[webkit-changes] [172031] trunk/Source/WebKit2

Tue, 05 Aug 2014 09:42:07 -0700

Title: [172031] trunk/Source/WebKit2
Revision
172031
Author
oli...@apple.com
Date
2014-08-05 09:41:46 -0700 (Tue, 05 Aug 2014)

Log Message

SSO expects to be able to walk parent application's bundle
https://bugs.webkit.org/show_bug.cgi?id=135581
<rdar://problem/17864079>

Reviewed by Alexey Proskuryakov.

SSO expects to be able to walk the parent application's
bundle looking for Info plists. To allow this to actually
work we provide an extension from the ui process that
covers the bundle directory, and then in the profile
restrict access to the ability to read directories and
files named Info.plist.

* NetworkProcess/cocoa/NetworkProcessCocoa.mm:
(WebKit::NetworkProcess::platformInitializeNetworkProcessCocoa):
* Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb:
* Shared/Network/NetworkProcessCreationParameters.cpp:
(WebKit::NetworkProcessCreationParameters::encode):
(WebKit::NetworkProcessCreationParameters::decode):
* Shared/Network/NetworkProcessCreationParameters.h:
* UIProcess/WebContext.cpp:
(WebKit::WebContext::ensureNetworkProcess):
(WebKit::WebContext::parentBundleDirectory):
* UIProcess/WebContext.h:
* UIProcess/mac/WebContextMac.mm:
(WebKit::WebContext::parentBundleDirectory):

Modified Paths

Diff

Modified: trunk/Source/WebKit2/ChangeLog (172030 => 172031)


--- trunk/Source/WebKit2/ChangeLog	2014-08-05 16:38:53 UTC (rev 172030)
+++ trunk/Source/WebKit2/ChangeLog	2014-08-05 16:41:46 UTC (rev 172031)
@@ -1,3 +1,32 @@
+2014-08-05  Oliver Hunt  <oli...@apple.com>
+
+        SSO expects to be able to walk parent application's bundle
+        https://bugs.webkit.org/show_bug.cgi?id=135581
+        <rdar://problem/17864079>
+
+        Reviewed by Alexey Proskuryakov.
+
+        SSO expects to be able to walk the parent application's
+        bundle looking for Info plists. To allow this to actually
+        work we provide an extension from the ui process that
+        covers the bundle directory, and then in the profile
+        restrict access to the ability to read directories and
+        files named Info.plist.
+
+        * NetworkProcess/cocoa/NetworkProcessCocoa.mm:
+        (WebKit::NetworkProcess::platformInitializeNetworkProcessCocoa):
+        * Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb:
+        * Shared/Network/NetworkProcessCreationParameters.cpp:
+        (WebKit::NetworkProcessCreationParameters::encode):
+        (WebKit::NetworkProcessCreationParameters::decode):
+        * Shared/Network/NetworkProcessCreationParameters.h:
+        * UIProcess/WebContext.cpp:
+        (WebKit::WebContext::ensureNetworkProcess):
+        (WebKit::WebContext::parentBundleDirectory):
+        * UIProcess/WebContext.h:
+        * UIProcess/mac/WebContextMac.mm:
+        (WebKit::WebContext::parentBundleDirectory):
+
 2014-08-04  Benjamin Poulain  <benja...@webkit.org>
 
         Add a flag for the CSS Selectors level 4 implementation

Modified: trunk/Source/WebKit2/NetworkProcess/cocoa/NetworkProcessCocoa.mm (172030 => 172031)


--- trunk/Source/WebKit2/NetworkProcess/cocoa/NetworkProcessCocoa.mm	2014-08-05 16:38:53 UTC (rev 172030)
+++ trunk/Source/WebKit2/NetworkProcess/cocoa/NetworkProcessCocoa.mm	2014-08-05 16:41:46 UTC (rev 172031)
@@ -63,6 +63,7 @@
     SandboxExtension::consumePermanently(parameters.cookieStorageDirectoryExtensionHandle);
 #if PLATFORM(IOS)
     SandboxExtension::consumePermanently(parameters.hstsDatabasePathExtensionHandle);
+    SandboxExtension::consumePermanently(parameters.parentBundleDirectoryExtensionHandle);
 #endif
     m_diskCacheDirectory = parameters.diskCacheDirectory;

Modified: trunk/Source/WebKit2/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb (172030 => 172031)


--- trunk/Source/WebKit2/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb	2014-08-05 16:38:53 UTC (rev 172030)
+++ trunk/Source/WebKit2/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb	2014-08-05 16:41:46 UTC (rev 172031)
@@ -29,7 +29,7 @@
 (import "removed-dev-nodes.sb")
 
 ;; Access to client's cache folder & re-vending to CFNetwork.
-;; FIXME: Remove the webkti specific extension classes <rdar://problem/17755931>
+;; FIXME: Remove the webkit specific extension classes <rdar://problem/17755931>
 (allow file-issue-extension (require-all
     (extension "com.apple.app-sandbox.read-write")
     (extension-class "com.apple.nsurlstorage.extension-cache")))
@@ -38,6 +38,27 @@
 (allow file-read* file-write* (extension "com.apple.app-sandbox.read-write"))
 (allow file-read* (extension "com.apple.app-sandbox.read"))
 
