Skip to site navigation (Press enter)

[webkit-changes] [261389] trunk/Source/WebKit

pvollan Fri, 08 May 2020 09:56:25 -0700

Title: [261389] trunk/Source/WebKit

Revision: 261389
Author: pvol...@apple.com
Date: 2020-05-08 09:55:43 -0700 (Fri, 08 May 2020)

Log Message

[iOS] Update message filtering rules in the WebContent process' sandbox
https://bugs.webkit.org/show_bug.cgi?id=211188


Reviewed by Brent Fulgham.

Based on telemetry and local testing, update the message filtering rules in the WebContent process' sandbox on iOS.
Messages that have not been observed being in use should be denied.

No new tests, covered by existing tests.

* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:

Modified Paths

trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb

Diff

Modified: trunk/Source/WebKit/ChangeLog (261388 => 261389)


--- trunk/Source/WebKit/ChangeLog	2020-05-08 16:48:32 UTC (rev 261388)
+++ trunk/Source/WebKit/ChangeLog	2020-05-08 16:55:43 UTC (rev 261389)
@@ -1,3 +1,17 @@
+2020-05-08  Per Arne Vollan  <pvol...@apple.com>
+
+        [iOS] Update message filtering rules in the WebContent process' sandbox
+        https://bugs.webkit.org/show_bug.cgi?id=211188
+
+        Reviewed by Brent Fulgham.
+
+        Based on telemetry and local testing, update the message filtering rules in the WebContent process' sandbox on iOS.
+        Messages that have not been observed being in use should be denied.
+
+        No new tests, covered by existing tests.
+
+        * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
+
 2020-05-08  Chris Dumez  <cdu...@apple.com>
 
         Turn processDidBecomeUnresponsive logging into error logging

Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb (261388 => 261389)


--- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb	2020-05-08 16:48:32 UTC (rev 261388)
+++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb	2020-05-08 16:55:43 UTC (rev 261389)
@@ -1217,7 +1217,7 @@
 (when (defined? 'mach-kernel-endpoint)
     (allow mach-kernel-endpoint
         (apply-message-filter
-            (allow mach-message-send (with report) (with telemetry))
+            (deny mach-message-send (with telemetry))
             (allow mach-message-send (kernel-mig-routine
                 host_get_clock_service
                 host_get_io_master

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes