Bug 230909

Summary: Remove redundant sandbox exception rules for registering mach extensions
Product: WebKit Reporter: Brent Fulgham <bfulgham>
Component: WebKit Misc.Assignee: Brent Fulgham <bfulgham>
Status: RESOLVED FIXED    
Severity: Normal CC: bfulgham, pvollan, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch none

Brent Fulgham
Reported 2021-09-28 13:17:49 PDT
The Sandbox implementation offers a mechanism for applications to extend their sandbox at build time. WebKit does not use those extensions in its sandbox design, so we should remove those powers. They are left-over from importing the global App Sandbox rules long ago and are not used by WebKit.
Attachments
Patch (4.62 KB, patch)
2021-09-28 13:22 PDT, Brent Fulgham 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Brent Fulgham
Comment 1 2021-09-28 13:18:02 PDT
<rdar://problem/66583587>
Brent Fulgham
Comment 2 2021-09-28 13:22:59 PDT
Created attachment 439510 [details] Patch
Per Arne Vollan
Comment 3 2021-09-28 13:25:30 PDT
Comment on attachment 439510 [details] Patch R=me.
Brent Fulgham
Comment 4 2021-09-28 13:49:37 PDT
Tested on device and confirmed no findings.
EWS
Comment 5 2021-09-28 14:16:36 PDT
Committed r283195 (242242@main): <https://commits.webkit.org/242242@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 439510 [details].
Note You need to log in before you can comment on or make changes to this bug.