Bug 221336 - [macOS] Remove access to com.apple.cvmsServ
Summary: [macOS] Remove access to com.apple.cvmsServ
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebKit Misc. (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Per Arne Vollan
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2021-02-03 09:12 PST by Per Arne Vollan
Modified: 2021-02-03 10:39 PST (History)
2 users (show)

See Also:

Attachments
Patch (1.26 KB, patch)
2021-02-03 09:17 PST, Per Arne Vollan 		no flags Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Per Arne Vollan 2021-02-03 09:12:03 PST 
Remove access to com.apple.cvmsServ in the WebContent process when the GPU Process is enabled.
Comment 1 Per Arne Vollan 2021-02-03 09:15:53 PST 
<rdar://problem/70495789>
Comment 2 Per Arne Vollan 2021-02-03 09:17:26 PST 
Created attachment 419148 [details]
Patch
Comment 3 Brent Fulgham 2021-02-03 10:28:34 PST 
Comment on attachment 419148 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=419148&action=review

> Source/WebKit/WebProcess/com.apple.WebProcess.sb.in:118
> +    (deny mach-lookup

Is this safe to do on older OS? Should we move the precompile checks around this so we deny on 11+, but allow on older systems?
Comment 4 Brent Fulgham 2021-02-03 10:30:13 PST 
Comment on attachment 419148 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=419148&action=review

r=me

>> Source/WebKit/WebProcess/com.apple.WebProcess.sb.in:118
>> +    (deny mach-lookup
> 
> Is this safe to do on older OS? Should we move the precompile checks around this so we deny on 11+, but allow on older systems?

Oh! never mind. I see that this is only when the service is not extended.
Comment 5 Per Arne Vollan 2021-02-03 10:34:20 PST 
Comment on attachment 419148 [details]
Patch

Thanks for reviewing!
Comment 6 EWS 2021-02-03 10:39:07 PST 
Committed r272329: <https://trac.webkit.org/changeset/272329>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 419148 [details].