Diff
Modified: trunk/Source/WebKit2/ChangeLog (148901 => 148902)
--- trunk/Source/WebKit2/ChangeLog 2013-04-22 19:37:01 UTC (rev 148901)
+++ trunk/Source/WebKit2/ChangeLog 2013-04-22 19:47:57 UTC (rev 148902)
@@ -1,3 +1,31 @@
+2013-04-22 Sam Weinig <s...@webkit.org>
+
+ Hard code plug-in sandbox profile lookup directories and move
+ the profiles to WebKit2.
+
+ Reviewed by Anders Carlsson.
+
+ * PluginProcess/EntryPoint/mac/LegacyProcess/PluginProcessMain.mm:
+ (WebKit::PluginProcessMainDelegate::getExtraInitializationData):
+ * PluginProcess/EntryPoint/mac/XPCService/PluginServiceEntryPoint.mm:
+ (WebKit::PluginServiceInitializerDelegate::getExtraInitializationData):
+ * UIProcess/Plugins/mac/PluginProcessProxyMac.mm:
+ (WebKit::PluginProcessProxy::platformGetLaunchOptions):
+ Stop passing the sandbox-profile-directory-path to the plug-in process.
+
+ * PluginProcess/mac/PluginProcessMac.mm:
+ (WebKit::loadSandboxProfileForDirectory):
+ (WebKit::loadSandboxProfile):
+ (WebKit::PluginProcess::initializeSandbox):
+ Hard code the plug-in sandbox profile lookup to only look in the WebKit2 bundle
+ and /System/Library/Sandbox/Profiles/.
+
+ * Resources/PlugInSandboxProfiles: Added.
+ Add profiles.
+
+ * WebKit2.xcodeproj/project.pbxproj:
+ Copy the profiles to the bundle.
+
2013-04-15 Jer Noble <jer.no...@apple.com>
Refactor creation of the full screen window into an (overridable) method.
Modified: trunk/Source/WebKit2/PluginProcess/EntryPoint/mac/LegacyProcess/PluginProcessMain.mm (148901 => 148902)
--- trunk/Source/WebKit2/PluginProcess/EntryPoint/mac/LegacyProcess/PluginProcessMain.mm 2013-04-22 19:37:01 UTC (rev 148901)
+++ trunk/Source/WebKit2/PluginProcess/EntryPoint/mac/LegacyProcess/PluginProcessMain.mm 2013-04-22 19:47:57 UTC (rev 148902)
@@ -87,12 +87,6 @@
return false;
extraInitializationData.add("plugin-path", pluginPath);
- // FIXME: We should stop passing this and have it in a hard coded place. For now
- // though, let the absence of a sandboxProfileDirectoryPath indicate no plugin
- // sandboxing should take place.
- String sandboxProfileDirectoryPath = m_commandLine["sandbox-profile-directory-path"];
- extraInitializationData.add("sandbox-profile-directory-path", sandboxProfileDirectoryPath);
-
return true;
}
Modified: trunk/Source/WebKit2/PluginProcess/EntryPoint/mac/XPCService/PluginServiceEntryPoint.mm (148901 => 148902)
--- trunk/Source/WebKit2/PluginProcess/EntryPoint/mac/XPCService/PluginServiceEntryPoint.mm 2013-04-22 19:37:01 UTC (rev 148901)
+++ trunk/Source/WebKit2/PluginProcess/EntryPoint/mac/XPCService/PluginServiceEntryPoint.mm 2013-04-22 19:47:57 UTC (rev 148902)
@@ -51,12 +51,6 @@
return false;
extraInitializationData.add("plugin-path", pluginPath);
- // FIXME: We should stop passing this and have it in a hard coded place. For now
- // though, let the absence of a sandboxProfileDirectoryPath indicate no plugin
- // sandboxing should take place.
- String sandboxProfileDirectoryPath = xpc_dictionary_get_string(extraDataInitializationDataObject, "sandbox-profile-directory-path");
- extraInitializationData.add("sandbox-profile-directory-path", sandboxProfileDirectoryPath);
-
return true;
}
};
Modified: trunk/Source/WebKit2/PluginProcess/mac/PluginProcessMac.mm (148901 => 148902)
--- trunk/Source/WebKit2/PluginProcess/mac/PluginProcessMac.mm 2013-04-22 19:37:01 UTC (rev 148901)
+++ trunk/Source/WebKit2/PluginProcess/mac/PluginProcessMac.mm 2013-04-22 19:47:57 UTC (rev 148902)
@@ -280,11 +280,8 @@
parentProcessConnection()->send(Messages::PluginProcessProxy::SetFullscreenWindowIsShowing(fullscreenWindowIsShowing), 0);
}
-static String loadSandboxProfile(const String& pluginPath, const String& sandboxProfileDirectoryPath)
+static String loadSandboxProfileForDirectory(const String& pluginPath, NSString *sandboxProfileDirectoryPath)
{
- if (sandboxProfileDirectoryPath.isEmpty())
- return String();
-
RetainPtr<CFURLRef> pluginURL = adoptCF(CFURLCreateWithFileSystemPath(0, pluginPath.createCFString().get(), kCFURLPOSIXPathStyle, false));
if (!pluginURL)
return String();
@@ -300,7 +297,7 @@
// Fold all / characters to : to prevent the plugin bundle-id from trying to escape the profile directory
bundleIdentifier.replace('/', ':');
- RetainPtr<CFURLRef> sandboxProfileDirectory = adoptCF(CFURLCreateWithFileSystemPath(0, sandboxProfileDirectoryPath.createCFString().get(), kCFURLPOSIXPathStyle, TRUE));
+ RetainPtr<CFURLRef> sandboxProfileDirectory = adoptCF(CFURLCreateWithFileSystemPath(0, (CFStringRef)sandboxProfileDirectoryPath, kCFURLPOSIXPathStyle, TRUE));
RetainPtr<CFStringRef> sandboxFileName = adoptCF(CFStringCreateWithFormat(0, 0, CFSTR("%@.sb"), bundleIdentifier.createCFString().get()));
RetainPtr<CFURLRef> sandboxURL = adoptCF(CFURLCreateWithFileSystemPathRelativeToBase(0, sandboxFileName.get(), kCFURLPOSIXPathStyle, FALSE, sandboxProfileDirectory.get()));
@@ -318,6 +315,21 @@
return [commonProfileString.get() stringByAppendingString:profileString.get()];
}
+static String loadSandboxProfile(const String& pluginPath)
+{
+ // First look in the WebKit2 bundle.
