Title: [171113] trunk/Source/WebKit2
- Revision
- 171113
- Author
- oli...@apple.com
- Date
- 2014-07-15 13:31:50 -0700 (Tue, 15 Jul 2014)
Log Message
More tidying of the webcontent sandbox profile
https://bugs.webkit.org/show_bug.cgi?id=134938
Reviewed by Alexey Proskuryakov.
Remove some excessive abilities from the profile and make
the required ones explicit.
* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
Modified Paths
Diff
Modified: trunk/Source/WebKit2/ChangeLog (171112 => 171113)
--- trunk/Source/WebKit2/ChangeLog 2014-07-15 19:41:32 UTC (rev 171112)
+++ trunk/Source/WebKit2/ChangeLog 2014-07-15 20:31:50 UTC (rev 171113)
@@ -1,3 +1,15 @@
+2014-07-15 Oliver Hunt <oli...@apple.com>
+
+ More tidying of the webcontent sandbox profile
+ https://bugs.webkit.org/show_bug.cgi?id=134938
+
+ Reviewed by Alexey Proskuryakov.
+
+ Remove some excessive abilities from the profile and make
+ the required ones explicit.
+
+ * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
+
2014-07-14 Andreas Kling <akl...@apple.com>
[iOS] Don't progressively re-render tiles while pinch-zooming under memory pressure.
Modified: trunk/Source/WebKit2/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb (171112 => 171113)
--- trunk/Source/WebKit2/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb 2014-07-15 19:41:32 UTC (rev 171112)
+++ trunk/Source/WebKit2/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb 2014-07-15 20:31:50 UTC (rev 171113)
@@ -29,7 +29,7 @@
(import "removed-dev-nodes.sb")
(import "apple-UI-apps.sb")
-(apple-ui-app "com.apple.WebKit.WebContent" 'with-webkit 'with-opengl)
+(apple-ui-app "com.apple.WebKit.WebContent" 'with-opengl)
(opengl)
;; Access CFNetwork shared cookies
@@ -87,7 +87,10 @@
;; Various services required by CFNetwork and other frameworks
(allow mach-lookup
- (global-name "com.apple.PowerManagement.control"))
+ (global-name "com.apple.PowerManagement.control")
+ (global-name "com.apple.accountsd.accountmanager"))
(deny file-write-create (vnode-type SYMLINK))
(deny file-read-xattr file-write-xattr (xattr-regex #"^com\.apple\.security\.private\."))
+
+(network-client (remote tcp))
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes