RESOLVED FIXED 231594
Restrict "darwin-notification-post" to a minimal set in the WP sandbox 
https://bugs.webkit.org/show_bug.cgi?id=231594
Summary Restrict "darwin-notification-post" to a minimal set in the WP sandbox
Per Arne Vollan
Reported 2021-10-12 10:34:36 PDT
Restrict "darwin-notification-post" to a minimal set in the WP sandbox on macOS and iOS.
Attachments
Patch (2.98 KB, patch)
2021-10-13 09:08 PDT, Per Arne Vollan 		bfulgham: review+
DetailsFormatted DiffDiff
Patch (2.95 KB, patch)
2021-10-13 11:19 PDT, Per Arne Vollan 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Per Arne Vollan
Comment 1 2021-10-12 10:42:03 PDT
<rdar://66586792>
Per Arne Vollan
Comment 2 2021-10-13 09:08:58 PDT
Created attachment 441088 [details] Patch
Brent Fulgham
Comment 3 2021-10-13 10:12:43 PDT
Comment on attachment 441088 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=441088&action=review r=me > Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in:1577 > +(allow darwin-notification-post (with telemetry) Do we need to collect telemetry on the items we allow? Presumably we allow them because we know we need them?
Per Arne Vollan
Comment 4 2021-10-13 11:16:41 PDT
(In reply to Brent Fulgham from comment #3) > Comment on attachment 441088 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=441088&action=review > > r=me > > > Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in:1577 > > +(allow darwin-notification-post (with telemetry) > > Do we need to collect telemetry on the items we allow? Presumably we allow > them because we know we need them? Yes, that is a good point; I'll remove the telemetry. Thanks for reviewing!
Per Arne Vollan
Comment 5 2021-10-13 11:19:33 PDT
Created attachment 441111 [details] Patch
EWS
Comment 6 2021-10-13 12:05:44 PDT
Committed r284119 (242939@main): <https://commits.webkit.org/242939@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 441111 [details].
Note You need to log in before you can comment on or make changes to this bug.