<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[208589] trunk/Source/WebKit2</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/208589">208589</a></dd>
<dt>Author</dt> <dd>bfulgham@apple.com</dd>
<dt>Date</dt> <dd>2016-11-11 09:18:53 -0800 (Fri, 11 Nov 2016)</dd>
</dl>
<h3>Log Message</h3>
<pre>Remove unused FontService from sandbox profile
https://bugs.webkit.org/show_bug.cgi?id=164625
<rdar://problem/26899976>
Reviewed by Alex Christensen.
Part of some general sandbox profile gardening.
Convert the Plugin process sandbox into
* Configurations/WebKit.xcconfig: Add exclude for com.apple.WebKit.plugin-common.sb.in.
* DerivedSources.make: Update to generate com.apple.WebKit.plugin-common.sb from .in file
* PluginProcess/mac/com.apple.WebKit.plugin-common.sb.in: Copied from Resources/PlugInSandboxProfiles/com.apple.WebKit.plugin-common.sb.
* Resources/PlugInSandboxProfiles/com.apple.WebKit.plugin-common.sb: Removed.
* WebKit2.xcodeproj/project.pbxproj: Update for new .in file.
* WebProcess/com.apple.WebProcess.sb.in: Remove com.apple.FontServer
from macOS Sierra and newer.</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkSourceWebKit2ChangeLog">trunk/Source/WebKit2/ChangeLog</a></li>
<li><a href="#trunkSourceWebKit2ConfigurationsWebKitxcconfig">trunk/Source/WebKit2/Configurations/WebKit.xcconfig</a></li>
<li><a href="#trunkSourceWebKit2DerivedSourcesmake">trunk/Source/WebKit2/DerivedSources.make</a></li>
<li><a href="#trunkSourceWebKit2WebKit2xcodeprojprojectpbxproj">trunk/Source/WebKit2/WebKit2.xcodeproj/project.pbxproj</a></li>
<li><a href="#trunkSourceWebKit2WebProcesscomappleWebProcesssbin">trunk/Source/WebKit2/WebProcess/com.apple.WebProcess.sb.in</a></li>
</ul>
<h3>Added Paths</h3>
<ul>
<li><a href="#trunkSourceWebKit2PluginProcessmaccomappleWebKitplugincommonsbin">trunk/Source/WebKit2/PluginProcess/mac/com.apple.WebKit.plugin-common.sb.in</a></li>
</ul>
<h3>Removed Paths</h3>
<ul>
<li><a href="#trunkSourceWebKit2ResourcesPlugInSandboxProfilescomappleWebKitplugincommonsb">trunk/Source/WebKit2/Resources/PlugInSandboxProfiles/com.apple.WebKit.plugin-common.sb</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkSourceWebKit2ChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/ChangeLog (208588 => 208589)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/ChangeLog 2016-11-11 16:50:57 UTC (rev 208588)
+++ trunk/Source/WebKit2/ChangeLog 2016-11-11 17:18:53 UTC (rev 208589)
</span><span class="lines">@@ -1,3 +1,23 @@
</span><ins>+2016-11-10 Brent Fulgham <bfulgham@apple.com>
+
+ Remove unused FontService from sandbox profile
+ https://bugs.webkit.org/show_bug.cgi?id=164625
+ <rdar://problem/26899976>
+
+ Reviewed by Alex Christensen.
+
+ Part of some general sandbox profile gardening.
+
+ Convert the Plugin process sandbox into
+
+ * Configurations/WebKit.xcconfig: Add exclude for com.apple.WebKit.plugin-common.sb.in.
+ * DerivedSources.make: Update to generate com.apple.WebKit.plugin-common.sb from .in file
+ * PluginProcess/mac/com.apple.WebKit.plugin-common.sb.in: Copied from Resources/PlugInSandboxProfiles/com.apple.WebKit.plugin-common.sb.
+ * Resources/PlugInSandboxProfiles/com.apple.WebKit.plugin-common.sb: Removed.
+ * WebKit2.xcodeproj/project.pbxproj: Update for new .in file.
+ * WebProcess/com.apple.WebProcess.sb.in: Remove com.apple.FontServer
+ from macOS Sierra and newer.
+
</ins><span class="cx"> 2016-11-10 Eric Carlson <eric.carlson@apple.com>
</span><span class="cx">
</span><span class="cx"> [MediaStream] apply constraints passed to getUserMedia()
</span></span></pre></div>
<a id="trunkSourceWebKit2ConfigurationsWebKitxcconfig"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/Configurations/WebKit.xcconfig (208588 => 208589)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/Configurations/WebKit.xcconfig 2016-11-11 16:50:57 UTC (rev 208588)
+++ trunk/Source/WebKit2/Configurations/WebKit.xcconfig 2016-11-11 17:18:53 UTC (rev 208589)
</span><span class="lines">@@ -52,7 +52,7 @@
</span><span class="cx"> SECTORDER_FLAGS_Production[sdk=iphoneos*] = -Wl,-order_file,$(SDKROOT)/AppleInternal/OrderFiles/WebKit.order;
</span><span class="cx"> SECTORDER_FLAGS_Production[sdk=macosx*] = -Wl,-order_file,mac/WebKit2.order;
</span><span class="cx">
</span><del>-EXCLUDED_SOURCE_FILE_NAMES[sdk=iphone*] = PluginProcessShim.dylib SecItemShim.dylib WebProcessShim.dylib *.pdf Resources/mac/* com.apple.WebKit.Databases.sb com.apple.WebKit.NetworkProcess.sb com.apple.WebProcess.sb PlugInSandboxProfiles/*.sb;
</del><ins>+EXCLUDED_SOURCE_FILE_NAMES[sdk=iphone*] = PluginProcessShim.dylib SecItemShim.dylib WebProcessShim.dylib *.pdf Resources/mac/* com.apple.WebKit.Databases.sb com.apple.WebKit.NetworkProcess.sb com.apple.WebProcess.sb com.apple.WebKit.plugin-common.sb PlugInSandboxProfiles/*.sb;
</ins><span class="cx">
</span><span class="cx"> INSTALLHDRS_SCRIPT_PHASE = YES;
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceWebKit2DerivedSourcesmake"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/DerivedSources.make (208588 => 208589)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/DerivedSources.make 2016-11-11 16:50:57 UTC (rev 208588)
+++ trunk/Source/WebKit2/DerivedSources.make 2016-11-11 17:18:53 UTC (rev 208589)
</span><span class="lines">@@ -203,6 +203,7 @@
</span><span class="cx"> SANDBOX_PROFILES = \
</span><span class="cx"> com.apple.WebProcess.sb \
</span><span class="cx"> com.apple.WebKit.Databases.sb \
</span><ins>+ com.apple.WebKit.plugin-common.sb \
</ins><span class="cx"> com.apple.WebKit.NetworkProcess.sb
</span><span class="cx">
</span><span class="cx"> all: $(SANDBOX_PROFILES)
</span></span></pre></div>
<a id="trunkSourceWebKit2PluginProcessmaccomappleWebKitplugincommonsbinfromrev208588trunkSourceWebKit2ResourcesPlugInSandboxProfilescomappleWebKitplugincommonsb"></a>
<div class="copfile"><h4>Copied: trunk/Source/WebKit2/PluginProcess/mac/com.apple.WebKit.plugin-common.sb.in (from rev 208588, trunk/Source/WebKit2/Resources/PlugInSandboxProfiles/com.apple.WebKit.plugin-common.sb) (0 => 208589)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/PluginProcess/mac/com.apple.WebKit.plugin-common.sb.in (rev 0)
+++ trunk/Source/WebKit2/PluginProcess/mac/com.apple.WebKit.plugin-common.sb.in 2016-11-11 17:18:53 UTC (rev 208589)
</span><span class="lines">@@ -0,0 +1,415 @@
</span><ins>+; Copyright (C) 2013-2016 Apple Inc. All rights reserved.
