Bug 209302 - Remove Mobile Asset access from the WebContent process
Summary: Remove Mobile Asset access from the WebContent process
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebKit2 (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Brent Fulgham
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2020-03-19 13:44 PDT by Brent Fulgham
Modified: 2020-03-19 15:45 PDT (History)
3 users (show)

See Also:

Attachments
Patch (5.25 KB, patch)
2020-03-19 13:51 PDT, Brent Fulgham 		no flags Details | Formatted Diff | Diff
Patch for landing (5.77 KB, patch)
2020-03-19 14:58 PDT, Brent Fulgham 		no flags Details | Formatted Diff | Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Brent Fulgham 2020-03-19 13:44:15 PDT 
We no longer need access to the Mobile Asset service, and should deny access from the WebContent sandbox.
Comment 1 Brent Fulgham 2020-03-19 13:51:49 PDT 
Created attachment 394017 [details]
Patch
Comment 2 Radar WebKit Bug Importer 2020-03-19 13:52:35 PDT 
<rdar://problem/60650301>
Comment 3 Per Arne Vollan 2020-03-19 14:37:54 PDT 
Comment on attachment 394017 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=394017&action=review

R=me.

> Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:-119
> -        (allow mach-lookup (with telemetry-backtrace)
> -               (global-name "com.apple.mobileassetd" "com.apple.mobileassetd.v2"))

Should we deny (with telemetry-backtrace), in case there are some really rare cases of access we didn't catch?
Comment 4 Brent Fulgham 2020-03-19 14:58:04 PDT 
Created attachment 394026 [details]
Patch for landing
Comment 5 Brent Fulgham 2020-03-19 14:58:32 PDT 
(In reply to Per Arne Vollan from comment #3)
> Comment on attachment 394017 [details]
> Patch
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=394017&action=review
> 
> R=me.
> 
> > Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:-119
> > -        (allow mach-lookup (with telemetry-backtrace)
> > -               (global-name "com.apple.mobileassetd" "com.apple.mobileassetd.v2"))
> 
> Should we deny (with telemetry-backtrace), in case there are some really
> rare cases of access we didn't catch?

Good idea -- I've done so in the patch for cq.
Comment 6 EWS 2020-03-19 15:45:02 PDT 
Committed r258736: <https://trac.webkit.org/changeset/258736>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 394026 [details].