WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
225370
[Cocoa] Remove access to the unused 'nvram' system command
https://bugs.webkit.org/show_bug.cgi?id=225370
Summary
[Cocoa] Remove access to the unused 'nvram' system command
Brent Fulgham
Reported
2021-05-04 16:05:17 PDT
Deny access to 'nvram' in the WebKit sandboxes. No API surface interacts with this low-level feature, and other system sandboxes already deny it. It should not have been possible to reach nvram, but there's no reason to allow the sandbox to access it. <
rdar://problem/66583129
>
Attachments
Patch
(5.51 KB, patch)
2021-05-04 16:07 PDT
,
Brent Fulgham
no flags
Details
Formatted Diff
Diff
View All
Add attachment
proposed patch, testcase, etc.
Brent Fulgham
Comment 1
2021-05-04 16:07:49 PDT
Created
attachment 427709
[details]
Patch
Brent Fulgham
Comment 2
2021-05-04 16:35:13 PDT
Confirmed proper function on iOS device and macOS. Waiting for EWS to show any other impact on downlevel platforms.
Per Arne Vollan
Comment 3
2021-05-05 10:02:15 PDT
Comment on
attachment 427709
[details]
Patch R=me.
EWS
Comment 4
2021-05-05 11:43:32 PDT
Committed
r277032
(
237345@main
): <
https://commits.webkit.org/237345@main
> All reviewed patches have been landed. Closing bug and clearing flags on
attachment 427709
[details]
.
Radar WebKit Bug Importer
Comment 5
2021-05-05 11:44:16 PDT
<
rdar://problem/77567746
>
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug