RESOLVED FIXED 172151
[WK2][macOS] Adopt a whitelist for XPC services 
https://bugs.webkit.org/show_bug.cgi?id=172151
Summary [WK2][macOS] Adopt a whitelist for XPC services
Brent Fulgham
Reported 2017-05-15 17:44:39 PDT
Lock down the sandbox further by denying XPC services access by default, and only permitting connections to things we need to access.
Attachments
Patch (5.44 KB, patch)
2017-05-15 17:59 PDT, Brent Fulgham 		no flags
DetailsFormatted DiffDiff
Patch v2 (5.18 KB, patch)
2017-05-15 18:29 PDT, Brent Fulgham 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Brent Fulgham
Comment 1 2017-05-15 17:59:22 PDT
Created attachment 310199 [details] Patch
Brent Fulgham
Comment 2 2017-05-15 18:29:15 PDT
Created attachment 310203 [details] Patch v2
Brent Fulgham
Comment 3 2017-05-15 18:29:34 PDT
Comment on attachment 310203 [details] Patch v2 Revised patch -- some of the XPC services granted to the plugin process were not needed.
WebKit Commit Bot
Comment 4 2017-05-16 12:09:09 PDT
Comment on attachment 310203 [details] Patch v2 Clearing flags on attachment: 310203 Committed r216941: <http://trac.webkit.org/changeset/216941>
WebKit Commit Bot
Comment 5 2017-05-16 12:09:11 PDT
All reviewed patches have been landed. Closing bug.
Brent Fulgham
Comment 6 2017-05-16 12:10:16 PDT
<rdar://problem/31916325>
Note You need to log in before you can comment on or make changes to this bug.