214825 – Remember to check entitlement before communicating over XPC

Bug 214825 - Remember to check entitlement before communicating over XPC

Summary: Remember to check entitlement before communicating over XPC

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebKit Misc. (show other bugs)
Version:	WebKit Nightly Build
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Per Arne Vollan

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2020-07-27 06:47 PDT by Per Arne Vollan
Modified:	2020-07-30 09:37 PDT (History)
CC List:	3 users (show)

See Also:

Attachments
Patch (2.81 KB, patch) 2020-07-27 06:52 PDT, Per Arne Vollan	no flags	Details \| Formatted Diff \| Diff
Patch (3.66 KB, patch) 2020-07-28 09:36 PDT, Per Arne Vollan	no flags	Details \| Formatted Diff \| Diff
Patch (4.34 KB, patch) 2020-07-28 14:01 PDT, Per Arne Vollan	no flags	Details \| Formatted Diff \| Diff
Patch (5.93 KB, patch) 2020-07-29 06:27 PDT, Per Arne Vollan	bfulgham: review+	Details \| Formatted Diff \| Diff
Patch (6.01 KB, patch) 2020-07-30 07:22 PDT, Per Arne Vollan	no flags	Details \| Formatted Diff \| Diff
Show Obsolete (3) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Per Arne Vollan 2020-07-27 06:47:07 PDT

Remember to check entitlement before communicating over XPC with another WebKit process. This needs to be done to make sure that it really is a WebKit process on the other end.

Comment 1 Per Arne Vollan 2020-07-27 06:52:54 PDT

Created attachment 405271 [details]
Patch

Comment 2 Per Arne Vollan 2020-07-28 09:36:53 PDT

Created attachment 405366 [details]
Patch

Comment 3 Per Arne Vollan 2020-07-28 09:37:14 PDT

Thanks for reviewing!

Comment 4 Per Arne Vollan 2020-07-28 14:01:33 PDT

Created attachment 405410 [details]
Patch

Comment 5 Per Arne Vollan 2020-07-29 06:27:30 PDT

Created attachment 405453 [details]
Patch

Comment 6 Brent Fulgham 2020-07-29 08:33:13 PDT

Comment on attachment 405453 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=405453&action=review

R=me

> Source/WebKit/Shared/Cocoa/XPCEndpoint.mm:47
> +                WTFLogAlways("Audit token does not have required entitlement");

Should we just say what entitlement in the error message?

Comment 7 Per Arne Vollan 2020-07-30 07:22:59 PDT

Created attachment 405569 [details]
Patch

Comment 8 Per Arne Vollan 2020-07-30 07:23:28 PDT

(In reply to Brent Fulgham from comment #6)
> Comment on attachment 405453 [details]
> Patch
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=405453&action=review
> 
> R=me
> 
> > Source/WebKit/Shared/Cocoa/XPCEndpoint.mm:47
> > +                WTFLogAlways("Audit token does not have required entitlement");
> 
> Should we just say what entitlement in the error message?

Fixed.

Thanks for reviewing!

Comment 9 EWS 2020-07-30 09:36:34 PDT

Committed r265087: <https://trac.webkit.org/changeset/265087>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 405569 [details].

Comment 10 Radar WebKit Bug Importer 2020-07-30 09:37:18 PDT

<rdar://problem/66331689>