RESOLVED FIXED Bug 165332
[Mac] Update sandbox profiles to use modern syntax and avoid duplication 
https://bugs.webkit.org/show_bug.cgi?id=165332
Summary [Mac] Update sandbox profiles to use modern syntax and avoid duplication
Brent Fulgham
Reported 2016-12-02 13:48:56 PST
Clean up the WebKit Sandbox rules to use the modern syntax: Change from: ;; Read-only preferences and data (allow file-read* … (home-literal "/Library/Preferences/com.apple.ATS.plist") (home-literal "/Library/Preferences/com.apple.CoreGraphics.plist") etc. To: (allow user-preference-read (preference-domain “com.apple.ATS” “com.apple.CoreGraphics” etc.)) Also get rid of duplicated macro and function definitions that are part of the core sandbox language.
Attachments
Patch (17.99 KB, patch)
2016-12-02 13:51 PST, Brent Fulgham 		no flags
DetailsFormatted DiffDiff
Patch (17.62 KB, patch)
2016-12-02 13:53 PST, Brent Fulgham 		andersca: review+
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Brent Fulgham
Comment 1 2016-12-02 13:49:15 PST
<rdar://problem/26898991>
Brent Fulgham
Comment 2 2016-12-02 13:51:48 PST
Created attachment 295992 [details] Patch
Brent Fulgham
Comment 3 2016-12-02 13:53:33 PST
Created attachment 295995 [details] Patch
Brent Fulgham
Comment 4 2016-12-02 14:40:34 PST
Note: The changes in these sandbox profiles have been confirmed (with the Sandbox team) to be compatible with macOS 10.9 and newer.
Brent Fulgham
Comment 5 2016-12-02 15:21:43 PST
Committed r209280: <http://trac.webkit.org/changeset/209280>
Note You need to log in before you can comment on or make changes to this bug.