Bug 230918

Summary: Remove unused "com.apple.security.exception.file*" rules from WebKit sandboxes
Product: WebKit Reporter: Brent Fulgham <bfulgham>
Component: WebKit Misc.Assignee: Brent Fulgham <bfulgham>
Status: RESOLVED FIXED    
Severity: Normal CC: bfulgham, pvollan, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch none

Brent Fulgham
Reported 2021-09-28 14:42:13 PDT
The Sandbox implementation provides a mechanism where apps can extend the default app sandbox with entitled extension properties in their Info.plist. WebKit does not need or use this feature, but the rules were imported when we stopped using the system sandbox. We should remove them since we don't need them, and they add to the size and complexity of the sandbox rule set.
Attachments
Patch (10.99 KB, patch)
2021-09-28 15:55 PDT, Brent Fulgham 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Brent Fulgham
Comment 1 2021-09-28 15:52:06 PDT
<rdar://problem/66585844>
Brent Fulgham
Comment 2 2021-09-28 15:55:31 PDT
Created attachment 439538 [details] Patch
Brent Fulgham
Comment 3 2021-09-28 15:56:02 PDT
Tested on device across various media properties, network loads, and webauthn tests.
Per Arne Vollan
Comment 4 2021-09-28 15:58:29 PDT
Comment on attachment 439538 [details] Patch Great! R=me.
EWS
Comment 5 2021-09-28 17:26:44 PDT
Committed r283204 (242247@main): <https://commits.webkit.org/242247@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 439538 [details].
Note You need to log in before you can comment on or make changes to this bug.