RESOLVED FIXED 203697
[iOS] Fix mach lookup sandbox violations in the Mail app 
https://bugs.webkit.org/show_bug.cgi?id=203697
Summary [iOS] Fix mach lookup sandbox violations in the Mail app
Per Arne Vollan
Reported 2019-10-31 13:59:08 PDT
The following services are being used by the Mail app, and needs to be allowed. 1) com.apple.logd.events 2) com.apple.distributed_notifications@1v3
Attachments
Patch (1.44 KB, patch)
2019-10-31 14:03 PDT, Per Arne Vollan 		no flags
DetailsFormatted DiffDiff
Patch (1.61 KB, patch)
2019-10-31 14:32 PDT, Per Arne Vollan 		ap: review+
DetailsFormatted DiffDiff
Patch (1.69 KB, patch)
2019-10-31 16:30 PDT, Per Arne Vollan 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Per Arne Vollan
Comment 1 2019-10-31 13:59:30 PDT
rdar://problem/56765698
Per Arne Vollan
Comment 2 2019-10-31 14:03:38 PDT
Created attachment 382499 [details] Patch
Per Arne Vollan
Comment 3 2019-10-31 14:32:09 PDT
Created attachment 382501 [details] Patch
Alexey Proskuryakov
Comment 4 2019-10-31 16:19:08 PDT
Comment on attachment 382501 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=382501&action=review > Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:624 > +(allow mach-lookup > (global-name "com.apple.logd.events")) > > (allow mach-lookup > + (global-name "com.apple.distributed_notifications@1v3")) > + > +(allow mach-lookup > + (global-name "com.apple.aggregated")) > + > +(allow mach-lookup > (global-name "com.apple.cfprefsd.daemon")) Should these all be combined into one "allow mach-lookup" expression?
Per Arne Vollan
Comment 5 2019-10-31 16:30:50 PDT
Created attachment 382518 [details] Patch
Per Arne Vollan
Comment 6 2019-10-31 16:33:17 PDT
(In reply to Alexey Proskuryakov from comment #4) > Comment on attachment 382501 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=382501&action=review > > > Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:624 > > +(allow mach-lookup > > (global-name "com.apple.logd.events")) > > > > (allow mach-lookup > > + (global-name "com.apple.distributed_notifications@1v3")) > > + > > +(allow mach-lookup > > + (global-name "com.apple.aggregated")) > > + > > +(allow mach-lookup > > (global-name "com.apple.cfprefsd.daemon")) > > Should these all be combined into one "allow mach-lookup" expression? Done. Thanks for reviewing!
WebKit Commit Bot
Comment 7 2019-10-31 17:32:04 PDT
Comment on attachment 382518 [details] Patch Clearing flags on attachment: 382518 Committed r251897: <https://trac.webkit.org/changeset/251897>
Note You need to log in before you can comment on or make changes to this bug.