179674 – Consolidate sysctl-read rules in WebProcess sandbox

RESOLVED FIXED 179674

Consolidate sysctl-read rules in WebProcess sandbox

https://bugs.webkit.org/show_bug.cgi?id=179674

Summary Consolidate sysctl-read rules in WebProcess sandbox

Brent Fulgham

Reported 2017-11-14 10:38:59 PST

Consolidate the various sysctl-read rules we imported from 'system.sb' sandbox in Bug 179548 into our WebContent sandbox. This will allow us to tighten things down further than we could using the global sandbox. <rdar://problem/35367154>

Attachments
Patch (2.72 KB, patch) 2017-11-14 10:48 PST, Brent Fulgham	no flags	Details Formatted Diff Diff
Patch (2.73 KB, patch) 2017-11-14 11:31 PST, Brent Fulgham	dino: review+	Details Formatted Diff Diff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.

Brent Fulgham

Comment 1 2017-11-14 10:48:26 PST

Created attachment 326890 [details] Patch

Brent Fulgham

Comment 2 2017-11-14 11:31:33 PST

Created attachment 326897 [details] Patch

Brent Fulgham

Comment 3 2017-11-14 12:09:57 PST

Committed r224830: <https://trac.webkit.org/changeset/224830>

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Nightly Build

Hardware Unspecified

OS Unspecified

Product WebKit

Component WebKit2

Assignee

Brent Fulgham

Reported

2017-11-14 10:38 PST

Modified

2017-11-14 12:09 PST History

CC List

4 users Show

URL

Keywords InRadar

Depends on

179548

Blocks

Dependencies

tree graph