+;; FIXME: <rdar://problem/17909681> SSO expects to be able to walk the parent
+;; bundle to find Info plists, so we jump through a few hoops here to provide
+;; enough access to make it possible.
+
+;; Disallow networking process from reading any bundles, even with the read extension
+(deny file-read* (subpath "/Applications") (extension "com.apple.app-sandbox.read"))
+(deny file-read* (subpath "/private/var/mobile/Containers/Bundle/Application") (extension "com.apple.app-sandbox.read"))
+
+;; Allow the networking process to read directories inside the bundle directories
+;; that we may have killed off above
+(allow file-read*
+    (require-all
+        (extension "com.apple.app-sandbox.read")
+        (vnode-type DIRECTORY)))
+
+;; Allow the networking process to read the Info.plist files
+(allow file-read*
+    (require-all
+        (extension "com.apple.app-sandbox.read")
+        (regex #"/Info\.plist$")))
+
 ;; IOKit user clients
 (allow iokit-open
        (iokit-user-client-class "RootDomainUserClient"))

Modified: trunk/Source/WebKit2/Shared/Network/NetworkProcessCreationParameters.cpp (172030 => 172031)


--- trunk/Source/WebKit2/Shared/Network/NetworkProcessCreationParameters.cpp	2014-08-05 16:38:53 UTC (rev 172030)
+++ trunk/Source/WebKit2/Shared/Network/NetworkProcessCreationParameters.cpp	2014-08-05 16:41:46 UTC (rev 172031)
@@ -47,6 +47,8 @@
 #if PLATFORM(IOS)
     encoder << hstsDatabasePath;
     encoder << hstsDatabasePathExtensionHandle;
+    encoder << parentBundleDirectory;
+    encoder << parentBundleDirectoryExtensionHandle;
 #endif
     encoder << shouldUseTestingNetworkSession;
 #if ENABLE(CUSTOM_PROTOCOLS)
@@ -88,6 +90,10 @@
         return false;
     if (!decoder.decode(result.hstsDatabasePathExtensionHandle))
         return false;
+    if (!decoder.decode(result.parentBundleDirectory))
+        return false;
+    if (!decoder.decode(result.parentBundleDirectoryExtensionHandle))
+        return false;
 #endif
     if (!decoder.decode(result.shouldUseTestingNetworkSession))
         return false;

Modified: trunk/Source/WebKit2/Shared/Network/NetworkProcessCreationParameters.h (172030 => 172031)


--- trunk/Source/WebKit2/Shared/Network/NetworkProcessCreationParameters.h	2014-08-05 16:38:53 UTC (rev 172030)
+++ trunk/Source/WebKit2/Shared/Network/NetworkProcessCreationParameters.h	2014-08-05 16:41:46 UTC (rev 172031)
@@ -63,6 +63,9 @@
     // FIXME: Remove this once <rdar://problem/17726660> is fixed.
     String hstsDatabasePath;
     SandboxExtension::Handle hstsDatabasePathExtensionHandle;
+
+    String parentBundleDirectory;
+    SandboxExtension::Handle parentBundleDirectoryExtensionHandle;
 #endif
     bool shouldUseTestingNetworkSession;

Modified: trunk/Source/WebKit2/UIProcess/WebContext.cpp (172030 => 172031)


--- trunk/Source/WebKit2/UIProcess/WebContext.cpp	2014-08-05 16:38:53 UTC (rev 172030)
+++ trunk/Source/WebKit2/UIProcess/WebContext.cpp	2014-08-05 16:41:46 UTC (rev 172031)
@@ -428,6 +428,10 @@
     parameters.hstsDatabasePath = networkingHSTSDatabasePath();
     if (!parameters.hstsDatabasePath.isEmpty())
         SandboxExtension::createHandle(parameters.hstsDatabasePath, SandboxExtension::ReadWrite, parameters.hstsDatabasePathExtensionHandle);
+
+    parameters.parentBundleDirectory = parentBundleDirectory();
+    if (!parameters.parentBundleDirectory.isEmpty())
+        SandboxExtension::createHandle(parameters.parentBundleDirectory, SandboxExtension::ReadOnly, parameters.parentBundleDirectoryExtensionHandle);
 #endif
 
     parameters.shouldUseTestingNetworkSession = m_shouldUseTestingNetworkSession;

Modified: trunk/Source/WebKit2/UIProcess/WebContext.h (172030 => 172031)


--- trunk/Source/WebKit2/UIProcess/WebContext.h	2014-08-05 16:38:53 UTC (rev 172030)
+++ trunk/Source/WebKit2/UIProcess/WebContext.h	2014-08-05 16:41:46 UTC (rev 172031)
@@ -433,6 +433,10 @@
     String networkingHSTSDatabasePath() const;
     String platformDefaultNetworkingHSTSDatabasePath() const;
 
+#if PLTFORM(IOS)
+    String parentBundleDirectory() const;
+#endif
+
     String containerTemporaryDirectory() const;
 
 #if PLATFORM(COCOA)

Modified: trunk/Source/WebKit2/UIProcess/mac/WebContextMac.mm (172030 => 172031)


--- trunk/Source/WebKit2/UIProcess/mac/WebContextMac.mm	2014-08-05 16:38:53 UTC (rev 172030)
+++ trunk/Source/WebKit2/UIProcess/mac/WebContextMac.mm	2014-08-05 16:41:46 UTC (rev 172031)
@@ -323,6 +323,13 @@
 #endif
 }
 
+#if PLATFORM(IOS)
+String WebContext::parentBundleDirectory() const
+{
+    return [[[NSBundle mainBundle] bundlePath] stringByStandardizingPath];
+}
+#endif
+
 String WebContext::containerTemporaryDirectory() const
 {
     String path = NSTemporaryDirectory();

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to