+;
+; Redistribution and use in source and binary forms, with or without
+; modification, are permitted provided that the following conditions
+; are met:
+; 1. Redistributions of source code must retain the above copyright
+; notice, this list of conditions and the following disclaimer.
+; 2. Redistributions in binary form must reproduce the above copyright
+; notice, this list of conditions and the following disclaimer in the
+; documentation and/or other materials provided with the distribution.
+;
+; THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
+; AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
+; THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+; PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
+; BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+; CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+; SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+; INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+; CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+; ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+; THE POSSIBILITY OF SUCH DAMAGE.
+
+(version 1)
+(deny default)
+(allow system-audit file-read-metadata)
+
+(import "system.sb")
+
+;; Utility functions
+(define (home-literal home-relative-literal)
+ (literal (string-append (param "HOME_DIR") home-relative-literal)))
+
+(define (home-library-regex home-library-relative-regex)
+ (regex (string-append "^" (regex-quote (param "HOME_LIBRARY_DIR")) home-library-relative-regex)))
+
+(define (home-library-subpath home-library-relative-subpath)
+ (subpath (string-append (param "HOME_LIBRARY_DIR") home-library-relative-subpath)))
+
+(define (home-library-literal home-library-relative-literal)
+ (literal (string-append (param "HOME_LIBRARY_DIR") home-library-relative-literal)))
+
+(define (home-library-preferences-regex home-library-preferences-relative-regex)
+ (regex (string-append "^" (regex-quote (param "HOME_LIBRARY_PREFERENCES_DIR")) home-library-preferences-relative-regex)))
+
+(define (home-library-preferences-subpath home-library-preferences-relative-subpath)
+ (subpath (string-append (param "HOME_LIBRARY_PREFERENCES_DIR") home-library-preferences-relative-subpath)))
+
+(define (home-library-preferences-literal home-library-preferences-relative-literal)
+ (literal (string-append (param "HOME_LIBRARY_PREFERENCES_DIR") home-library-preferences-relative-literal)))
+
+(define (shared-preferences-read . domains)
+ (for-each (lambda (domain)
+ (begin
+ (if (defined? `user-preference-read)
+ (allow user-preference-read (preference-domain domain)))
+ ; (Temporary) backward compatibility with non-CFPreferences readers.
+ (allow file-read*
+ (literal (string-append "/Library/Preferences/" domain ".plist"))
+ (home-library-preferences-literal (string-append "/" domain ".plist"))
+ (home-library-preferences-regex (string-append #"/ByHost/" (regex-quote domain) #"\..*\.plist$")))))
+ domains))
+
+(define (shared-preferences-read-write . domains)
+ (for-each (lambda (domain)
+ (begin
+ (if (defined? `user-preference-write)
+ (allow user-preference-read user-preference-write (preference-domain domain)))
+ ; (Temporary) backward compatibility with non-CFPreferences readers / writers.
+ (allow file-read* file-write*
+ (literal (string-append "/Library/Preferences/" domain ".plist"))
+ (home-library-preferences-literal (string-append "/" domain ".plist"))
+ (home-library-preferences-regex (string-append #"/ByHost/" (regex-quote domain) #"\..*\.plist$")))))
+ domains))
+
+;; WebKit2 sandbox launcher needs to define an _OS_VERSION parameter
+;; This parameter is the major OS Version number.
+(if (not (defined? 'os-version))
+ (define os-version (param "_OS_VERSION")))
+
+;; OS X 10.7 (Lion) compatibility
+(if (not (defined? 'ipc-posix-shm*))
+ (define ipc-posix-shm* ipc-posix-shm))
+(if (not (defined? 'ipc-posix-shm-read*))
+ (define ipc-posix-shm-read* ipc-posix-shm))
+(if (not (defined? 'ipc-posix-shm-write-data))
+ (define ipc-posix-shm-write-data ipc-posix-shm))
+
+;; Graphics
+(if (defined? 'system-graphics)
+ (system-graphics)
+ (begin
+ (shared-preferences-read
+ "com.apple.opengl"
+ "com.nvidia.OpenGL")
+ (allow mach-lookup (global-name "com.apple.cvmsServ"))
+ (allow iokit-open
+ (iokit-connection "IOAccelerator")
+ (iokit-user-client-class "IOAccelerationUserClient")
+ (iokit-user-client-class "IOSurfaceRootUserClient")
+ (iokit-user-client-class "IOSurfaceSendRight")
+ (iokit-user-client-class "IOFramebufferSharedUserClient")
+ (iokit-user-client-class "AppleSNBFBUserClient")
+ (iokit-user-client-class "AGPMClient")
+ (iokit-user-client-class "AppleGraphicsControlClient")
+ (iokit-user-client-class "AppleGraphicsPolicyClient"))))
+
+;; Read-only preferences
+(shared-preferences-read
+ ".GlobalPreferences"
+ "com.apple.Bluetooth"
+ "com.apple.CoreGraphics"
+ "com.apple.QuickTime"
+ "com.apple.HIToolbox"
+ "com.apple.ATS"
+ "com.apple.driver.AppleBluetoothMultitouch.mouse"
+ "com.apple.driver.AppleBluetoothMultitouch.trackpad"
+ "com.apple.driver.AppleHIDMouse"
+ "com.apple.inputmethodkit"
+ "com.apple.iWork.Pages"
+ "com.apple.LaunchServices"
+ "com.apple.MultitouchSupport"
+ "com.apple.security"
+ "com.apple.security.revocation"
+ "com.apple.security_common"
+ "com.apple.speech.voice.prefs"
+ "com.apple.speech.synthesis.general.prefs"
+ "com.apple.speech.recognition.AppleSpeechRecognition.prefs"
+ "com.apple.systemsound"
+ "com.apple.universalaccess"
+ "com.apple.WebFoundation"
+ "com.apple.WebKit.PluginProcess"
+ "pbs"
+ "com.apple.ServicesMenu.Services")
+
+;; Read-only data
+(allow file-read*
+ (literal "/")
+ (literal "/private/etc/hosts")
+ (literal "/private/etc/protocols")
+ (literal "/private/etc/services")
+ (literal "/private/etc/resolv.conf")
+ (literal "/private/var/run/resolv.conf")
+
+ (subpath "/Library/Frameworks")
+ (subpath "/Library/Managed Preferences")
+ (subpath "/private/var/db/mds")
+
+ (regex #"^/Library/Preferences/com\.apple\.security")
+ (home-literal "/.CFUserTextEncoding")
+ (home-library-subpath "/Audio")
+ (home-library-subpath "/ColorPickers")
+ (home-library-subpath "/ColorSync")
+ (subpath "/Library/Components")
+ (home-library-subpath "/Components")
+ (subpath "/Library/Contextual Menu Items")
+ (subpath "/Library/Input Methods")
+ (home-library-subpath "/Input Methods")
+ (subpath "/Library/InputManagers")
+ (home-library-subpath "/InputManagers")
+ (home-library-subpath "/KeyBindings")
+ (subpath "/Library/Keyboard Layouts")
+ (home-library-subpath "/Keyboard Layouts")
+ (subpath "/Library/Fonts")
+ (home-library-subpath "/Fonts")
+ (subpath "/Library/Spelling")
+ (home-library-subpath "/Spelling")
+ (subpath "/Library/PDF Services")
+ (home-library-subpath "/PDF Services")
+ (home-library-preferences-literal "/QuickTime Preferences")
+
+ (home-library-literal "/Caches/com.apple.coreaudio.components.plist")
+
+ (subpath "/Library/Audio/Sounds")
+ (subpath "/Library/Audio/Plug-Ins/Components")
+ (home-library-subpath "/Audio/Plug-Ins/Components")
+ (subpath "/Library/Audio/Plug-Ins/HAL")
+ (subpath "/Library/CoreMediaIO/Plug-Ins/DAL")
+ (subpath "/Library/QuickTime")
+ (home-library-subpath "/QuickTime")
+ (subpath "/Library/Video/Plug-Ins")
+ (home-library-subpath "/Caches/QuickTime")
+
+ (literal "/Library/Application Support/CrashReporter/SubmitDiagInfo.domains")
+
+ (home-library-literal "/Application Support/SyncServices/Local/ClientsWithChanges/com.apple.Keychain")
+
+ (subpath "/Library/ColorSync")
+
+ (home-literal "/Library/Preferences/com.apple.lookup.shared.plist")
+
+ ;; FIXME: This should be removed when <rdar://problem/10479685> is fixed.
+ (subpath "/Library/Keychains"))
+
+;; Security framework
+(allow mach-lookup (global-name "com.apple.ocspd"))
+(allow file-read* file-write* (home-library-subpath "/Keychains"))
+(allow file-read*
+ (subpath "/private/var/db/mds")
+ (literal "/private/var/db/DetachedSignatures"))
+(allow ipc-posix-shm-read* ipc-posix-shm-write-data
+ (ipc-posix-name "com.apple.AppleDatabaseChanged"))
+
+;; Read-write preferences and data
+(allow file*
+ ;; FIXME: This should be removed when <rdar://problem/10479685> is fixed.
+ (home-library-subpath "/Keychains"))
+(allow system-fsctl (fsctl-command (_IO "h" 47)))
+
+;; IOKit user clients
+(allow iokit-open
+ (iokit-user-client-class "IOAudioControlUserClient")
+ (iokit-user-client-class "IOAudioEngineUserClient")
+ (iokit-user-client-class "IOHIDParamUserClient")
+ (iokit-user-client-class "RootDomainUserClient"))
+
+;; Various services required by AppKit and other frameworks
+(allow mach-lookup
+ (global-name "com.apple.CoreServices.coreservicesd")
+ (global-name "com.apple.DiskArbitration.diskarbitrationd")
+ (global-name "com.apple.FileCoordination")
+ (global-name "com.apple.FontObjectsServer")
+#if __MAC_OS_X_VERSION_MIN_REQUIRED < 101200
+ (global-name "com.apple.FontServer")
+#endif
+ (global-name "com.apple.ImageCaptureExtension2.presence")
+ (global-name "com.apple.PowerManagement.control")
+ (global-name "com.apple.SecurityServer")
+ (global-name "com.apple.SystemConfiguration.PPPController")
+ (global-name "com.apple.SystemConfiguration.configd")
+ (global-name "com.apple.UNCUserNotification")
+ (global-name "com.apple.audio.VDCAssistant")
+ (global-name "com.apple.audio.audiohald")
+ (global-name "com.apple.audio.coreaudiod")
+ (global-name "com.apple.cfnetwork.AuthBrokerAgent")
+ (global-name "com.apple.cmio.VDCAssistant")
+ (global-name "com.apple.cookied") ;; FIXME: <rdar://problem/10790768> Limit access to cookies.
+ (global-name "com.apple.coreservices.launchservicesd")
+ (global-name "com.apple.fonts")
+ (global-name "com.apple.ocspd")
+ (global-name "com.apple.pasteboard.1")
+ (global-name "com.apple.pbs.fetch_services")
+ (global-name "com.apple.tccd.system")
+ (global-name "com.apple.tsm.uiserver")
+ (global-name "com.apple.window_proxies")
+ (global-name "com.apple.windowserver.active")
+ (local-name "com.apple.tsm.portname")
+ (global-name-regex #"_OpenStep$"))
+
+(if (equal? os-version "10.7")
+ (allow mach-lookup
+ (global-name "com.apple.system.DirectoryService.membership_v1")))
+
+;; Configuration directories
+(allow file-read* (subpath (param "PLUGIN_PATH")))
+(allow file-read* (subpath (param "WEBKIT2_FRAMEWORK_DIR")))
+(allow file* (subpath (param "DARWIN_USER_TEMP_DIR")))
+(allow file* (subpath (param "DARWIN_USER_CACHE_DIR")))
+(allow file* (subpath (param "NSURL_CACHE_DIR")))
+
+;; Allow the OpenGL Profiler to attach.
+(if (defined? 'mach-register)
+ (allow mach-register (global-name-regex #"^_oglprof_attach_<[0-9]+>$")))
+
+;; Networking
+(if (defined? 'system-network)
+ (system-network)
+ (begin
+ (allow file-read* (literal "/Library/Preferences/com.apple.networkd.plist"))
+ (allow mach-lookup
+ (global-name "com.apple.SystemConfiguration.SCNetworkReachability")
+ (global-name "com.apple.networkd"))
+ (allow network-outbound
+ (control-name "com.apple.netsrc")
+ (control-name "com.apple.network.statistics"))
+ (allow system-socket
+ (require-all (socket-domain AF_SYSTEM)
+ (socket-protocol 2)) ; SYSPROTO_CONTROL
+ (socket-domain AF_ROUTE))))
+
+(allow network-outbound
+ ;; Local mDNSResponder for DNS, arbitrary outbound TCP and UDP
+ (literal "/private/var/run/mDNSResponder")
+ (remote tcp)
+ (remote udp))
+(allow network-inbound
+ (local udp))
+
+
+;; Open and Save panels
+(define (webkit-powerbox)
+ (allow file-read* (literal "/Library/Preferences/com.apple.ViewBridge.plist"))
+ (allow file-read* file-write* (extension "com.apple.app-sandbox.read-write"))
+ (allow file-issue-extension
+ (require-all
+ (extension-class "com.apple.app-sandbox.read")
+ (extension "com.apple.app-sandbox.read-write"))
+ (require-all
+ (extension-class "com.apple.app-sandbox.read-write")
+ (extension "com.apple.app-sandbox.read-write"))))
+
+;; Printing
+(define (webkit-printing)
+ (if (defined? 'authorization-right-obtain)
+ (allow authorization-right-obtain
+ (right-name "system.print.operator")
+ (right-name "system.printingmanager")))
+ (if (defined? 'mach-register)
+ (deny mach-register (with no-log)
+ (global-name-regex #"^com\.apple\.ICA-[0-9]+$")))
+ (if (defined? 'mach-task-name)
+ (allow mach-task-name))
+ (allow network-outbound (literal "/private/var/run/cupsd"))
+ (allow mach-lookup
+ (global-name "com.apple.printuitool.agent")
+ (global-name "com.apple.printtool.agent")
+ (global-name "com.apple.printtool.daemon"))
+ (allow file-read*
+ (subpath "/Library/Printers")
+ (home-literal "/.cups/lpoptions")
+ (home-literal "/.cups/client.conf")
+ (literal "/private/etc/cups/client.conf")
+ (literal "/private/etc/cups/lpoptions")
+ (subpath "/private/etc/cups/ppd")
+ (literal "/private/var/run/cupsd"))
+ (shared-preferences-read "org.cups.PrintingPrefs"))
+
+;; Text Services Manager
+(allow iokit-set-properties (iokit-property "CapsLockDelayOverride"))
+
+;; Image Capture
+(define (webkit-imagecapture)
+ (allow appleevent-send (appleevent-destination "com.apple.imagecaptureextension2")))
+
+;; Camera
+(define (webkit-camera)
+ (shared-preferences-read "com.apple.coremedia")
+ (allow mach-lookup (extension "com.apple.app-sandbox.mach"))
+ (allow mach-lookup
+ (global-name "com.apple.cmio.AppleCameraAssistant")
+ ;; Apple DAL assistants
+ (global-name "com.apple.cmio.VDCAssistant")
+ (global-name "com.apple.cmio.AVCAssistant")
+ (global-name "com.apple.cmio.IIDCVideoAssistant")
+ ;; QuickTimeIIDCDigitizer assistant
+ (global-name "com.apple.IIDCAssistant"))
+ (allow iokit-open
+ ;; QuickTimeUSBVDCDigitizer
+ (iokit-user-client-class "IOUSBDeviceUserClientV2")
+ (iokit-user-client-class "IOUSBInterfaceUserClientV2"))
+ (allow device-camera))
+
+;; Microphone
+(define (webkit-microphone)
+ (allow device-microphone))
+
+(if (equal? os-version "10.7")
+ (allow ipc-posix-shm)
+ (begin
+ (if (equal? os-version "10.8")
+ (allow ipc-posix-shm*
+ (ipc-posix-name "_CS_GSHMEMLOCK")
+ (ipc-posix-name "_CS_DSHMEMLOCK")))
+ (allow ipc-posix-shm*
+ (ipc-posix-name-regex #"^AudioIO")
+ (ipc-posix-name-regex #"^CFPBS:")
+ (ipc-posix-name "com.apple.ColorSync.Gen.lock")
+ (ipc-posix-name "com.apple.ColorSync.Disp.lock")
+ (ipc-posix-name "com.apple.ColorSync.Gray2.2")
+ (ipc-posix-name "com.apple.ColorSync.sRGB")
+ (ipc-posix-name "com.apple.ColorSync.GenGray")
+ (ipc-posix-name "com.apple.ColorSync.GenRGB")
+ (ipc-posix-name-regex #"^com\.apple\.cs\.")
+ (ipc-posix-name-regex #"^ls\."))
+ (allow ipc-posix-shm-read*
+ (ipc-posix-name-regex #"^/tmp/com\.apple\.csseed\.")
+ (ipc-posix-name "FNetwork.defaultStorageSession")
+ (ipc-posix-name "apple.shm.notification_center"))))
+
+;; Silently block access to some resources
+(deny file-read* file-write* (with no-log)
+ (subpath "/Network/Library")
+ (subpath "/Network/Applications")
+ (home-library-preferences-regex #"/com\.apple\.internetconfig(priv)?\.plist")
+
+ ;; FIXME: Should be removed after <rdar://problem/9422957> is fixed.
+ (home-library-literal "/Caches/Cache.db")
+
+ ;; FIXME: Should be removed after <rdar://problem/10463881> is fixed.
+ (home-library-preferences-literal "/com.apple.LaunchServices.QuarantineEventsV2")
+ (home-library-preferences-literal "/com.apple.LaunchServices.QuarantineEventsV2-journal"))
+
+(deny mach-lookup (with no-log)
+ (global-name "com.apple.FSEvents")
+ (global-name "com.apple.coreservices.appleevents")
+ (global-name "com.apple.dock.server")
+ (global-name-regex #"^com\.apple\.distributed_notifications"))
+
+;; The below rules are inserted at the end of sandbox profile compilation by overriding the finalizer.
+;; The initial value of %finalize must be the last function called.
+(letrec
+ ((original-%finalize %finalize)
+ (webkit-%finalize
+ (lambda ()
+ (if (defined? 'vnode-type)
+ (deny file-write-create
+ (vnode-type SYMLINK)))
+ ;; Reserve a namespace for additional protected extended attributes.
+ (deny file-read-xattr file-write-xattr (xattr #"^com\.apple\.security\.private\."))
+ ;; FIXME: Should be removed once <rdar://problem/16329087> is fixed.
+ (if (defined? 'xattr-regex)
+ (deny file-read-xattr file-write-xattr (xattr-regex #"^com\.apple\.security\.private\."))
+ (deny file-read-xattr file-write-xattr (xattr #"^com\.apple\.security\.private\.")))
+ (original-%finalize))))
+ (set! %finalize webkit-%finalize))
</ins></span></pre></div>
<a id="trunkSourceWebKit2ResourcesPlugInSandboxProfilescomappleWebKitplugincommonsb"></a>
<div class="delfile"><h4>Deleted: trunk/Source/WebKit2/Resources/PlugInSandboxProfiles/com.apple.WebKit.plugin-common.sb (208588 => 208589)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/Resources/PlugInSandboxProfiles/com.apple.WebKit.plugin-common.sb 2016-11-11 16:50:57 UTC (rev 208588)
+++ trunk/Source/WebKit2/Resources/PlugInSandboxProfiles/com.apple.WebKit.plugin-common.sb 2016-11-11 17:18:53 UTC (rev 208589)
</span><span class="lines">@@ -1,413 +0,0 @@
</span><del>-; Copyright (C) 2013, 2014 Apple Inc. All rights reserved.
-;
-; Redistribution and use in source and binary forms, with or without
-; modification, are permitted provided that the following conditions
-; are met:
-; 1. Redistributions of source code must retain the above copyright
-; notice, this list of conditions and the following disclaimer.
-; 2. Redistributions in binary form must reproduce the above copyright
-; notice, this list of conditions and the following disclaimer in the
-; documentation and/or other materials provided with the distribution.
-;
-; THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
-; AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
-; THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-; PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
-; BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-; CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-; SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-; INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-; CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-; ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
-; THE POSSIBILITY OF SUCH DAMAGE.
