This rule is most likely not needed, since we have already blocked all of its associated mach services, and no issues have been reported.
Created attachment 377725 [details] Patch
Comment on attachment 377725 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=377725&action=review > Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:-413 > - (global-name "com.apple.FileCoordination") > - (global-name "com.apple.FileProvider") Are all of these changes intended for this patch?
(In reply to Alexey Proskuryakov from comment #2) > Comment on attachment 377725 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=377725&action=review > > > Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:-413 > > - (global-name "com.apple.FileCoordination") > > - (global-name "com.apple.FileProvider") > > Are all of these changes intended for this patch? Yes, as part of removing the ubiquity rule, the explicit deny of these services are not needed anymore. Thanks for reviewing!
<rdar://problem/56347708>
Comment on attachment 377725 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=377725&action=review > Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:-456 > - (global-name "com.apple.quicklook.ThumbnailsAgent") Please make sure to test Mail.app after these changes (especially with attachments).
(In reply to Brent Fulgham from comment #5) > Comment on attachment 377725 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=377725&action=review > > > Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:-456 > > - (global-name "com.apple.quicklook.ThumbnailsAgent") > > Please make sure to test Mail.app after these changes (especially with > attachments). Will do. Thanks for reviewing!
Comment on attachment 377725 [details] Patch Rejecting attachment 377725 [details] from commit-queue. Failed to run "['/Volumes/Data/EWS/WebKit/Tools/Scripts/webkit-patch', '--status-host=webkit-queues.webkit.org', '--bot-id=webkit-cq-01', 'apply-attachment', '--no-update', '--non-interactive', 377725, '--port=mac']" exit_code: 2 cwd: /Volumes/Data/EWS/WebKit Logging in as commit-queue@webkit.org... Fetching: https://bugs.webkit.org/attachment.cgi?id=377725&action=edit Fetching: https://bugs.webkit.org/show_bug.cgi?id=201347&ctype=xml&excludefield=attachmentdata Processing 1 patch from 1 bug. Processing patch 377725 from bug 201347. Fetching: https://bugs.webkit.org/attachment.cgi?id=377725 Failed to run "[u'/Volumes/Data/EWS/WebKit/Tools/Scripts/svn-apply', '--force', '--reviewer', u'Brent Fulgham']" exit_code: 1 cwd: /Volumes/Data/EWS/WebKit Parsed 2 diffs from patch file(s). patching file Source/WebKit/ChangeLog Hunk #1 succeeded at 1 with fuzz 3. patching file Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb Hunk #2 succeeded at 402 (offset -4 lines). Hunk #3 FAILED at 409. Hunk #4 succeeded at 427 (offset -3 lines). Hunk #5 succeeded at 442 (offset -3 lines). 1 out of 5 hunks FAILED -- saving rejects to file Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.rej Failed to run "[u'/Volumes/Data/EWS/WebKit/Tools/Scripts/svn-apply', '--force', '--reviewer', u'Brent Fulgham']" exit_code: 1 cwd: /Volumes/Data/EWS/WebKit Full output: https://webkit-queues.webkit.org/results/13141008
Created attachment 381136 [details] Patch
Comment on attachment 381136 [details] Patch Clearing flags on attachment: 381136 Committed r251219: <https://trac.webkit.org/changeset/251219>