Bug 230909

Summary: Remove redundant sandbox exception rules for registering mach extensions
Product: WebKit Reporter: Brent Fulgham <bfulgham>
Component: WebKit Misc.Assignee: Brent Fulgham <bfulgham>
Status: RESOLVED FIXED    
Severity: Normal CC: bfulgham, pvollan, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch none

Description Brent Fulgham 2021-09-28 13:17:49 PDT 
The Sandbox implementation offers a mechanism for applications to extend their sandbox at build time. WebKit does not use those extensions in its sandbox design, so we should remove those powers. They are left-over from importing the global App Sandbox rules long ago and are not used by WebKit.
Comment 1 Brent Fulgham 2021-09-28 13:18:02 PDT 
<rdar://problem/66583587>
Comment 2 Brent Fulgham 2021-09-28 13:22:59 PDT 
Created attachment 439510 [details]
Patch
Comment 3 Per Arne Vollan 2021-09-28 13:25:30 PDT 
Comment on attachment 439510 [details]
Patch

R=me.
Comment 4 Brent Fulgham 2021-09-28 13:49:37 PDT 
Tested on device and confirmed no findings.
Comment 5 EWS 2021-09-28 14:16:36 PDT 
Committed r283195 (242242@main): <https://commits.webkit.org/242242@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 439510 [details].