Title: [242141] trunk/Source/WebKit
- Revision
- 242141
- Author
- pvol...@apple.com
- Date
- 2019-02-27 11:47:53 -0800 (Wed, 27 Feb 2019)
Log Message
[macOS] Disable permissive call logging in sandbox
https://bugs.webkit.org/show_bug.cgi?id=194061
<rdar://problem/47686253>
Reviewed by Brent Fulgham.
Strict call filtering should be reenabled.
* WebProcess/com.apple.WebProcess.sb.in:
Modified Paths
Diff
Modified: trunk/Source/WebKit/ChangeLog (242140 => 242141)
--- trunk/Source/WebKit/ChangeLog 2019-02-27 19:44:50 UTC (rev 242140)
+++ trunk/Source/WebKit/ChangeLog 2019-02-27 19:47:53 UTC (rev 242141)
@@ -1,3 +1,15 @@
+2019-02-27 Per Arne Vollan <pvol...@apple.com>
+
+ [macOS] Disable permissive call logging in sandbox
+ https://bugs.webkit.org/show_bug.cgi?id=194061
+ <rdar://problem/47686253>
+
+ Reviewed by Brent Fulgham.
+
+ Strict call filtering should be reenabled.
+
+ * WebProcess/com.apple.WebProcess.sb.in:
+
2019-02-27 Chris Dumez <cdu...@apple.com>
[HTTPSUpgrade] Use open source database until the feature is ready
Modified: trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in (242140 => 242141)
--- trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2019-02-27 19:44:50 UTC (rev 242140)
+++ trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2019-02-27 19:47:53 UTC (rev 242141)
@@ -837,6 +837,7 @@
#endif // PLATFORM(MAC)
(when (defined? 'syscall-unix)
+ (deny syscall-unix (with send-signal SIGKILL))
(allow syscall-unix
(syscall-number SYS_exit)
(syscall-number SYS_read)
@@ -967,6 +968,7 @@
(syscall-number SYS_ulock_wait)
(syscall-number SYS_ulock_wake)
(syscall-number SYS_work_interval_ctl)
+ (syscall-number SYS_kdebug_typefilter)
)
)
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
