We now dynamically connect to the 'com.apple.lsd.open' mach service when clients need it, so we no longer need the global permission to use the service. We should remove it from our sandbox.
<rdar://problem/56995506>
Created attachment 390665 [details] Patch
Comment on attachment 390665 [details] Patch R=me. There still seems to be some rare cases of access to lsd.open from the WebContent process. Should we hold off landing until we have a backtrace for those accesses?
Created attachment 391992 [details] Patch for landing
The commit-queue encountered the following flaky tests while processing attachment 391992 [details]: editing/spelling/spellcheck-async-remove-frame.html bug 158401 (authors: morrita@google.com, rniwa@webkit.org, and tony@chromium.org) The commit-queue is continuing to process your patch.
The commit-queue encountered the following flaky tests while processing attachment 391992 [details]: editing/spelling/spellcheck-input-search-crash.html bug 207995 (authors: arv@chromium.org, g.czajkowski@samsung.com, mark.lam@apple.com, and morrita@google.com) The commit-queue is continuing to process your patch.
The commit-queue encountered the following flaky tests while processing attachment 391992 [details]: http/tests/security/contentSecurityPolicy/report-status-code-zero-when-using-https.html bug 197297 (author: dbates@webkit.org) The commit-queue is continuing to process your patch.
Comment on attachment 391992 [details] Patch for landing Clearing flags on attachment: 391992 Committed r257650: <https://trac.webkit.org/changeset/257650>
All reviewed patches have been landed. Closing bug.