[webkit-changes] [WebKit/WebKit] f8504a: Tighten webpushd sandbox on iOS
bnham
noreply at github.com
Tue Jan 17 17:54:17 PST 2023
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: f8504aca74602bb8976581c31e3294abb2228b07
https://github.com/WebKit/WebKit/commit/f8504aca74602bb8976581c31e3294abb2228b07
Author: Ben Nham <nham at apple.com>
Date: 2023-01-17 (Tue, 17 Jan 2023)
Changed paths:
M Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.webpushd.sb.in
Log Message:
-----------
Tighten webpushd sandbox on iOS
https://bugs.webkit.org/show_bug.cgi?id=250728
rdar://103494644
Reviewed by Brady Eidson and Per Arne Vollan.
This changes the default sandbox policy for webpushd from allow to deny. It also grants access to
the service "com.apple.lsd.open", which is necessary to launch the app after clicking on a
notification.
* Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.webpushd.sb.in:
Canonical link: https://commits.webkit.org/259014@main
More information about the webkit-changes
mailing list