Deny mach-lookup to the service 'com.apple.trustd.agent' in the WebContent process on macOS.
<rdar://68935818>
Created attachment 419729 [details] Patch
Comment on attachment 419729 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=419729&action=review r=me > Source/WebKit/WebProcess/com.apple.WebProcess.sb.in:-1090 > - (global-name "com.apple.trustd.agent") Do we need to allow this for older OS'es? Or is the dynamic extension used on all shipping platforms?
(In reply to Brent Fulgham from comment #3) > Comment on attachment 419729 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=419729&action=review > > r=me > > > Source/WebKit/WebProcess/com.apple.WebProcess.sb.in:-1090 > > - (global-name "com.apple.trustd.agent") > > Do we need to allow this for older OS'es? Or is the dynamic extension used > on all shipping platforms? Yes, the dynamic extension should be in place for older OS'es as well. Thanks for reviewing!
Committed r272585: <https://commits.webkit.org/r272585> All reviewed patches have been landed. Closing bug and clearing flags on attachment 419729 [details].