RESOLVED FIXED 237009
Allow adattributiond to start on iOS devices 
https://bugs.webkit.org/show_bug.cgi?id=237009
Summary Allow adattributiond to start on iOS devices
Alex Christensen
Reported 2022-02-21 17:11:16 PST
Allow adattributiond to start on iOS devices
Attachments
Patch (2.67 KB, patch)
2022-02-21 17:13 PST, Alex Christensen 		no flags
DetailsFormatted DiffDiff
Patch (3.99 KB, patch)
2022-02-21 17:47 PST, Alex Christensen 		achristensen: commit-queue+
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Alex Christensen
Comment 1 2022-02-21 17:13:45 PST
Created attachment 452801 [details] Patch
Alex Christensen
Comment 2 2022-02-21 17:13:49 PST
<rdar://problem/89062166>
Per Arne Vollan
Comment 3 2022-02-21 17:16:29 PST
Comment on attachment 452801 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=452801&action=review R=me. > Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.adattributiond.sb:79 > +(allow file-read* file-map-executable > + (subpath "/System/Library/Frameworks") > + (subpath "/System/Library/PrivateFrameworks")) > + Could this be limited to only the WebKit framework?
Alex Christensen
Comment 4 2022-02-21 17:47:33 PST
Created attachment 452805 [details] Patch
Alex Christensen
Comment 5 2022-02-21 17:48:48 PST
(In reply to Per Arne Vollan from comment #3) > Comment on attachment 452801 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=452801&action=review > > R=me. > > > Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.adattributiond.sb:79 > > +(allow file-read* file-map-executable > > + (subpath "/System/Library/Frameworks") > > + (subpath "/System/Library/PrivateFrameworks")) > > + > > Could this be limited to only the WebKit framework? We need CFNetwork, among others. I'm basing the abilities I'm adding on what the network process has access to.
Alex Christensen
Comment 6 2022-02-21 20:57:57 PST
r290288
Note You need to log in before you can comment on or make changes to this bug.