-
-(version 1)
-(deny default)
-(allow system-audit file-read-metadata)
-
-(import "system.sb")
-
-;; Utility functions
-(define (home-literal home-relative-literal)
- (literal (string-append (param "HOME_DIR") home-relative-literal)))
-
-(define (home-library-regex home-library-relative-regex)
- (regex (string-append "^" (regex-quote (param "HOME_LIBRARY_DIR")) home-library-relative-regex)))
-
-(define (home-library-subpath home-library-relative-subpath)
- (subpath (string-append (param "HOME_LIBRARY_DIR") home-library-relative-subpath)))
-
-(define (home-library-literal home-library-relative-literal)
- (literal (string-append (param "HOME_LIBRARY_DIR") home-library-relative-literal)))
-
-(define (home-library-preferences-regex home-library-preferences-relative-regex)
- (regex (string-append "^" (regex-quote (param "HOME_LIBRARY_PREFERENCES_DIR")) home-library-preferences-relative-regex)))
-
-(define (home-library-preferences-subpath home-library-preferences-relative-subpath)
- (subpath (string-append (param "HOME_LIBRARY_PREFERENCES_DIR") home-library-preferences-relative-subpath)))
-
-(define (home-library-preferences-literal home-library-preferences-relative-literal)
- (literal (string-append (param "HOME_LIBRARY_PREFERENCES_DIR") home-library-preferences-relative-literal)))
-
-(define (shared-preferences-read . domains)
- (for-each (lambda (domain)
- (begin
- (if (defined? `user-preference-read)
- (allow user-preference-read (preference-domain domain)))
- ; (Temporary) backward compatibility with non-CFPreferences readers.
- (allow file-read*
- (literal (string-append "/Library/Preferences/" domain ".plist"))
- (home-library-preferences-literal (string-append "/" domain ".plist"))
- (home-library-preferences-regex (string-append #"/ByHost/" (regex-quote domain) #"\..*\.plist$")))))
- domains))
-
-(define (shared-preferences-read-write . domains)
- (for-each (lambda (domain)
- (begin
- (if (defined? `user-preference-write)
- (allow user-preference-read user-preference-write (preference-domain domain)))
- ; (Temporary) backward compatibility with non-CFPreferences readers / writers.
- (allow file-read* file-write*
- (literal (string-append "/Library/Preferences/" domain ".plist"))
- (home-library-preferences-literal (string-append "/" domain ".plist"))
- (home-library-preferences-regex (string-append #"/ByHost/" (regex-quote domain) #"\..*\.plist$")))))
- domains))
-
-;; WebKit2 sandbox launcher needs to define an _OS_VERSION parameter
-;; This parameter is the major OS Version number.
-(if (not (defined? 'os-version))
- (define os-version (param "_OS_VERSION")))
-
-;; OS X 10.7 (Lion) compatibility
-(if (not (defined? 'ipc-posix-shm*))
- (define ipc-posix-shm* ipc-posix-shm))
-(if (not (defined? 'ipc-posix-shm-read*))
- (define ipc-posix-shm-read* ipc-posix-shm))
-(if (not (defined? 'ipc-posix-shm-write-data))
- (define ipc-posix-shm-write-data ipc-posix-shm))
-
-;; Graphics
-(if (defined? 'system-graphics)
- (system-graphics)
- (begin
- (shared-preferences-read
- "com.apple.opengl"
- "com.nvidia.OpenGL")
- (allow mach-lookup (global-name "com.apple.cvmsServ"))
- (allow iokit-open
- (iokit-connection "IOAccelerator")
- (iokit-user-client-class "IOAccelerationUserClient")
- (iokit-user-client-class "IOSurfaceRootUserClient")
- (iokit-user-client-class "IOSurfaceSendRight")
- (iokit-user-client-class "IOFramebufferSharedUserClient")
- (iokit-user-client-class "AppleSNBFBUserClient")
- (iokit-user-client-class "AGPMClient")
- (iokit-user-client-class "AppleGraphicsControlClient")
- (iokit-user-client-class "AppleGraphicsPolicyClient"))))
-
-;; Read-only preferences
-(shared-preferences-read
- ".GlobalPreferences"
- "com.apple.Bluetooth"
- "com.apple.CoreGraphics"
- "com.apple.QuickTime"
- "com.apple.HIToolbox"
- "com.apple.ATS"
- "com.apple.driver.AppleBluetoothMultitouch.mouse"
- "com.apple.driver.AppleBluetoothMultitouch.trackpad"
- "com.apple.driver.AppleHIDMouse"
- "com.apple.inputmethodkit"
- "com.apple.iWork.Pages"
- "com.apple.LaunchServices"
- "com.apple.MultitouchSupport"
- "com.apple.security"
- "com.apple.security.revocation"
- "com.apple.security_common"
- "com.apple.speech.voice.prefs"
- "com.apple.speech.synthesis.general.prefs"
- "com.apple.speech.recognition.AppleSpeechRecognition.prefs"
- "com.apple.systemsound"
- "com.apple.universalaccess"
- "com.apple.WebFoundation"
- "com.apple.WebKit.PluginProcess"
- "pbs"
- "com.apple.ServicesMenu.Services")
-
-;; Read-only data
-(allow file-read*
- (literal "/")
- (literal "/private/etc/hosts")
- (literal "/private/etc/protocols")
- (literal "/private/etc/services")
- (literal "/private/etc/resolv.conf")
- (literal "/private/var/run/resolv.conf")
-
- (subpath "/Library/Frameworks")
- (subpath "/Library/Managed Preferences")
- (subpath "/private/var/db/mds")
-
- (regex #"^/Library/Preferences/com\.apple\.security")
- (home-literal "/.CFUserTextEncoding")
- (home-library-subpath "/Audio")
- (home-library-subpath "/ColorPickers")
- (home-library-subpath "/ColorSync")
- (subpath "/Library/Components")
- (home-library-subpath "/Components")
- (subpath "/Library/Contextual Menu Items")
- (subpath "/Library/Input Methods")
- (home-library-subpath "/Input Methods")
- (subpath "/Library/InputManagers")
- (home-library-subpath "/InputManagers")
- (home-library-subpath "/KeyBindings")
- (subpath "/Library/Keyboard Layouts")
- (home-library-subpath "/Keyboard Layouts")
- (subpath "/Library/Fonts")
- (home-library-subpath "/Fonts")
- (subpath "/Library/Spelling")
- (home-library-subpath "/Spelling")
- (subpath "/Library/PDF Services")
- (home-library-subpath "/PDF Services")
- (home-library-preferences-literal "/QuickTime Preferences")
-
- (home-library-literal "/Caches/com.apple.coreaudio.components.plist")
-
- (subpath "/Library/Audio/Sounds")
- (subpath "/Library/Audio/Plug-Ins/Components")
- (home-library-subpath "/Audio/Plug-Ins/Components")
- (subpath "/Library/Audio/Plug-Ins/HAL")
- (subpath "/Library/CoreMediaIO/Plug-Ins/DAL")
- (subpath "/Library/QuickTime")
- (home-library-subpath "/QuickTime")
- (subpath "/Library/Video/Plug-Ins")
- (home-library-subpath "/Caches/QuickTime")
-
- (literal "/Library/Application Support/CrashReporter/SubmitDiagInfo.domains")
-
- (home-library-literal "/Application Support/SyncServices/Local/ClientsWithChanges/com.apple.Keychain")
-
- (subpath "/Library/ColorSync")
-
- (home-literal "/Library/Preferences/com.apple.lookup.shared.plist")
-
- ;; FIXME: This should be removed when <rdar://problem/10479685> is fixed.
