168243 – [WebRTC][Mac][WebKit2] Only expand the sandbox for a specific WebRTC port

Bug 168243 - [WebRTC][Mac][WebKit2] Only expand the sandbox for a specific WebRTC port

Summary: [WebRTC][Mac][WebKit2] Only expand the sandbox for a specific WebRTC port

Status:	NEW

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebRTC (show other bugs)
Version:	WebKit Nightly Build
Hardware:	All macOS 10.12

Importance:	P2 Normal
Assignee:	Nobody

URL:
Keywords:	InRadar

Depends on:	168010
Blocks:
	Show dependency tree / graph

Reported:	2017-02-13 12:12 PST by Brent Fulgham
Modified:	2017-08-24 19:12 PDT (History)
CC List:	4 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Brent Fulgham 2017-02-13 12:12:34 PST

In Bug 168010 we added the ability for the UIProcess to extend the NetworkProcess sandbox to include WebRTC connections.

Currently, we expand the sandbox to encompass all network activity, which is not a great security model. For the complete feature, we need the sandbox to expand just enough to support the WebRTC communication.

This bug tracks that task.

Comment 1 Radar WebKit Bug Importer 2017-02-13 12:17:02 PST

<rdar://problem/30496479>