan

Comment 6 2021-03-15 12:31:51 PDT

Created attachment 423219 [details] Patch

Brent Fulgham

Comment 7 2021-03-15 12:49:32 PDT

Comment on attachment 423219 [details] Patch r=me

Per Arne Vollan

Comment 8 2021-03-15 13:06:16 PDT

Created attachment 423227 [details] Patch

Brent Fulgham

Comment 9 2021-03-15 13:13:17 PDT

Comment on attachment 423227 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=423227&action=review > Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:1356 > + (fcntl-command F_OFD_SETLK) Need to close this clause: )

Per Arne Vollan

Comment 10 2021-03-15 13:19:29 PDT

Created attachment 423229 [details] Patch

Per Arne Vollan

Comment 11 2021-03-15 13:20:34 PDT

(In reply to Brent Fulgham from comment #9) > Comment on attachment 423227 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=423227&action=review > > > Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:1356 > > + (fcntl-command F_OFD_SETLK) > > Need to close this clause: ) Done. Thanks for reviewing!

Brent Fulgham

Comment 12 2021-03-15 13:29:12 PDT

Comment on attachment 423229 [details] Patch r=me

Per Arne Vollan

Comment 13 2021-03-15 14:23:39 PDT

Landed <https://trac.webkit.org/changeset/274439/webkit>.

Note You need to log in before you can comment on or make changes to this bug.