Bug 209938 - Remove unneeded sandbox access to some file paths
Summary: Remove unneeded sandbox access to some file paths
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebKit Misc. (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Brent Fulgham
Keywords: InRadar
Depends on:
Blocks: 211408
  Show dependency treegraph
Reported: 2020-04-02 16:28 PDT by Brent Fulgham
Modified: 2021-02-15 19:23 PST (History)
3 users (show)

See Also:

Patch (2.51 KB, patch)
2020-04-02 16:30 PDT, Brent Fulgham
no flags Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Brent Fulgham 2020-04-02 16:28:13 PDT
The WebContent process sandbox has historically had access to variations of the /etc/passwd file. This access is not needed in the WebContent process, so we should remove it.
Comment 1 Brent Fulgham 2020-04-02 16:28:36 PDT
Comment 2 Brent Fulgham 2020-04-02 16:30:40 PDT
Created attachment 395320 [details]
Comment 3 Per Arne Vollan 2020-04-03 06:47:58 PDT
Comment on attachment 395320 [details]

Comment 4 EWS 2020-04-03 10:43:26 PDT
Committed r259470: <https://trac.webkit.org/changeset/259470>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 395320 [details].
Comment 5 Brent Fulgham 2020-04-03 15:17:19 PDT
Follow-up build fix:

Committed r259506: <https://trac.webkit.org/changeset/259506>
Comment 6 Brent Fulgham 2020-04-12 13:24:28 PDT
Per Arne fixed iOS here:

Committed r259590: <https://trac.webkit.org/changeset/259590>