+ String sandboxProfile = loadSandboxProfileForDirectory(pluginPath, [[[NSBundle bundleForClass:NSClassFromString(@"WKView")] resourcePath] stringByAppendingPathComponent:@"PlugInSandboxProfiles"]);
+ if (!sandboxProfile.isEmpty())
+ return sandboxProfile;
+
+ // Then try /System/Library/Sandbox/Profiles/.
+ sandboxProfile = loadSandboxProfileForDirectory(pluginPath, @"/System/Library/Sandbox/Profiles/");
+ if (!sandboxProfile.isEmpty())
+ return sandboxProfile;
+
+ return String();
+}
+
static void muteAudio(void)
{
AudioObjectPropertyAddress propertyAddress = { kAudioHardwarePropertyProcessIsAudible, kAudioObjectPropertyScopeGlobal, kAudioObjectPropertyElementMaster };
@@ -362,7 +374,7 @@
void PluginProcess::initializeSandbox(const ChildProcessInitializationParameters& parameters, SandboxInitializationParameters& sandboxParameters)
{
- String sandboxProfile = loadSandboxProfile(m_pluginPath, parameters.extraInitializationData.get("sandbox-profile-directory-path"));
+ String sandboxProfile = loadSandboxProfile(m_pluginPath);
if (sandboxProfile.isEmpty())
return;
Added: trunk/Source/WebKit2/Resources/PlugInSandboxProfiles/com.apple.QuickTime Plugin.plugin.sb (0 => 148902)
--- trunk/Source/WebKit2/Resources/PlugInSandboxProfiles/com.apple.QuickTime Plugin.plugin.sb (rev 0)
+++ trunk/Source/WebKit2/Resources/PlugInSandboxProfiles/com.apple.QuickTime Plugin.plugin.sb 2013-04-22 19:47:57 UTC (rev 148902)
@@ -0,0 +1,9 @@
+(webkit-powerbox)
+(shared-preferences-read "com.apple.quicktime.plugin.preferences")
+
+(allow file-read* file-write*
+ (home-subpath "/Library/Caches/QuickTime")
+ (home-literal "/Library/Preferences/QuickTime Preferences"))
+
+(allow network-inbound (local udp))
+(allow network-outbound (remote udp))
Added: trunk/Source/WebKit2/Resources/PlugInSandboxProfiles/com.apple.WebKit.plugin-common.sb (0 => 148902)
--- trunk/Source/WebKit2/Resources/PlugInSandboxProfiles/com.apple.WebKit.plugin-common.sb (rev 0)
+++ trunk/Source/WebKit2/Resources/PlugInSandboxProfiles/com.apple.WebKit.plugin-common.sb 2013-04-22 19:47:57 UTC (rev 148902)
@@ -0,0 +1,263 @@
+(version 1)
+(deny default)
+(allow system-audit file-read-metadata)
+
+(import "system.sb")
+
+;; Utility functions
+(define (home-regex home-relative-regex)
+ (regex (string-append "^" (regex-quote (param "HOME_DIR")) home-relative-regex)))
+
+(define (home-subpath home-relative-subpath)
+ (subpath (string-append (param "HOME_DIR") home-relative-subpath)))
+
+(define (home-literal home-relative-literal)
+ (literal (string-append (param "HOME_DIR") home-relative-literal)))
+
+(define (shared-preferences-read . domains)
+ (for-each (lambda (domain)
+ (begin
+ (if (defined? `user-preference-read)
+ (allow user-preference-read (preference-domain domain)))
+ ; (Temporary) backward compatibility with non-CFPreferences readers.
+ (allow file-read*
+ (literal (string-append "/Library/Preferences/" domain ".plist"))
+ (home-literal (string-append "/Library/Preferences/" domain ".plist"))
+ (home-regex (string-append #"/Library/Preferences/ByHost/" (regex-quote domain) #"\..*\.plist$")))))
+ domains))
+
+(define (shared-preferences-read-write . domains)
+ (for-each (lambda (domain)
+ (begin
+ (if (defined? `user-preference-write)
+ (allow user-preference-read user-preference-write (preference-domain domain)))
+ ; (Temporary) backward compatibility with non-CFPreferences readers / writers.
+ (allow file-read* file-write*
+ (literal (string-append "/Library/Preferences/" domain ".plist"))
+ (home-literal (string-append "/Library/Preferences/" domain ".plist"))
+ (home-regex (string-append #"/Library/Preferences/ByHost/" (regex-quote domain) #"\..*\.plist$")))))
+ domains))
+
+
+;; Graphics
+(if (defined? 'system-graphics)
+ (system-graphics)
+ (begin
+ (shared-preferences-read
+ "com.apple.opengl"
+ "com.nvidia.OpenGL")
+ (allow mach-lookup (global-name "com.apple.cvmsServ"))
+ (allow iokit-open
+ (iokit-connection "IOAccelerator")
+ (iokit-user-client-class "IOAccelerationUserClient")
+ (iokit-user-client-class "IOSurfaceRootUserClient")
+ (iokit-user-client-class "IOSurfaceSendRight")
+ (iokit-user-client-class "IOFramebufferSharedUserClient")
+ (iokit-user-client-class "AppleSNBFBUserClient")
+ (iokit-user-client-class "AGPMClient")
+ (iokit-user-client-class "AppleGraphicsControlClient")
+ (iokit-user-client-class "AppleGraphicsPolicyClient"))))
+
+;; Read-only preferences
+(shared-preferences-read
+ ".GlobalPreferences"
+ "com.apple.Bluetooth"
+ "com.apple.QuickTime"
+ "com.apple.HIToolbox"
+ "com.apple.ATS"
+ "com.apple.driver.AppleBluetoothMultitouch.mouse"
+ "com.apple.driver.AppleBluetoothMultitouch.trackpad"
+ "com.apple.driver.AppleHIDMouse"
+ "com.apple.inputmethodkit"
+ "com.apple.iWork.Pages"
+ "com.apple.LaunchServices"
+ "com.apple.MultitouchSupport"
+ "com.apple.security"
+ "com.apple.security_common"
+ "com.apple.speech.voice.prefs"
+ "com.apple.speech.synthesis.general.prefs"
+ "com.apple.speech.recognition.AppleSpeechRecognition.prefs"
+ "com.apple.systemsound"
+ "com.apple.universalaccess"
+ "com.apple.WebFoundation"
+ "pbs"
+ "com.apple.ServicesMenu.Services")
+
+;; Read-only data
+(allow file-read*
+ (literal "/")
+ (subpath "/Library/Frameworks")
+ (subpath "/private/var/db/mds")
+
+ (regex #"^/Library/Preferences/com\.apple\.security")
+ (home-literal "/.CFUserTextEncoding")
+ (home-subpath "/Library/Audio")
+ (home-subpath "/Library/ColorPickers")
+ (home-subpath "/Library/ColorSync")
+ (home-subpath "/Library/Components")
+ (subpath "/Library/Contextual Menu Items")
+ (home-subpath "/Library/Input Methods")
+ (home-subpath "/Library/KeyBindings")
+ (home-subpath "/Library/Keyboard Layouts")
+ (subpath "/Library/Fonts")
+ (home-subpath "/Library/Fonts")
+ (subpath "/Library/Spelling")
+ (home-subpath "/Library/Spelling")
+ (subpath "/Library/PDF Services")
+ (home-subpath "/Library/PDF Services")
+ (home-literal "/Library/Preferences/QuickTime Preferences")
+
+ (home-literal "/Library/Caches/com.apple.coreaudio.components.plist")
+
+ (subpath "/Library/Audio/Plug-Ins/Components")
+ (home-subpath "/Library/Audio/Plug-Ins/Components")
+ (subpath "/Library/Audio/Plug-Ins/HAL")
+ (subpath "/Library/QuickTime")
+ (home-subpath "/Library/QuickTime")
+ (subpath "/Library/Video/Plug-Ins")
+ (home-subpath "/Library/Caches/QuickTime")
+
+ (literal "/Library/Application Support/CrashReporter/SubmitDiagInfo.domains")
+
+ (home-literal "/Library/Application Support/SyncServices/Local/ClientsWithChanges/com.apple.Keychain")
+
+ (subpath "/Library/ColorSync")
+
+ ;; FIXME: This should be removed when <rdar://problem/10479685> is fixed.
+ (subpath "/Library/Keychains"))
+
+
+;; Read-write preferences and data
+(allow file*
+ (home-regex #"/Library/Preferences/com\.apple\.WebKit\.PluginProcess\.plist")
+
+ ;; FIXME: This should be removed when <rdar://problem/10479685> is fixed.
+ (home-subpath "/Library/Keychains"))
+
+;; IOKit user clients
+(allow iokit-open
+ (iokit-user-client-class "IOAudioControlUserClient")
+ (iokit-user-client-class "IOAudioEngineUserClient")
+ (iokit-user-client-class "IOHIDParamUserClient")
+ (iokit-user-client-class "RootDomainUserClient"))
+
+;; Various services required by AppKit and other frameworks
+(allow mach-lookup
+ (global-name "com.apple.CoreServices.coreservicesd")
+ (global-name "com.apple.DiskArbitration.diskarbitrationd")
+ (global-name "com.apple.FileCoordination")
+ (global-name "com.apple.FontObjectsServer")
+ (global-name "com.apple.FontServer")
+ (global-name "com.apple.ImageCaptureExtension2.presence")
+ (global-name "com.apple.PowerManagement.control")
+ (global-name "com.apple.SecurityServer")
+ (global-name "com.apple.SystemConfiguration.PPPController")
+ (global-name "com.apple.SystemConfiguration.configd")
+ (global-name "com.apple.UNCUserNotification")
+ (global-name "com.apple.audio.VDCAssistant")
+ (global-name "com.apple.audio.audiohald")
+ (global-name "com.apple.audio.coreaudiod")
+ (global-name "com.apple.cfnetwork.AuthBrokerAgent")
+ (global-name "com.apple.cmio.VDCAssistant")
+ (global-name "com.apple.cookied") ;; FIXME: <rdar://problem/10790768> Limit access to cookies.
+ (global-name "com.apple.ocspd")
+ (global-name "com.apple.pasteboard.1")
+ (global-name "com.apple.pbs.fetch_services")
+ (global-name "com.apple.tccd.system")
+ (global-name "com.apple.tsm.uiserver")
+ (global-name "com.apple.window_proxies")
+ (global-name "com.apple.windowserver.active")
+ (local-name "com.apple.tsm.portname")
+ (global-name-regex #"_OpenStep$"))
+
+
+;; Configuration directories
+(allow file-read* (subpath (param "PLUGIN_PATH")))
+(allow file-read* (subpath (param "WEBKIT2_FRAMEWORK_DIR")))
+(allow file* (subpath (param "DARWIN_USER_TEMP_DIR")))
+(allow file* (subpath (param "DARWIN_USER_CACHE_DIR")))
+(allow file* (subpath (param "NSURL_CACHE_DIR")))
+
+
+;; Networking
+(if (defined? 'system-network)
+ (system-network)
+ (begin
+ (allow file-read* (literal "/Library/Preferences/com.apple.networkd.plist"))
+ (allow mach-lookup
+ (global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+ (global-name "com.apple.networkd"))
+ (allow network-outbound
+ (control-name "com.apple.netsrc")
+ (control-name "com.apple.network.statistics"))
+ (allow system-socket
+ (require-all (socket-domain AF_SYSTEM)
+ (socket-protocol 2)) ; SYSPROTO_CONTROL
+ (socket-domain AF_ROUTE))))
+
+(allow network-outbound
+ ;; Local mDNSResponder for DNS, arbitrary outbound TCP
+ (literal "/private/var/run/mDNSResponder")
+ (remote tcp))
+
+
+;; Open and Save panels
+(define (webkit-powerbox)
+ (allow file-read* file-write* (extension "com.apple.app-sandbox.read-write"))
+ (allow file-issue-extension
+ (require-all
+ (extension-class "com.apple.app-sandbox.read")
+ (extension "com.apple.app-sandbox.read-write"))
+ (require-all
+ (extension-class "com.apple.app-sandbox.read-write")
+ (extension "com.apple.app-sandbox.read-write"))))
+
+;; Printing
+(define (webkit-printing)
+ (allow network-outbound (literal "/private/var/run/cupsd"))
+ (allow mach-lookup
+ (global-name "com.apple.printuitool.agent")
+ (global-name "com.apple.printtool.agent")
+ (global-name "com.apple.printtool.daemon"))
+ (allow file-read*
+ (home-literal "/.cups/lpoptions")
+ (home-literal "/.cups/client.conf")
+ (literal "/private/etc/cups/client.conf")
+ (literal "/private/etc/cups/lpoptions")
+ (subpath "/private/etc/cups/ppd")
+ (subpath "/private/var/run/cupsd")
+ (home-literal "/Library/Preferences/org.cups.PrintingPrefs.plist")))
+
+;; Text Services Manager
+(allow iokit-set-properties (iokit-property "CapsLockDelayOverride"))
+
+;; Image Capture
+(define (webkit-imagecapture)
+ (allow appleevent-send (appleevent-destination "com.apple.imagecaptureextension2")))
+
+(allow ipc-posix-shm*
+ (ipc-posix-name-regex #"^AudioIO")
+ (ipc-posix-name-regex #"^CFPBS:")
+ (ipc-posix-name "_CS_GSHMEMLOCK")
+ (ipc-posix-name "_CS_DSHMEMLOCK"))
+
+(allow ipc-posix-shm-read*
+ (ipc-posix-name "apple.shm.notification_center"))
+
+;; Silently block access to some resources
+(deny file-read* file-write* (with no-log)
+ (home-regex #"/Library/Preferences/com\.apple\.internetconfigpriv\.plist")
+ (home-regex #"/Library/Preferences/com\.apple\.internetconfig\.plist")
+
+ ;; FIXME: Should be removed after <rdar://problem/9422957> is fixed.
+ (home-literal "/Library/Caches/Cache.db")
+
+ ;; FIXME: Should be removed after <rdar://problem/10463881> is fixed.
+ (home-literal "/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV2")
+ (home-literal "/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV2-journal"))
+
+(deny mach-lookup (with no-log)
+ (global-name "com.apple.FSEvents")
+ (global-name "com.apple.coreservices.appleevents")
+ (global-name "com.apple.dock.server")
+ (global-name-regex #"^com\.apple\.distributed_notifications"))
Added: trunk/Source/WebKit2/Resources/PlugInSandboxProfiles/com.apple.ist.ds.appleconnect.webplugin.sb (0 => 148902)
--- trunk/Source/WebKit2/Resources/PlugInSandboxProfiles/com.apple.ist.ds.appleconnect.webplugin.sb (rev 0)
+++ trunk/Source/WebKit2/Resources/PlugInSandboxProfiles/com.apple.ist.ds.appleconnect.webplugin.sb 2013-04-22 19:47:57 UTC (rev 148902)
@@ -0,0 +1,37 @@
+(allow mach-lookup
+ (global-name "com.apple.ist.ds.appleconnect2.service.admin")
+ (global-name "com.apple.ist.ds.appleconnect2.service.agent")
+ (global-name "com.apple.ist.ds.appleconnect2.service.kdctunnelcontroller")
+ (global-name "com.apple.ist.ds.appleconnect2.service.menuextra")
+ (global-name "org.h5l.kcm"))
+;; FIXME: This is explicitly being called out <rdar://problem/13481170>
+(deny mach-lookup
+ (global-name-regex #"^com\.apple\.ist\.ds\.appleconnect2\.service\..*\[[0-9]+\]$"))
+(allow mach-lookup
+ (global-name-regex #"^com\.apple\.ist\.ds\.appleconnect2\.service\.PluginProcess\[[0-9]+\]$"))
+
+(shared-preferences-read
+ "com.apple.GSS"
+ "com.apple.ist.ds.appleconnect2"
+ "com.apple.ist.ds.appleconnect2.acceptanceTest"
+ "com.apple.ist.ds.appleconnect2.production"
+ "com.apple.ist.ds.appleconnect2.uat"
+ "com.apple.Kerberos"
+ "edu.mit.Kerberos")
+
+(allow file-read*
+ (subpath "/Library/KerberosPlugins/GSSAPI")
+ (literal "/Library/Preferences/edu.mit.Kerberos")
+ (home-literal "/Library/Preferences/edu.mit.Kerberos"))
+
+(allow file-read*
+ (literal "/private/etc/services"))
+
+(if (defined? 'mach-register)
+ (allow mach-register
+ (global-name-regex #"^com\.apple\.ist\.ds\.appleconnect2\.service\.PluginProcess\[[0-9]+\]$")))
+
+(allow network-outbound
+ (remote udp "*:4160" "*:88"))
+(allow network-inbound
+ (local udp))
Added: trunk/Source/WebKit2/Resources/PlugInSandboxProfiles/com.macromedia.Flash Player.plugin.sb (0 => 148902)
--- trunk/Source/WebKit2/Resources/PlugInSandboxProfiles/com.macromedia.Flash Player.plugin.sb (rev 0)
+++ trunk/Source/WebKit2/Resources/PlugInSandboxProfiles/com.macromedia.Flash Player.plugin.sb 2013-04-22 19:47:57 UTC (rev 148902)
@@ -0,0 +1,18 @@
+(allow ipc-posix-sem (ipc-posix-name "MacromediaSemaphoreDig"))
+
+(allow file-read*
+ (home-literal "/mm.cfg")
+ (home-literal "/mms.cfg"))
+
+(deny file-read-xattr (with no-log)
+ (home-literal "/Library/Caches")
+ (home-literal "/Library/Preferences"))
+
+(allow file-read* file-write-create file-write-mode
+ (home-literal "/Library/Caches/Adobe")
+ (home-literal "/Library/Preferences/Macromedia"))
+
+(allow file-read* file-write*
+ (literal "/Library/Application Support/Macromedia/mms.cfg")
+ (home-subpath "/Library/Caches/Adobe/Flash Player")
+ (home-subpath "/Library/Preferences/Macromedia/Flash Player"))
Added: trunk/Source/WebKit2/Resources/PlugInSandboxProfiles/com.microsoft.SilverlightPlugin.sb (0 => 148902)
--- trunk/Source/WebKit2/Resources/PlugInSandboxProfiles/com.microsoft.SilverlightPlugin.sb (rev 0)
+++ trunk/Source/WebKit2/Resources/PlugInSandboxProfiles/com.microsoft.SilverlightPlugin.sb 2013-04-22 19:47:57 UTC (rev 148902)
@@ -0,0 +1,22 @@
+(allow iokit-open
+ (iokit-user-client-class "IOHIDLibUserClient")
+ (iokit-user-client-class "IOBluetoothHCIUserClient"))
+
+(shared-preferences-read
+ "com.microsoft.PlayReady"
+ "com.microsoft.autoupdate2")
+(shared-preferences-read-write "com.microsoft.silverlight")
+
+(allow file-write-create
+ (home-literal "/Library/Application Support/Microsoft"))
+
+(allow file-read* file-write*
+ ;; Sigh, mode 777 in /Library.
+ (subpath "/Library/Application Support/Microsoft/PlayReady")
+ (home-subpath "/Library/Application Support/Microsoft/PlayReady")
+ (home-subpath "/Library/Application Support/Microsoft/Silverlight")
+ (home-subpath "/Library/Caches/TemporaryItems"))
+
+;; FIXME: <rdar://problem/13636078>
+(allow ipc-posix-shm*
+ (ipc-posix-name-regex #"^CoreCLR_"))
Added: trunk/Source/WebKit2/Resources/PlugInSandboxProfiles/com.oracle.java.JavaAppletPlugin.sb (0 => 148902)
--- trunk/Source/WebKit2/Resources/PlugInSandboxProfiles/com.oracle.java.JavaAppletPlugin.sb (rev 0)
+++ trunk/Source/WebKit2/Resources/PlugInSandboxProfiles/com.oracle.java.JavaAppletPlugin.sb 2013-04-22 19:47:57 UTC (rev 148902)
@@ -0,0 +1,37 @@
+(allow signal network-inbound)
+(allow process-fork)
+(allow process-exec
+ (subpath "/System/Library/Java/JavaVirtualMachines")
+ (subpath "/Library/Internet Plug-Ins/JavaAppletPlugin.plugin"))
+
+(allow mach-lookup (global-name "com.apple.coreservices.launchservicesd"))
+
+(allow file-read*
+ (literal "/dev/fd")
+ (literal "/usr/bin")
+ (literal "/private/etc/hosts")
+ (subpath "/Library/Java")
+ (subpath "/System/Library/Java"))
+
+(shared-preferences-read
+ "com.apple.java.JavaPreferences"
+ "com.apple.java.util.prefs")
+(shared-preferences-read-write "com.oracle.javadeployment.plist")
+
+(allow file-read* file-write*
+ (home-subpath "/Library/Saved Application State/net.java.openjdk.cmd.savedState")
+ (home-subpath "/Library/Application Support/Oracle/Java/Deployment")
+ (home-subpath "/Library/Caches/Java"))
+
+(allow file-write-create
+ (home-literal "/Library/Application Support/Oracle")
+ (home-literal "/Library/Application Support/Oracle/Java"))
+
+(allow network-bind network-outbound (subpath (param "DARWIN_USER_TEMP_DIR")))
+
+(deny mach-lookup (with no-log)
+ (global-name "com.apple.ls.boxd")
+ (global-name-regex #"^PlaceHolderServerName-"))
+
+(deny job-creation (with no-log))
+(deny file-write* (with no-log) (subpath "/Library/Application Support/Oracle"))
Modified: trunk/Source/WebKit2/UIProcess/Plugins/mac/PluginProcessProxyMac.mm (148901 => 148902)
--- trunk/Source/WebKit2/UIProcess/Plugins/mac/PluginProcessProxyMac.mm 2013-04-22 19:37:01 UTC (rev 148901)
+++ trunk/Source/WebKit2/UIProcess/Plugins/mac/PluginProcessProxyMac.mm 2013-04-22 19:47:57 UTC (rev 148902)
@@ -53,8 +53,6 @@
@end
-NSString * const WebKit2PlugInSandboxProfileDirectoryPathKey = @"WebKit2PlugInSandboxProfileDirectoryPath";
-
using namespace WebCore;
namespace WebKit {
@@ -140,14 +138,8 @@
{
launchOptions.architecture = pluginInfo.pluginArchitecture;
launchOptions.executableHeap = PluginProcessProxy::pluginNeedsExecutableHeap(pluginInfo);
-
launchOptions.extraInitializationData.add("plugin-path", pluginInfo.path);
- // FIXME: We should rip this out once we have a good place to install plug-in sandbox profiles.
- NSString* sandboxProfileDirectoryPath = [[NSUserDefaults standardUserDefaults] stringForKey:WebKit2PlugInSandboxProfileDirectoryPathKey];
- if (sandboxProfileDirectoryPath)
- launchOptions.extraInitializationData.add("sandbox-profile-directory-path", String(sandboxProfileDirectoryPath));
-
#if HAVE(XPC)
launchOptions.useXPC = shouldUseXPC();
#endif
Modified: trunk/Source/WebKit2/WebKit2.xcodeproj/project.pbxproj (148901 => 148902)
--- trunk/Source/WebKit2/WebKit2.xcodeproj/project.pbxproj 2013-04-22 19:37:01 UTC (rev 148901)
+++ trunk/Source/WebKit2/WebKit2.xcodeproj/project.pbxproj 2013-04-22 19:47:57 UTC (rev 148902)
@@ -11,7 +11,7 @@
isa = PBXAggregateTarget;
buildConfigurationList = 1A50DB48110A3C27000D3FE5 /* Build configuration list for PBXAggregateTarget "All" */;
buildPhases = (
- 1A50DB70110A3D67000D3FE5 /* CopyFiles */,
+ 1A50DB70110A3D67000D3FE5 /* Copy Files */,
BCFFCA8A160D6DEA003DF315 /* Add XPCServices symlink */,
BCFFCA8B160D6E7B003DF315 /* Copy XPC services for engineering builds */,
);
@@ -146,7 +146,7 @@
1A4A9C5612B816CF008FE984 /* NetscapePluginModule.h in Headers */ = {isa = PBXBuildFile; fileRef = 1A4A9C5412B816CF008FE984 /* NetscapePluginModule.h */; };
1A4A9C9A12B821CD008FE984 /* NetscapePluginModuleMac.mm in Sources */ = {isa = PBXBuildFile; fileRef = 1A4A9C9912B821CD008FE984 /* NetscapePluginModuleMac.mm */; };
1A4A9F3312B844E2008FE984 /* PluginQuirks.h in Headers */ = {isa = PBXBuildFile; fileRef = 1A4A9F3112B844E2008FE984 /* PluginQuirks.h */; };
- 1A50DB66110A3D57000D3FE5 /* WebProcess.app in CopyFiles */ = {isa = PBXBuildFile; fileRef = 1A50DB1E110A3BDC000D3FE5 /* WebProcess.app */; };
+ 1A50DB66110A3D57000D3FE5 /* WebProcess.app in Copy Files */ = {isa = PBXBuildFile; fileRef = 1A50DB1E110A3BDC000D3FE5 /* WebProcess.app */; };
1A594ABA112A1FB6009DE7C7 /* WebUIClient.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 1A594AB8112A1FB6009DE7C7 /* WebUIClient.cpp */; };
1A594ABB112A1FB6009DE7C7 /* WebUIClient.h in Headers */ = {isa = PBXBuildFile; fileRef = 1A594AB9112A1FB6009DE7C7 /* WebUIClient.h */; };
1A5E4DA412D3BD3D0099A2BB /* TextCheckerState.h in Headers */ = {isa = PBXBuildFile; fileRef = 1A5E4DA312D3BD3D0099A2BB /* TextCheckerState.h */; };
@@ -404,7 +404,7 @@
51021E9C12B16788005C033C /* WebContextMenuClientMac.mm in Sources */ = {isa = PBXBuildFile; fileRef = 51021E9B12B16788005C033C /* WebContextMenuClientMac.mm */; };
510AFFB916542048001BA05E /* WebResourceLoader.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 510AFFB716542048001BA05E /* WebResourceLoader.cpp */; };
510AFFBA16542048001BA05E /* WebResourceLoader.h in Headers */ = {isa = PBXBuildFile; fileRef = 510AFFB816542048001BA05E /* WebResourceLoader.h */; };
- 510CC8491613C85C00D03ED3 /* NetworkProcess.app in CopyFiles */ = {isa = PBXBuildFile; fileRef = 510CC80E1613C79900D03ED3 /* NetworkProcess.app */; };
+ 510CC8491613C85C00D03ED3 /* NetworkProcess.app in Copy Files */ = {isa = PBXBuildFile; fileRef = 510CC80E1613C79900D03ED3 /* NetworkProcess.app */; };
510FBB9A1288C95E00AFFDF4 /* WebContextMenuItemData.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 510FBB981288C95E00AFFDF4 /* WebContextMenuItemData.cpp */; };
510FBB9B1288C95E00AFFDF4 /* WebContextMenuItemData.h in Headers */ = {isa = PBXBuildFile; fileRef = 510FBB991288C95E00AFFDF4 /* WebContextMenuItemData.h */; };
5110AE0C133C16CB0072717A /* WKIconDatabase.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5110AE0A133C16CB0072717A /* WKIconDatabase.cpp */; };
@@ -569,6 +569,12 @@
762B748D120BC75C00819339 /* WKPreferencesPrivate.h in Headers */ = {isa = PBXBuildFile; fileRef = 762B7484120BBA2D00819339 /* WKPreferencesPrivate.h */; settings = {ATTRIBUTES = (Private, ); }; };
7801C099142290C400FAF9AF /* WebHitTestResult.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 7801C095142290C400FAF9AF /* WebHitTestResult.cpp */; };
7801C09A142290C400FAF9AF /* WebHitTestResult.h in Headers */ = {isa = PBXBuildFile; fileRef = 7801C096142290C400FAF9AF /* WebHitTestResult.h */; };
+ 7CB16FEF1724BA23007A0A95 /* com.apple.ist.ds.appleconnect.webplugin.sb in Copy Plug-in Sandbox Profiles */ = {isa = PBXBuildFile; fileRef = 7CB16FE21724B9B5007A0A95 /* com.apple.ist.ds.appleconnect.webplugin.sb */; };
+ 7CB16FF01724BA24007A0A95 /* com.apple.QuickTime Plugin.plugin.sb in Copy Plug-in Sandbox Profiles */ = {isa = PBXBuildFile; fileRef = 7CB16FE31724B9B5007A0A95 /* com.apple.QuickTime Plugin.plugin.sb */; };
+ 7CB16FF11724BA26007A0A95 /* com.apple.WebKit.plugin-common.sb in Copy Plug-in Sandbox Profiles */ = {isa = PBXBuildFile; fileRef = 7CB16FE41724B9B5007A0A95 /* com.apple.WebKit.plugin-common.sb */; };
+ 7CB16FF21724BA28007A0A95 /* com.macromedia.Flash Player.plugin.sb in Copy Plug-in Sandbox Profiles */ = {isa = PBXBuildFile; fileRef = 7CB16FE51724B9B5007A0A95 /* com.macromedia.Flash Player.plugin.sb */; };
+ 7CB16FF31724BA2F007A0A95 /* com.microsoft.SilverlightPlugin.sb in Copy Plug-in Sandbox Profiles */ = {isa = PBXBuildFile; fileRef = 7CB16FE61724B9B5007A0A95 /* com.microsoft.SilverlightPlugin.sb */; };
+ 7CB16FF41724BA30007A0A95 /* com.oracle.java.JavaAppletPlugin.sb in Copy Plug-in Sandbox Profiles */ = {isa = PBXBuildFile; fileRef = 7CB16FE71724B9B5007A0A95 /* com.oracle.java.JavaAppletPlugin.sb */; };
8CFECE941490F140002AAA32 /* EditorState.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 8CFECE931490F140002AAA32 /* EditorState.cpp */; };
8DC2EF530486A6940098B216 /* InfoPlist.strings in Resources */ = {isa = PBXBuildFile; fileRef = 089C1666FE841158C02AAC07 /* InfoPlist.strings */; };
909854EC12BC4E17000AD080 /* WebMemorySampler.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 905620E812BC248B000799B6 /* WebMemorySampler.cpp */; };
@@ -918,7 +924,7 @@
BCAF35E816CA253B00D4E9FC /* OfflineStorageProcessCreationParameters.cpp in Sources */ = {isa = PBXBuildFile; fileRef = BCAF35E616CA253B00D4E9FC /* OfflineStorageProcessCreationParameters.cpp */; };
BCAF35E916CA253B00D4E9FC /* OfflineStorageProcessCreationParameters.cpp in Sources */ = {isa = PBXBuildFile; fileRef = BCAF35E616CA253B00D4E9FC /* OfflineStorageProcessCreationParameters.cpp */; };
BCAF35EA16CA253B00D4E9FC /* OfflineStorageProcessCreationParameters.h in Headers */ = {isa = PBXBuildFile; fileRef = BCAF35E716CA253B00D4E9FC /* OfflineStorageProcessCreationParameters.h */; };
- BCAF361B16CA285400D4E9FC /* OfflineStorageProcess.app in CopyFiles */ = {isa = PBXBuildFile; fileRef = BCAF359A16CA1D5700D4E9FC /* OfflineStorageProcess.app */; };
+ BCAF361B16CA285400D4E9FC /* OfflineStorageProcess.app in Copy Files */ = {isa = PBXBuildFile; fileRef = BCAF359A16CA1D5700D4E9FC /* OfflineStorageProcess.app */; };
BCAF361C16CA286700D4E9FC /* com.apple.WebKit.OfflineStorage.sb in Resources */ = {isa = PBXBuildFile; fileRef = BCAF361516CA274000D4E9FC /* com.apple.WebKit.OfflineStorage.sb */; };
BCAF361D16CA28C100D4E9FC /* Foundation.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = BC3DE46815A91763008D26FC /* Foundation.framework */; };
BCAF361E16CA28C500D4E9FC /* Foundation.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = BC3DE46815A91763008D26FC /* Foundation.framework */; };
@@ -1003,7 +1009,7 @@
BCDE059B11CDA8AE00E41AF1 /* WebContextInjectedBundleClient.h in Headers */ = {isa = PBXBuildFile; fileRef = BCDE059911CDA8AE00E41AF1 /* WebContextInjectedBundleClient.h */; };
BCDE059C11CDA8AE00E41AF1 /* WebContextInjectedBundleClient.cpp in Sources */ = {isa = PBXBuildFile; fileRef = BCDE059A11CDA8AE00E41AF1 /* WebContextInjectedBundleClient.cpp */; };
BCDE093D13272496001259FB /* PluginProcessShim.dylib in Copy Plug-in Process Shim */ = {isa = PBXBuildFile; fileRef = 1AC25FB012A48EA700BD2671 /* PluginProcessShim.dylib */; };
- BCDE0ABF13272708001259FB /* PluginProcess.app in CopyFiles */ = {isa = PBXBuildFile; fileRef = BCDE094213272496001259FB /* PluginProcess.app */; };
+ BCDE0ABF13272708001259FB /* PluginProcess.app in Copy Files */ = {isa = PBXBuildFile; fileRef = BCDE094213272496001259FB /* PluginProcess.app */; };
BCE0937714FB128C001138D9 /* LayerHostingContext.mm in Sources */ = {isa = PBXBuildFile; fileRef = BCE0937514FB128B001138D9 /* LayerHostingContext.mm */; };
BCE0937814FB128C001138D9 /* LayerHostingContext.h in Headers */ = {isa = PBXBuildFile; fileRef = BCE0937614FB128B001138D9 /* LayerHostingContext.h */; };
BCE0E425168B7A280057E66A /* WebProcessSupplement.h in Headers */ = {isa = PBXBuildFile; fileRef = BCE0E424168B7A280057E66A /* WebProcessSupplement.h */; };
@@ -1340,17 +1346,18 @@
/* End PBXContainerItemProxy section */
/* Begin PBXCopyFilesBuildPhase section */
- 1A50DB70110A3D67000D3FE5 /* CopyFiles */ = {
+ 1A50DB70110A3D67000D3FE5 /* Copy Files */ = {
isa = PBXCopyFilesBuildPhase;
buildActionMask = 2147483647;
dstPath = WebKit2.framework;
dstSubfolderSpec = 1;
files = (
- 510CC8491613C85C00D03ED3 /* NetworkProcess.app in CopyFiles */,
- BCDE0ABF13272708001259FB /* PluginProcess.app in CopyFiles */,
- 1A50DB66110A3D57000D3FE5 /* WebProcess.app in CopyFiles */,
- BCAF361B16CA285400D4E9FC /* OfflineStorageProcess.app in CopyFiles */,
+ 510CC8491613C85C00D03ED3 /* NetworkProcess.app in Copy Files */,
+ BCDE0ABF13272708001259FB /* PluginProcess.app in Copy Files */,
+ 1A50DB66110A3D57000D3FE5 /* WebProcess.app in Copy Files */,
+ BCAF361B16CA285400D4E9FC /* OfflineStorageProcess.app in Copy Files */,
);
+ name = "Copy Files";
runOnlyForDeploymentPostprocessing = 0;
};
5183B38F1379F56800E8754E /* Copy Sec Item Shim */ = {
@@ -1375,6 +1382,22 @@
name = "Copy Message Generation Scripts";
runOnlyForDeploymentPostprocessing = 0;
};
+ 7CB16FEE1724BA05007A0A95 /* Copy Plug-in Sandbox Profiles */ = {
+ isa = PBXCopyFilesBuildPhase;
+ buildActionMask = 2147483647;
+ dstPath = PlugInSandboxProfiles;
+ dstSubfolderSpec = 7;
+ files = (
+ 7CB16FEF1724BA23007A0A95 /* com.apple.ist.ds.appleconnect.webplugin.sb in Copy Plug-in Sandbox Profiles */,
+ 7CB16FF01724BA24007A0A95 /* com.apple.QuickTime Plugin.plugin.sb in Copy Plug-in Sandbox Profiles */,
+ 7CB16FF21724BA28007A0A95 /* com.macromedia.Flash Player.plugin.sb in Copy Plug-in Sandbox Profiles */,
+ 7CB16FF31724BA2F007A0A95 /* com.microsoft.SilverlightPlugin.sb in Copy Plug-in Sandbox Profiles */,
+ 7CB16FF41724BA30007A0A95 /* com.oracle.java.JavaAppletPlugin.sb in Copy Plug-in Sandbox Profiles */,
+ 7CB16FF11724BA26007A0A95 /* com.apple.WebKit.plugin-common.sb in Copy Plug-in Sandbox Profiles */,
+ );
+ name = "Copy Plug-in Sandbox Profiles";
+ runOnlyForDeploymentPostprocessing = 0;
+ };
BCDE093C13272496001259FB /* Copy Plug-in Process Shim */ = {
isa = PBXCopyFilesBuildPhase;
buildActionMask = 2147483647;
@@ -1994,6 +2017,12 @@
762B7484120BBA2D00819339 /* WKPreferencesPrivate.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WKPreferencesPrivate.h; sourceTree = "<group>"; };
7801C095142290C400FAF9AF /* WebHitTestResult.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = WebHitTestResult.cpp; sourceTree = "<group>"; };
7801C096142290C400FAF9AF /* WebHitTestResult.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WebHitTestResult.h; sourceTree = "<group>"; };
+ 7CB16FE21724B9B5007A0A95 /* com.apple.ist.ds.appleconnect.webplugin.sb */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = com.apple.ist.ds.appleconnect.webplugin.sb; sourceTree = "<group>"; };
+ 7CB16FE31724B9B5007A0A95 /* com.apple.QuickTime Plugin.plugin.sb */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = "com.apple.QuickTime Plugin.plugin.sb"; sourceTree = "<group>"; };
+ 7CB16FE41724B9B5007A0A95 /* com.apple.WebKit.plugin-common.sb */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = "com.apple.WebKit.plugin-common.sb"; sourceTree = "<group>"; };
+ 7CB16FE51724B9B5007A0A95 /* com.macromedia.Flash Player.plugin.sb */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = "com.macromedia.Flash Player.plugin.sb"; sourceTree = "<group>"; };
+ 7CB16FE61724B9B5007A0A95 /* com.microsoft.SilverlightPlugin.sb */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = com.microsoft.SilverlightPlugin.sb; sourceTree = "<group>"; };
+ 7CB16FE71724B9B5007A0A95 /* com.oracle.java.JavaAppletPlugin.sb */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = com.oracle.java.JavaAppletPlugin.sb; sourceTree = "<group>"; };
8CFECE931490F140002AAA32 /* EditorState.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = EditorState.cpp; sourceTree = "<group>"; };
8DC2EF5A0486A6940098B216 /* Info.plist */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = "<group>"; };
8DC2EF5B0486A6940098B216 /* WebKit2.framework */ = {isa = PBXFileReference; explicitFileType = wrapper.framework; includeInIndex = 0; path = WebKit2.framework; sourceTree = BUILT_PRODUCTS_DIR; };
@@ -2862,6 +2891,7 @@
089C1665FE841158C02AAC07 /* Resources */ = {
isa = PBXGroup;
children = (
+ 7CB16FE11724B9B5007A0A95 /* PlugInSandboxProfiles */,
6D8A91A511F0EFD100DD01FE /* com.apple.WebProcess.sb.in */,
1CBC945D16515ED200D68AAE /* DockBottom.pdf */,
1CB75C931701E880009F809F /* DockRight.pdf */,
@@ -3700,6 +3730,20 @@
name = mac;
sourceTree = "<group>";
};
+ 7CB16FE11724B9B5007A0A95 /* PlugInSandboxProfiles */ = {
+ isa = PBXGroup;
+ children = (
+ 7CB16FE21724B9B5007A0A95 /* com.apple.ist.ds.appleconnect.webplugin.sb */,
+ 7CB16FE31724B9B5007A0A95 /* com.apple.QuickTime Plugin.plugin.sb */,
+ 7CB16FE41724B9B5007A0A95 /* com.apple.WebKit.plugin-common.sb */,
+ 7CB16FE51724B9B5007A0A95 /* com.macromedia.Flash Player.plugin.sb */,
+ 7CB16FE61724B9B5007A0A95 /* com.microsoft.SilverlightPlugin.sb */,
+ 7CB16FE71724B9B5007A0A95 /* com.oracle.java.JavaAppletPlugin.sb */,
+ );
+ name = PlugInSandboxProfiles;
+ path = Resources/PlugInSandboxProfiles;
+ sourceTree = "<group>";
+ };
9394AE411702B25B00344232 /* mac */ = {
isa = PBXGroup;
children = (
@@ -5759,6 +5803,7 @@
buildPhases = (
8DC2EF500486A6940098B216 /* Headers */,
8DC2EF520486A6940098B216 /* Resources */,
+ 7CB16FEE1724BA05007A0A95 /* Copy Plug-in Sandbox Profiles */,
5D1A239015E75B100023E981 /* Copy Message Generation Scripts */,
5D1A239215E760590023E981 /* Remove Compiled Python Files */,
8DC2EF540486A6940098B216 /* Sources */,