The change in Bug 220927 was not implemented correctly: we should have gated access to /dev/dtracehelper on whether SIP disabled, not on AppleInternal. We should likewise allow OpenGL Profiler to attach if SIP is disabled.
<rdar://73893768>
Created attachment 419460 [details] Patch
Comment on attachment 419460 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=419460&action=review Great! R=me. > Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm:710 > + dispatch_once(&onceToken, ^{ > + isSIPDisabled = !csr_check(CSR_DISABLE_FLAGS); Since this only seems to be called on the main thread, I think the dispatch_once is not needed.
(In reply to Brent Fulgham from comment #2) > Created attachment 419460 [details] > Patch On second thought, none of the SIP flags seem related to the GL profiler, so let's leave that for future consideration. Also, it turns out the Sandbox already has features to check CSR.
Created attachment 419469 [details] Patch
Comment on attachment 419469 [details] Patch R=me.
Created attachment 419471 [details] Patch
Comment on attachment 419471 [details] Patch R=me.
Created attachment 419473 [details] Patch for landing
I confirmed that the CSR filter has been present since 2015, so we are safe to adopt without conditionals.
Committed r272449: <https://trac.webkit.org/changeset/272449> All reviewed patches have been landed. Closing bug and clearing flags on attachment 419473 [details].