Restrict image decoders in order to enable further sandbox strengthening.
Created attachment 446815 [details] Patch
Created attachment 446980 [details] Patch
Created attachment 446983 [details] Patch
<rdar://problem/86650455>
Comment on attachment 446983 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=446983&action=review r=me > Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm:-451 > - parameters.videoDecoderExtensionHandles = SandboxExtension::createHandlesForMachLookup({ "com.apple.coremedia.decompressionsession"_s }, std::nullopt); Nice!
Created attachment 450338 [details] Patch
Comment on attachment 450338 [details] Patch Thanks for reviewing!
Committed r288817 (246593@main): <https://commits.webkit.org/246593@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 450338 [details].
Comment on attachment 450338 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=450338&action=review > Source/WebKit/Shared/WebProcessCreationParameters.cpp:484 > + parameters.restrictImageAndVideoDecoders = WTFMove(*restrictImageAndVideoDecoders); Not necessary to WTFMove a bool > Source/WebKit/Shared/WebProcessCreationParameters.h:207 > Vector<SandboxExtension::Handle> videoDecoderExtensionHandles; Should this be #if PLATFORM(MAC) now?
(In reply to Simon Fraser (smfr) from comment #9) > Comment on attachment 450338 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=450338&action=review > > > Source/WebKit/Shared/WebProcessCreationParameters.cpp:484 > > + parameters.restrictImageAndVideoDecoders = WTFMove(*restrictImageAndVideoDecoders); > > Not necessary to WTFMove a bool > > > Source/WebKit/Shared/WebProcessCreationParameters.h:207 > > Vector<SandboxExtension::Handle> videoDecoderExtensionHandles; > > Should this be #if PLATFORM(MAC) now? Yes, that is a very good point; I'll upload a follow-up patch. Thanks for reviewing!
Reopening to attach new patch.
Created attachment 450419 [details] Patch
Committed r288826 (246596@main): <https://commits.webkit.org/246596@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 450419 [details].