RESOLVED FIXED 206031
[macOS] Issue sandbox extension to "com.apple.nesessionmanager" prior to 10.15 
https://bugs.webkit.org/show_bug.cgi?id=206031
Summary [macOS] Issue sandbox extension to "com.apple.nesessionmanager" prior to 10.15
Per Arne Vollan
Reported 2020-01-09 13:35:08 PST
We currently issue an extension to "com.apple.nesessionmanager.content-filter" on macOS, but this should be "com.apple.nesessionmanager" prior to macOS 10.15.
Attachments
Patch (1.98 KB, patch)
2020-01-09 17:40 PST, Brent Fulgham 		no flags
DetailsFormatted DiffDiff
Patch (2.84 KB, patch)
2020-01-10 09:24 PST, Brent Fulgham 		pvollan: review+
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2020-01-09 13:35:38 PST
<rdar://problem/58455467>
Brent Fulgham
Comment 2 2020-01-09 17:40:44 PST
Created attachment 387298 [details] Patch
Brent Fulgham
Comment 3 2020-01-09 17:42:40 PST
Note: A new test that covers this behavior is part of Bug 206025.
Brent Fulgham
Comment 4 2020-01-10 08:37:10 PST
WK1 failure is due to bot unable to download content. iOS-wk2 failure can't be related, since this code change is not compiled on iOS.
Per Arne Vollan
Comment 5 2020-01-10 09:05:29 PST
Comment on attachment 387298 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=387298&action=review > Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm:338 > + SandboxExtension::createHandleForMachLookup("com.apple.nesessionmanager", WTF::nullopt, handle); I believe you also need the sevice in the sandbox, in the mach lookup extension rule.
Brent Fulgham
Comment 6 2020-01-10 09:10:38 PST
(In reply to Per Arne Vollan from comment #5) > Comment on attachment 387298 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=387298&action=review > > > Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm:338 > > + SandboxExtension::createHandleForMachLookup("com.apple.nesessionmanager", WTF::nullopt, handle); > > I believe you also need the sevice in the sandbox, in the mach lookup > extension rule. Ah! Yes, you are right. I'll fix that.
Brent Fulgham
Comment 7 2020-01-10 09:24:29 PST
Created attachment 387347 [details] Patch
Per Arne Vollan
Comment 8 2020-01-10 09:29:14 PST
Comment on attachment 387347 [details] Patch Great! R=me.
Brent Fulgham
Comment 9 2020-01-10 09:53:01 PST
Committed r254343: <https://trac.webkit.org/changeset/254343>
Note You need to log in before you can comment on or make changes to this bug.