Bug 193123 - [iOS] Silently deny access to mail settings triggered by MessageUI framework
Summary: [iOS] Silently deny access to mail settings triggered by MessageUI framework
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebKit2 (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Brent Fulgham
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2019-01-03 12:58 PST by Brent Fulgham
Modified: 2019-01-04 08:45 PST (History)
5 users (show)

See Also:

Attachments
Patch (1.71 KB, patch)
2019-01-03 13:02 PST, Brent Fulgham 		no flags Details | Formatted Diff | Diff
Patch (1.80 KB, patch)
2019-01-03 17:18 PST, Brent Fulgham 		ap: review+
ews-watchlist: commit-queue-
Details | Formatted Diff | Diff
Archive of layout-test-results from ews122 for ios-simulator-wk2 (2.59 MB, application/zip)
2019-01-03 18:53 PST, EWS Watchlist 		no flags Details
Show Obsolete (2) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Brent Fulgham 2019-01-03 12:58:14 PST 
The MessageUI framework has start-up code that checks for some mail features. These checks are only needed/used for Mail, but are getting called (and denied) for unrelated applications that use WebKit.

Remove this logging spew (so we can find real problems) by telling our sandbox system not to notify us that it has (as expected) blocked this access.
Comment 1 Brent Fulgham 2019-01-03 12:59:11 PST 
<rdar://problem/42485581>
Comment 2 Brent Fulgham 2019-01-03 13:02:51 PST 
Created attachment 358274 [details]
Patch
Comment 3 Alexey Proskuryakov 2019-01-03 13:53:20 PST 
Comment on attachment 358274 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=358274&action=review

> Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:158
> +;; Silently deny unnecessary accesses caused by MessageUI framework.

Is there a radar that tracks fixing this in MessageUI, so that we could remove the hack in the future? Silencing sandbox violations is not clean software design.
Comment 4 Brent Fulgham 2019-01-03 17:17:53 PST 
Comment on attachment 358274 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=358274&action=review

>> Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:158
>> +;; Silently deny unnecessary accesses caused by MessageUI framework.
> 
> Is there a radar that tracks fixing this in MessageUI, so that we could remove the hack in the future? Silencing sandbox violations is not clean software design.

Yes: I'll add the relevant radar to this comment so we know to remove it in the future.
Comment 5 Brent Fulgham 2019-01-03 17:18:14 PST 
Created attachment 358294 [details]
Patch
Comment 6 Alexey Proskuryakov 2019-01-03 17:36:30 PST 
Comment on attachment 358294 [details]
Patch

r=me assuming that you tested the fix. I do not know if MessageUI reads the preference using direct file access or via cfprefsd, and what this change would do in the latter case.
Comment 7 EWS Watchlist 2019-01-03 18:53:21 PST 
Comment on attachment 358294 [details]
Patch

Attachment 358294 [details] did not pass ios-sim-ews (ios-simulator-wk2):
Output: https://webkit-queues.webkit.org/results/10622461

New failing tests:
imported/w3c/web-platform-tests/webrtc/simplecall.https.html
Comment 8 EWS Watchlist 2019-01-03 18:53:23 PST 
Created attachment 358301 [details]
Archive of layout-test-results from ews122 for ios-simulator-wk2

The attached test failures were seen while running run-webkit-tests on the ios-sim-ews.
Bot: ews122  Port: ios-simulator-wk2  Platform: Mac OS X 10.13.6
Comment 9 Brent Fulgham 2019-01-04 08:45:06 PST 
Committed r239611: <https://trac.webkit.org/changeset/239611>