- (subpath "/Library/Keychains"))
-
-;; Security framework
-(allow mach-lookup (global-name "com.apple.ocspd"))
-(allow file-read* file-write* (home-library-subpath "/Keychains"))
-(allow file-read*
- (subpath "/private/var/db/mds")
- (literal "/private/var/db/DetachedSignatures"))
-(allow ipc-posix-shm-read* ipc-posix-shm-write-data
- (ipc-posix-name "com.apple.AppleDatabaseChanged"))
-
-;; Read-write preferences and data
-(allow file*
- ;; FIXME: This should be removed when <rdar://problem/10479685> is fixed.
- (home-library-subpath "/Keychains"))
-(allow system-fsctl (fsctl-command (_IO "h" 47)))
-
-;; IOKit user clients
-(allow iokit-open
- (iokit-user-client-class "IOAudioControlUserClient")
- (iokit-user-client-class "IOAudioEngineUserClient")
- (iokit-user-client-class "IOHIDParamUserClient")
- (iokit-user-client-class "RootDomainUserClient"))
-
-;; Various services required by AppKit and other frameworks
-(allow mach-lookup
- (global-name "com.apple.CoreServices.coreservicesd")
- (global-name "com.apple.DiskArbitration.diskarbitrationd")
- (global-name "com.apple.FileCoordination")
- (global-name "com.apple.FontObjectsServer")
- (global-name "com.apple.FontServer")
- (global-name "com.apple.ImageCaptureExtension2.presence")
- (global-name "com.apple.PowerManagement.control")
- (global-name "com.apple.SecurityServer")
- (global-name "com.apple.SystemConfiguration.PPPController")
- (global-name "com.apple.SystemConfiguration.configd")
- (global-name "com.apple.UNCUserNotification")
- (global-name "com.apple.audio.VDCAssistant")
- (global-name "com.apple.audio.audiohald")
- (global-name "com.apple.audio.coreaudiod")
- (global-name "com.apple.cfnetwork.AuthBrokerAgent")
- (global-name "com.apple.cmio.VDCAssistant")
- (global-name "com.apple.cookied") ;; FIXME: <rdar://problem/10790768> Limit access to cookies.
- (global-name "com.apple.coreservices.launchservicesd")
- (global-name "com.apple.fonts")
- (global-name "com.apple.ocspd")
- (global-name "com.apple.pasteboard.1")
- (global-name "com.apple.pbs.fetch_services")
- (global-name "com.apple.tccd.system")
- (global-name "com.apple.tsm.uiserver")
- (global-name "com.apple.window_proxies")
- (global-name "com.apple.windowserver.active")
- (local-name "com.apple.tsm.portname")
- (global-name-regex #"_OpenStep$"))
-
-(if (equal? os-version "10.7")
- (allow mach-lookup
- (global-name "com.apple.system.DirectoryService.membership_v1")))
-
-;; Configuration directories
-(allow file-read* (subpath (param "PLUGIN_PATH")))
-(allow file-read* (subpath (param "WEBKIT2_FRAMEWORK_DIR")))
-(allow file* (subpath (param "DARWIN_USER_TEMP_DIR")))
-(allow file* (subpath (param "DARWIN_USER_CACHE_DIR")))
-(allow file* (subpath (param "NSURL_CACHE_DIR")))
-
-;; Allow the OpenGL Profiler to attach.
-(if (defined? 'mach-register)
- (allow mach-register (global-name-regex #"^_oglprof_attach_<[0-9]+>$")))
-
-;; Networking
-(if (defined? 'system-network)
- (system-network)
- (begin
- (allow file-read* (literal "/Library/Preferences/com.apple.networkd.plist"))
- (allow mach-lookup
- (global-name "com.apple.SystemConfiguration.SCNetworkReachability")
- (global-name "com.apple.networkd"))
- (allow network-outbound
- (control-name "com.apple.netsrc")
- (control-name "com.apple.network.statistics"))
- (allow system-socket
- (require-all (socket-domain AF_SYSTEM)
- (socket-protocol 2)) ; SYSPROTO_CONTROL
- (socket-domain AF_ROUTE))))
-
-(allow network-outbound
- ;; Local mDNSResponder for DNS, arbitrary outbound TCP and UDP
- (literal "/private/var/run/mDNSResponder")
- (remote tcp)
- (remote udp))
-(allow network-inbound
- (local udp))
-
-
-;; Open and Save panels
-(define (webkit-powerbox)
- (allow file-read* (literal "/Library/Preferences/com.apple.ViewBridge.plist"))
- (allow file-read* file-write* (extension "com.apple.app-sandbox.read-write"))
- (allow file-issue-extension
- (require-all
- (extension-class "com.apple.app-sandbox.read")
- (extension "com.apple.app-sandbox.read-write"))
- (require-all
- (extension-class "com.apple.app-sandbox.read-write")
- (extension "com.apple.app-sandbox.read-write"))))
-
-;; Printing
-(define (webkit-printing)
- (if (defined? 'authorization-right-obtain)
- (allow authorization-right-obtain
- (right-name "system.print.operator")
- (right-name "system.printingmanager")))
- (if (defined? 'mach-register)
- (deny mach-register (with no-log)
- (global-name-regex #"^com\.apple\.ICA-[0-9]+$")))
- (if (defined? 'mach-task-name)
- (allow mach-task-name))
- (allow network-outbound (literal "/private/var/run/cupsd"))
- (allow mach-lookup
- (global-name "com.apple.printuitool.agent")
- (global-name "com.apple.printtool.agent")
- (global-name "com.apple.printtool.daemon"))
- (allow file-read*
- (subpath "/Library/Printers")
- (home-literal "/.cups/lpoptions")
- (home-literal "/.cups/client.conf")
- (literal "/private/etc/cups/client.conf")
- (literal "/private/etc/cups/lpoptions")
- (subpath "/private/etc/cups/ppd")
- (literal "/private/var/run/cupsd"))
- (shared-preferences-read "org.cups.PrintingPrefs"))
-
-;; Text Services Manager
-(allow iokit-set-properties (iokit-property "CapsLockDelayOverride"))
-
-;; Image Capture
-(define (webkit-imagecapture)
- (allow appleevent-send (appleevent-destination "com.apple.imagecaptureextension2")))
-
-;; Camera
-(define (webkit-camera)
- (shared-preferences-read "com.apple.coremedia")
- (allow mach-lookup (extension "com.apple.app-sandbox.mach"))
- (allow mach-lookup
- (global-name "com.apple.cmio.AppleCameraAssistant")
- ;; Apple DAL assistants
- (global-name "com.apple.cmio.VDCAssistant")
- (global-name "com.apple.cmio.AVCAssistant")
- (global-name "com.apple.cmio.IIDCVideoAssistant")
- ;; QuickTimeIIDCDigitizer assistant
- (global-name "com.apple.IIDCAssistant"))
- (allow iokit-open
- ;; QuickTimeUSBVDCDigitizer
- (iokit-user-client-class "IOUSBDeviceUserClientV2")
- (iokit-user-client-class "IOUSBInterfaceUserClientV2"))
- (allow device-camera))
-
-;; Microphone
-(define (webkit-microphone)
- (allow device-microphone))
-
-(if (equal? os-version "10.7")
- (allow ipc-posix-shm)
- (begin
- (if (equal? os-version "10.8")
- (allow ipc-posix-shm*
- (ipc-posix-name "_CS_GSHMEMLOCK")
- (ipc-posix-name "_CS_DSHMEMLOCK")))
- (allow ipc-posix-shm*
- (ipc-posix-name-regex #"^AudioIO")
- (ipc-posix-name-regex #"^CFPBS:")
- (ipc-posix-name "com.apple.ColorSync.Gen.lock")
- (ipc-posix-name "com.apple.ColorSync.Disp.lock")
- (ipc-posix-name "com.apple.ColorSync.Gray2.2")
- (ipc-posix-name "com.apple.ColorSync.sRGB")
- (ipc-posix-name "com.apple.ColorSync.GenGray")
- (ipc-posix-name "com.apple.ColorSync.GenRGB")
- (ipc-posix-name-regex #"^com\.apple\.cs\.")
