RESOLVED FIXED 187831
[macOS] Relax WebKit sandbox to permit proper App Store behavior 
https://bugs.webkit.org/show_bug.cgi?id=187831
Summary [macOS] Relax WebKit sandbox to permit proper App Store behavior
Brent Fulgham
Reported 2018-07-19 17:11:48 PDT
The Mac App Store is unable to perform some gift card redemption tasks on Mojave due to missing sandbox permissions: 1. We need to allow TCC checking in the plugin process so that the user can permit the camera to be activated. 2. We need to allow connections to com.apple.assertiond.processassertionconnection. 3. We need to allow commerce kit preferences to be read in the WebContent process. This patch adds those permissions.
Attachments
Patch (2.70 KB, patch)
2018-07-19 17:14 PDT, Brent Fulgham 		no flags
DetailsFormatted DiffDiff
Patch for landing (1.95 KB, patch)
2018-07-20 10:25 PDT, Brent Fulgham 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Brent Fulgham
Comment 1 2018-07-19 17:12:44 PDT
<rdar://problem/42047455>
Brent Fulgham
Comment 2 2018-07-19 17:14:39 PDT
Created attachment 345406 [details] Patch
Alexey Proskuryakov
Comment 3 2018-07-19 17:52:11 PDT
Comment on attachment 345406 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=345406&action=review > Source/WebKit/PluginProcess/mac/com.apple.WebKit.plugin-common.sb.in:370 > + (global-name "com.apple.assertiond.processassertionconnection") Is this part of this particular fix? > Source/WebKit/PluginProcess/mac/com.apple.WebKit.plugin-common.sb.in:395 > + (global-name "com.apple.tccd") Do we want this here, or specifically in com.apple.appstore.CodeRedeemerNetscapePlugin.sb?
Brent Fulgham
Comment 4 2018-07-20 08:50:23 PDT
(In reply to Alexey Proskuryakov from comment #3) > Comment on attachment 345406 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=345406&action=review > > > Source/WebKit/PluginProcess/mac/com.apple.WebKit.plugin-common.sb.in:370 > > + (global-name "com.apple.assertiond.processassertionconnection") > > Is this part of this particular fix? Yes -- this was on the advice of the sandboxing team (this is apparently needed for many services). > > Source/WebKit/PluginProcess/mac/com.apple.WebKit.plugin-common.sb.in:395 > > + (global-name "com.apple.tccd") > > Do we want this here, or specifically in > com.apple.appstore.CodeRedeemerNetscapePlugin.sb? I think making it possible for any plugin to talk to the TCC service is good, since anything that wants to request camera/microphone access needs TCC to give it permission.
Alexey Proskuryakov
Comment 5 2018-07-20 09:48:00 PDT
Comment on attachment 345406 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=345406&action=review > Source/WebKit/WebProcess/com.apple.WebProcess.sb.in:476 > + "com.apple.commerce" ;; <rdar://problem/42047455> Please explain in that radar why this is needed.
Alexey Proskuryakov
Comment 6 2018-07-20 09:49:00 PDT
> I think making it possible for any plugin to talk to the TCC service is good, since anything that wants to request camera/microphone access needs TCC to give it permission. Is camera/microphone broken in Flash right now? If so, then the fix is much bigger than what its title implies. And if not, then something strange is going on.
Brent Fulgham
Comment 7 2018-07-20 10:20:25 PDT
(In reply to Alexey Proskuryakov from comment #5) > Comment on attachment 345406 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=345406&action=review > > > Source/WebKit/WebProcess/com.apple.WebProcess.sb.in:476 > > + "com.apple.commerce" ;; <rdar://problem/42047455> > > Please explain in that radar why this is needed. I just spoke with the store folks and they don't think this is needed. I'll remove it from the patch.
Brent Fulgham
Comment 8 2018-07-20 10:25:22 PDT
Created attachment 345456 [details] Patch for landing
WebKit Commit Bot
Comment 9 2018-07-20 10:45:45 PDT
Comment on attachment 345456 [details] Patch for landing Clearing flags on attachment: 345456 Committed r234054: <https://trac.webkit.org/changeset/234054>
WebKit Commit Bot
Comment 10 2018-07-20 10:45:47 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.