Title: [289123] trunk/Source/WebKit
- Revision
- 289123
- Author
- pvol...@apple.com
- Date
- 2022-02-04 10:17:30 -0800 (Fri, 04 Feb 2022)
Log Message
[iOS][macOS] Adjust sysctl sandbox access
https://bugs.webkit.org/show_bug.cgi?id=236082
<rdar://problem/88436174>
Reviewed by Brent Fulgham.
Adjust sysctl sandbox access based on telemetry.
* GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in:
* NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in:
* Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb:
Modified Paths
Diff
Modified: trunk/Source/WebKit/ChangeLog (289122 => 289123)
--- trunk/Source/WebKit/ChangeLog 2022-02-04 17:26:30 UTC (rev 289122)
+++ trunk/Source/WebKit/ChangeLog 2022-02-04 18:17:30 UTC (rev 289123)
@@ -1,3 +1,17 @@
+2022-02-04 Per Arne Vollan <pvol...@apple.com>
+
+ [iOS][macOS] Adjust sysctl sandbox access
+ https://bugs.webkit.org/show_bug.cgi?id=236082
+ <rdar://problem/88436174>
+
+ Reviewed by Brent Fulgham.
+
+ Adjust sysctl sandbox access based on telemetry.
+
+ * GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in:
+ * NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in:
+ * Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb:
+
2022-02-04 Kate Cheney <katherine_che...@apple.com>
Fix App Privacy Report redirect attribution
Modified: trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in (289122 => 289123)
--- trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in 2022-02-04 17:26:30 UTC (rev 289122)
+++ trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in 2022-02-04 18:17:30 UTC (rev 289123)
@@ -152,7 +152,6 @@
"hw.l2cachesize"
"hw.logicalcpu"
"hw.logicalcpu_max"
- "hw.machine"
"hw.memsize"
"hw.model"
"hw.ncpu"
@@ -168,7 +167,6 @@
"kern.osproductversion"
"kern.osrelease"
"kern.ostype"
- "kern.osversion"
"kern.version")
(sysctl-name-prefix "hw.optional.") ;; <rdar://problem/71462790>
(sysctl-name-prefix "hw.perflevel") ;; <rdar://problem/76783596>
Modified: trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in (289122 => 289123)
--- trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in 2022-02-04 17:26:30 UTC (rev 289122)
+++ trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in 2022-02-04 18:17:30 UTC (rev 289123)
@@ -161,10 +161,12 @@
(deny sysctl* (with telemetry))
(allow sysctl-read
(sysctl-name
+ "hw.cputype"
"hw.memsize"
"hw.ncpu"
"kern.maxfilesperproc"
"kern.osproductversion" ;; Needed by CFNetwork (HSTS store and others)
+ "kern.osrelease"
"kern.ostype"
"kern.osversion" ;; Needed by WebKit and ASL logging.
"kern.tcsm_available" ;; Needed for IndexedDB support.
Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb (289122 => 289123)
--- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb 2022-02-04 17:26:30 UTC (rev 289122)
+++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb 2022-02-04 18:17:30 UTC (rev 289123)
@@ -471,6 +471,7 @@
"hw.memsize"
"hw.ncpu"
"hw.pagesize_compat"
+ "kern.bootargs"
"kern.hostname"
"kern.maxfilesperproc"
"kern.osproductversion"
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
