RESOLVED FIXED 120182
Need to disable FakeSYSVSHM when sandboxing is not enabled 
https://bugs.webkit.org/show_bug.cgi?id=120182
Summary Need to disable FakeSYSVSHM when sandboxing is not enabled
Simon Cooper
Reported 2013-08-22 17:07:17 PDT
Need to disable FakeSYSVSHM when sandboxing is not enabled
Attachments
Patch (1.74 KB, patch)
2013-08-22 17:13 PDT, Simon Cooper 		no flags
DetailsFormatted DiffDiff
Patch (2.03 KB, patch)
2013-08-22 17:52 PDT, Simon Cooper 		no flags
DetailsFormatted DiffDiff
Patch (2.04 KB, patch)
2013-08-22 20:05 PDT, Simon Cooper 		no flags
DetailsFormatted DiffDiff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.
Simon Cooper
Comment 1 2013-08-22 17:13:38 PDT
Created attachment 209408 [details] Patch
Simon Cooper
Comment 2 2013-08-22 17:20:01 PDT
To test this, a) Visit Youtube.com (make sure you are not in the HTML5 beta, so that you get flash) b) use activity monitor to verify the flash player is sandboxed c) use "sudo ipcs" to see if there are any shared memory segments registered (there should not be any -- specific none with the key "0x53414e44") d) Go to Safari -> Preferences -> Security -> Manage Webite Settings. Allow the Flash Player to "Run in Unsafe Mode" for Youtube.com. e) Refresh the page f) use activity monitor to see that there is now a flash player that is unsandboxed (note, you may also see a sandboxed player if you did not stop / start Safari) g) use "sudo ipcs" to see that there is now a shared memory segment registered using the key "0x53414e44".
Build Bot
Comment 3 2013-08-22 17:27:24 PDT
Comment on attachment 209408 [details] Patch Attachment 209408 [details] did not pass mac-wk2-ews (mac-wk2): Output: http://webkit-queues.appspot.com/results/1523745
Build Bot
Comment 4 2013-08-22 17:36:30 PDT
Comment on attachment 209408 [details] Patch Attachment 209408 [details] did not pass mac-ews (mac): Output: http://webkit-queues.appspot.com/results/1526472
Simon Cooper
Comment 5 2013-08-22 17:52:45 PDT
Created attachment 209413 [details] Patch
Simon Cooper
Comment 6 2013-08-22 17:56:44 PDT
Because this uses header information not available on the open source builders I’ve had to guard and include the specific pieces that are necessary. The updated patch will work on both internal and external builders (and create the same result).
Build Bot
Comment 7 2013-08-22 18:19:37 PDT
Comment on attachment 209413 [details] Patch Attachment 209413 [details] did not pass mac-wk2-ews (mac-wk2): Output: http://webkit-queues.appspot.com/results/1546130
Build Bot
Comment 8 2013-08-22 18:34:29 PDT
Comment on attachment 209413 [details] Patch Attachment 209413 [details] did not pass mac-ews (mac): Output: http://webkit-queues.appspot.com/results/1555092
Simon Cooper
Comment 9 2013-08-22 20:05:08 PDT
Created attachment 209426 [details] Patch
Simon Cooper
Comment 10 2013-08-22 20:08:13 PDT
The file is Objective-C++ but sandbox_check() is a C function, so need to declare it correctly for the open source webkit builders.
WebKit Commit Bot
Comment 11 2013-08-22 21:38:51 PDT
Comment on attachment 209426 [details] Patch Clearing flags on attachment: 209426 Committed r154473: <http://trac.webkit.org/changeset/154473>
WebKit Commit Bot
Comment 12 2013-08-22 21:38:53 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.