Based on telemetry, remove access to unused sysctl properties in the GPU process' sandbox on macOS.
<rdar://problem/84679628>
Created attachment 442527 [details] Patch
Comment on attachment 442527 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=442527&action=review > Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in:173 > -(deny sysctl*) > +(deny sysctl* (with telemetry)) This change is not mentioned in the change log. What’s the rationale?
(In reply to Darin Adler from comment #3) > Comment on attachment 442527 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=442527&action=review > > > Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in:173 > > -(deny sysctl*) > > +(deny sysctl* (with telemetry)) > > This change is not mentioned in the change log. What’s the rationale? This is to get telemetry for sysctl properties we might need to add in the future when new features being are added to the GPU process. Thanks for reviewing!
Comment on attachment 442527 [details] Patch Thanks for reviewing!
Committed r285606 (244110@main): <https://commits.webkit.org/244110@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 442527 [details].