- (ipc-posix-name-regex #"^ls\."))
- (allow ipc-posix-shm-read*
- (ipc-posix-name-regex #"^/tmp/com\.apple\.csseed\.")
- (ipc-posix-name "FNetwork.defaultStorageSession")
- (ipc-posix-name "apple.shm.notification_center"))))
-
-;; Silently block access to some resources
-(deny file-read* file-write* (with no-log)
- (subpath "/Network/Library")
- (subpath "/Network/Applications")
- (home-library-preferences-regex #"/com\.apple\.internetconfig(priv)?\.plist")
-
- ;; FIXME: Should be removed after <rdar://problem/9422957> is fixed.
- (home-library-literal "/Caches/Cache.db")
-
- ;; FIXME: Should be removed after <rdar://problem/10463881> is fixed.
- (home-library-preferences-literal "/com.apple.LaunchServices.QuarantineEventsV2")
- (home-library-preferences-literal "/com.apple.LaunchServices.QuarantineEventsV2-journal"))
-
-(deny mach-lookup (with no-log)
- (global-name "com.apple.FSEvents")
- (global-name "com.apple.coreservices.appleevents")
- (global-name "com.apple.dock.server")
- (global-name-regex #"^com\.apple\.distributed_notifications"))
-
-;; The below rules are inserted at the end of sandbox profile compilation by overriding the finalizer.
-;; The initial value of %finalize must be the last function called.
-(letrec
- ((original-%finalize %finalize)
- (webkit-%finalize
- (lambda ()
- (if (defined? 'vnode-type)
- (deny file-write-create
- (vnode-type SYMLINK)))
- ;; Reserve a namespace for additional protected extended attributes.
- (deny file-read-xattr file-write-xattr (xattr #"^com\.apple\.security\.private\."))
- ;; FIXME: Should be removed once <rdar://problem/16329087> is fixed.
- (if (defined? 'xattr-regex)
- (deny file-read-xattr file-write-xattr (xattr-regex #"^com\.apple\.security\.private\."))
- (deny file-read-xattr file-write-xattr (xattr #"^com\.apple\.security\.private\.")))
- (original-%finalize))))
- (set! %finalize webkit-%finalize))
</del></span></pre></div>
<a id="trunkSourceWebKit2WebKit2xcodeprojprojectpbxproj"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/WebKit2.xcodeproj/project.pbxproj (208588 => 208589)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/WebKit2.xcodeproj/project.pbxproj 2016-11-11 16:50:57 UTC (rev 208588)
+++ trunk/Source/WebKit2/WebKit2.xcodeproj/project.pbxproj 2016-11-11 17:18:53 UTC (rev 208589)
</span><span class="lines">@@ -1151,7 +1151,6 @@
</span><span class="cx"> 7CAB937A1D459E510070F540 /* NetworkCacheCodersCocoa.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 7CAB93791D459E4B0070F540 /* NetworkCacheCodersCocoa.cpp */; };
</span><span class="cx"> 7CB16FEF1724BA23007A0A95 /* com.apple.ist.ds.appleconnect.webplugin.sb in Copy Plug-in Sandbox Profiles */ = {isa = PBXBuildFile; fileRef = 7CB16FE21724B9B5007A0A95 /* com.apple.ist.ds.appleconnect.webplugin.sb */; };
</span><span class="cx"> 7CB16FF01724BA24007A0A95 /* com.apple.QuickTime Plugin.plugin.sb in Copy Plug-in Sandbox Profiles */ = {isa = PBXBuildFile; fileRef = 7CB16FE31724B9B5007A0A95 /* com.apple.QuickTime Plugin.plugin.sb */; };
</span><del>- 7CB16FF11724BA26007A0A95 /* com.apple.WebKit.plugin-common.sb in Copy Plug-in Sandbox Profiles */ = {isa = PBXBuildFile; fileRef = 7CB16FE41724B9B5007A0A95 /* com.apple.WebKit.plugin-common.sb */; };
</del><span class="cx"> 7CB16FF21724BA28007A0A95 /* com.macromedia.Flash Player.plugin.sb in Copy Plug-in Sandbox Profiles */ = {isa = PBXBuildFile; fileRef = 7CB16FE51724B9B5007A0A95 /* com.macromedia.Flash Player.plugin.sb */; };
</span><span class="cx"> 7CB16FF31724BA2F007A0A95 /* com.microsoft.SilverlightPlugin.sb in Copy Plug-in Sandbox Profiles */ = {isa = PBXBuildFile; fileRef = 7CB16FE61724B9B5007A0A95 /* com.microsoft.SilverlightPlugin.sb */; };
</span><span class="cx"> 7CB16FF41724BA30007A0A95 /* com.oracle.java.JavaAppletPlugin.sb in Copy Plug-in Sandbox Profiles */ = {isa = PBXBuildFile; fileRef = 7CB16FE71724B9B5007A0A95 /* com.oracle.java.JavaAppletPlugin.sb */; };
</span><span class="lines">@@ -2016,7 +2015,6 @@
</span><span class="cx"> E19BDA86193665E300B97F57 /* com.apple.appstore.CodeRedeemerNetscapePlugin.sb in Copy Plug-in Sandbox Profiles */,
</span><span class="cx"> 7CB16FEF1724BA23007A0A95 /* com.apple.ist.ds.appleconnect.webplugin.sb in Copy Plug-in Sandbox Profiles */,
</span><span class="cx"> 7CB16FF01724BA24007A0A95 /* com.apple.QuickTime Plugin.plugin.sb in Copy Plug-in Sandbox Profiles */,
</span><del>- 7CB16FF11724BA26007A0A95 /* com.apple.WebKit.plugin-common.sb in Copy Plug-in Sandbox Profiles */,
</del><span class="cx"> 7CB16FF21724BA28007A0A95 /* com.macromedia.Flash Player.plugin.sb in Copy Plug-in Sandbox Profiles */,
</span><span class="cx"> 7CB16FF31724BA2F007A0A95 /* com.microsoft.SilverlightPlugin.sb in Copy Plug-in Sandbox Profiles */,
</span><span class="cx"> 7CB16FF41724BA30007A0A95 /* com.oracle.java.JavaAppletPlugin.sb in Copy Plug-in Sandbox Profiles */,
</span><span class="lines">@@ -3182,6 +3180,7 @@
</span><span class="cx"> 75A8D2D4187D1C0100C39C9E /* WKWebsiteDataStoreInternal.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WKWebsiteDataStoreInternal.h; sourceTree = "<group>"; };
</span><span class="cx"> 762B7481120BBA0100819339 /* FontSmoothingLevel.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = FontSmoothingLevel.h; sourceTree = "<group>"; };
