[webkit-changes] [WebKit/WebKit] 5ab76c: Add webpushd iOS sandbox
bnham
noreply at github.com
Fri Dec 16 20:20:02 PST 2022
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 5ab76c736b677f30be2693170b9ce4cee662b1dc
https://github.com/WebKit/WebKit/commit/5ab76c736b677f30be2693170b9ce4cee662b1dc
Author: Ben Nham <nham at apple.com>
Date: 2022-12-16 (Fri, 16 Dec 2022)
Changed paths:
M Source/WebKit/DerivedSources-input.xcfilelist
M Source/WebKit/DerivedSources-output.xcfilelist
M Source/WebKit/DerivedSources.make
A Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.webpushd.sb.in
M Source/WebKit/Scripts/process-entitlements.sh
M Source/WebKit/WebKit.xcodeproj/project.pbxproj
Log Message:
-----------
Add webpushd iOS sandbox
https://bugs.webkit.org/show_bug.cgi?id=249436
rdar://103410333
Reviewed by Brady Eidson.
This adds a sandbox profile for webpushd on iOS. It allows standard system operations, reading and
writing to the PushDatabase, interacting with apsd, and interacting with LaunchServices.
For now, the sandbox defaults to allowing all operations with symbolication, but we'll change the
default to deny once we're sure these rules are sufficient.
* Source/WebKit/DerivedSources-input.xcfilelist:
* Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.webpushd.sb.in: Added.
* Source/WebKit/Scripts/process-entitlements.sh:
* Source/WebKit/WebKit.xcodeproj/project.pbxproj:
Canonical link: https://commits.webkit.org/258033@main
More information about the webkit-changes
mailing list