179674 – Consolidate sysctl-read rules in WebProcess sandbox

Bug 179674 - Consolidate sysctl-read rules in WebProcess sandbox

Summary: Consolidate sysctl-read rules in WebProcess sandbox

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebKit2 (show other bugs)
Version:	WebKit Nightly Build
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Brent Fulgham

URL:
Keywords:	InRadar

Depends on:	179548
Blocks:
	Show dependency tree / graph

Reported:	2017-11-14 10:38 PST by Brent Fulgham
Modified:	2017-11-14 12:09 PST (History)
CC List:	4 users (show)

See Also:

Attachments
Patch (2.72 KB, patch) 2017-11-14 10:48 PST, Brent Fulgham	no flags	Details \| Formatted Diff \| Diff
Patch (2.73 KB, patch) 2017-11-14 11:31 PST, Brent Fulgham	dino: review+	Details \| Formatted Diff \| Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Brent Fulgham 2017-11-14 10:38:59 PST

Consolidate the various sysctl-read rules we imported from 'system.sb' sandbox in Bug 179548 into our WebContent sandbox.

This will allow us to tighten things down further than we could using the global sandbox.

<rdar://problem/35367154>

Comment 1 Brent Fulgham 2017-11-14 10:48:26 PST

Created attachment 326890 [details]
Patch

Comment 2 Brent Fulgham 2017-11-14 11:31:33 PST

Created attachment 326897 [details]
Patch

Comment 3 Brent Fulgham 2017-11-14 12:09:57 PST

Committed r224830: <https://trac.webkit.org/changeset/224830>