Bug 237580

Summary: Expand adattributiond sandbox to prevent sandbox exceptions during main functionality
Product: WebKit Reporter: Alex Christensen <achristensen>
Component: New BugsAssignee: Alex Christensen <achristensen>
Status: RESOLVED FIXED    
Severity: Normal CC: pvollan, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch none

Description Alex Christensen 2022-03-07 21:06:32 PST 
Expand adattributiond sandbox to prevent sandbox exceptions during main functionality
Comment 1 Alex Christensen 2022-03-07 21:07:20 PST 
Created attachment 454070 [details]
Patch
Comment 2 Alex Christensen 2022-03-07 21:07:24 PST 
<rdar://problem/89855243>
Comment 3 Per Arne Vollan 2022-03-08 07:31:31 PST 
Comment on attachment 454070 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=454070&action=review

R=me.

> Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.adattributiond.sb:125
> +        "com.apple.containermanagerd"

I don't think this is strictly needed. Can you do without it?
Comment 4 Alex Christensen 2022-03-08 09:00:18 PST 
Comment on attachment 454070 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=454070&action=review

>> Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.adattributiond.sb:125
>> +        "com.apple.containermanagerd"
> 
> I don't think this is strictly needed. Can you do without it?

Maybe, but there were sandbox violations without it and all our other processes have it.  I'm going to add it for now and we can consider removing it in the future with the others.
Comment 5 EWS 2022-03-08 09:16:42 PST 
Committed r290996 (248174@main): <https://commits.webkit.org/248174@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 454070 [details].