RESOLVED FIXED 133750
Restrict database process profile 
https://bugs.webkit.org/show_bug.cgi?id=133750
Summary Restrict database process profile
Oliver Hunt
Reported 2014-06-11 10:59:51 PDT
Restrict database process profile
Attachments
Patch (3.30 KB, patch)
2014-06-11 11:00 PDT, Oliver Hunt 		ap: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Oliver Hunt
Comment 1 2014-06-11 11:00:24 PDT
Created attachment 232875 [details] Patch
Alexey Proskuryakov
Comment 2 2014-06-11 11:32:22 PDT
Comment on attachment 232875 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=232875&action=review > Source/WebKit2/Resources/SandboxProfiles/ios/com.apple.WebKit.Databases.sb:47 > +;; FIXME: Should be removed once <rdar://problem/16329087> is fixed. > +(deny file-write-xattr (xattr "com.apple.quarantine") (with no-log)) Please remove this, there is no quarantine. > Source/WebKit2/Resources/SandboxProfiles/ios/com.apple.WebKit.Databases.sb:50 > +;; Reserve a namespace for additional protected extended attributes. > +(deny file-read-xattr file-write-xattr (xattr-regex #"^com\.apple\.security\.private\.")) Do any iOS profiles have this, or is it an OS X only thing?
Oliver Hunt
Comment 3 2014-06-11 13:24:15 PDT
Committed r169821: <http://trac.webkit.org/changeset/169821>
Note You need to log in before you can comment on or make changes to this bug.