218982 – [macOS] The WebContent sandbox does not apply for open source builds

RESOLVED FIXED 218982

[macOS] The WebContent sandbox does not apply for open source builds

https://bugs.webkit.org/show_bug.cgi?id=218982

Summary [macOS] The WebContent sandbox does not apply for open source builds

Per Arne Vollan

Reported 2020-11-16 07:09:37 PST

The WebContent sandbox does not apply for open source builds on macOS, since it has enabled message filtering, which requires a private entitlement.

Attachments
Patch (6.79 KB, patch) 2020-11-16 07:12 PST, Per Arne Vollan	ap: review+	Details Formatted Diff Diff
Patch (7.32 KB, patch) 2020-11-16 10:16 PST, Per Arne Vollan	ews-feeder: commit-queue-	Details Formatted Diff Diff
Patch (7.36 KB, patch) 2020-11-16 10:29 PST, Per Arne Vollan	no flags	Details Formatted Diff Diff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.

Per Arne Vollan

Comment 1 2020-11-16 07:12:18 PST

Created attachment 414232 [details] Patch

Alexey Proskuryakov

Comment 2 2020-11-16 09:27:50 PST

Comment on attachment 414232 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=414232&action=review > Source/WebKit/WebProcess/com.apple.WebProcess.sb.in:115 > +#if USE(APPLE_INTERNAL_SDK) && __MAC_OS_X_VERSION_MIN_REQUIRED > 110000 It may be nicer to add and use HAVE(SANDBOX_MESSAGE_FILTERING) instead of version checks everywhere.

Per Arne Vollan

Comment 3 2020-11-16 09:55:45 PST

(In reply to Alexey Proskuryakov from comment #2) > Comment on attachment 414232 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=414232&action=review > > > Source/WebKit/WebProcess/com.apple.WebProcess.sb.in:115 > > +#if USE(APPLE_INTERNAL_SDK) && __MAC_OS_X_VERSION_MIN_REQUIRED > 110000 > > It may be nicer to add and use HAVE(SANDBOX_MESSAGE_FILTERING) instead of > version checks everywhere. Ah, good point, will fix. Thanks for reviewing!

Per Arne Vollan

Comment 4 2020-11-16 10:16:30 PST

Created attachment 414247 [details] Patch

Per Arne Vollan

Comment 5 2020-11-16 10:29:42 PST

Created attachment 414250 [details] Patch

EWS

Comment 6 2020-11-16 11:53:06 PST

Committed r269867: <https://trac.webkit.org/changeset/269867> All reviewed patches have been landed. Closing bug and clearing flags on attachment 414250 [details].

Radar WebKit Bug Importer

Comment 7 2020-11-16 11:54:17 PST

<rdar://problem/71451891>

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Nightly Build

Hardware Unspecified

OS Unspecified

Product WebKit

Component WebKit Misc.

Assignee

Per Arne Vollan

Reported

2020-11-16 07:09 PST

Modified

2020-11-16 11:54 PST History

CC List

7 users Show

URL

Keywords InRadar

Depends on

Blocks