</span><span class="cx"> 762B7484120BBA2D00819339 /* WKPreferencesRefPrivate.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WKPreferencesRefPrivate.h; sourceTree = "<group>"; };
</span><ins>+ 7A1506721DD56298001F4B58 /* com.apple.WebKit.plugin-common.sb */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = "com.apple.WebKit.plugin-common.sb"; sourceTree = "<group>"; };
</ins><span class="cx"> 7A5E39491D5BD8A700B4B7CE /* com.macromedia.Flash Player ESR.plugin.sb */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = "com.macromedia.Flash Player ESR.plugin.sb"; sourceTree = "<group>"; };
</span><span class="cx"> 7A791EF81C7CFB1000C4C52B /* WebResourceLoadStatisticsStoreMessages.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WebResourceLoadStatisticsStoreMessages.h; sourceTree = "<group>"; };
</span><span class="cx"> 7A791EF91C7CFB3700C4C52B /* WebResourceLoadStatisticsStoreMessageReceiver.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = WebResourceLoadStatisticsStoreMessageReceiver.cpp; sourceTree = "<group>"; };
</span><span class="lines">@@ -3259,7 +3258,7 @@
</span><span class="cx"> 7CAB93791D459E4B0070F540 /* NetworkCacheCodersCocoa.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = NetworkCacheCodersCocoa.cpp; sourceTree = "<group>"; };
</span><span class="cx"> 7CB16FE21724B9B5007A0A95 /* com.apple.ist.ds.appleconnect.webplugin.sb */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = com.apple.ist.ds.appleconnect.webplugin.sb; sourceTree = "<group>"; };
</span><span class="cx"> 7CB16FE31724B9B5007A0A95 /* com.apple.QuickTime Plugin.plugin.sb */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = "com.apple.QuickTime Plugin.plugin.sb"; sourceTree = "<group>"; };
</span><del>- 7CB16FE41724B9B5007A0A95 /* com.apple.WebKit.plugin-common.sb */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = "com.apple.WebKit.plugin-common.sb"; sourceTree = "<group>"; };
</del><ins>+ 7CB16FE41724B9B5007A0A95 /* com.apple.WebKit.plugin-common.sb.in */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; name = "com.apple.WebKit.plugin-common.sb.in"; sourceTree = "<group>"; };
</ins><span class="cx"> 7CB16FE51724B9B5007A0A95 /* com.macromedia.Flash Player.plugin.sb */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = "com.macromedia.Flash Player.plugin.sb"; sourceTree = "<group>"; };
</span><span class="cx"> 7CB16FE61724B9B5007A0A95 /* com.microsoft.SilverlightPlugin.sb */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = com.microsoft.SilverlightPlugin.sb; sourceTree = "<group>"; };
</span><span class="cx"> 7CB16FE71724B9B5007A0A95 /* com.oracle.java.JavaAppletPlugin.sb */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = com.oracle.java.JavaAppletPlugin.sb; sourceTree = "<group>"; };
</span><span class="lines">@@ -4287,6 +4286,7 @@
</span><span class="cx"> 1A0EC7FD124BD402007EF4A5 /* mac */ = {
</span><span class="cx"> isa = PBXGroup;
</span><span class="cx"> children = (
</span><ins>+ 7CB16FE41724B9B5007A0A95 /* com.apple.WebKit.plugin-common.sb.in */,
</ins><span class="cx"> 1A2D91A51281D739001EB962 /* PluginControllerProxyMac.mm */,
</span><span class="cx"> 1AA4792212A59FD9008236C3 /* PluginProcessMac.mm */,
</span><span class="cx"> 1AC25F8912A48E0300BD2671 /* PluginProcessShim.h */,
</span><span class="lines">@@ -5870,7 +5870,6 @@
</span><span class="cx"> E19BDA8419365F4B00B97F57 /* com.apple.appstore.CodeRedeemerNetscapePlugin.sb */,
</span><span class="cx"> 7CB16FE21724B9B5007A0A95 /* com.apple.ist.ds.appleconnect.webplugin.sb */,
</span><span class="cx"> 7CB16FE31724B9B5007A0A95 /* com.apple.QuickTime Plugin.plugin.sb */,
</span><del>- 7CB16FE41724B9B5007A0A95 /* com.apple.WebKit.plugin-common.sb */,
</del><span class="cx"> 7A5E39491D5BD8A700B4B7CE /* com.macromedia.Flash Player ESR.plugin.sb */,
</span><span class="cx"> 7CB16FE51724B9B5007A0A95 /* com.macromedia.Flash Player.plugin.sb */,
</span><span class="cx"> 7CB16FE61724B9B5007A0A95 /* com.microsoft.SilverlightPlugin.sb */,
</span><span class="lines">@@ -7145,6 +7144,7 @@
</span><span class="cx"> 51FAEC371B0657310009C4E7 /* ChildProcessMessages.h */,
</span><span class="cx"> E115C715190F8A2500ECC516 /* com.apple.WebKit.Databases.sb */,
</span><span class="cx"> E17AE2C216B9C63A001C42F1 /* com.apple.WebKit.NetworkProcess.sb */,
</span><ins>+ 7A1506721DD56298001F4B58 /* com.apple.WebKit.plugin-common.sb */,
</ins><span class="cx"> E1967E37150AB5E200C73169 /* com.apple.WebProcess.sb */,
</span><span class="cx"> 2984F586164BA095004BC0C6 /* CustomProtocolManagerMessageReceiver.cpp */,
</span><span class="cx"> 2984F587164BA095004BC0C6 /* CustomProtocolManagerMessages.h */,
</span></span></pre></div>
<a id="trunkSourceWebKit2WebProcesscomappleWebProcesssbin"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/WebProcess/com.apple.WebProcess.sb.in (208588 => 208589)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/WebProcess/com.apple.WebProcess.sb.in 2016-11-11 16:50:57 UTC (rev 208588)
+++ trunk/Source/WebKit2/WebProcess/com.apple.WebProcess.sb.in 2016-11-11 17:18:53 UTC (rev 208589)
</span><span class="lines">@@ -1,4 +1,4 @@
</span><del>-; Copyright (C) 2010, 2011, 2012, 2013, 2014 Apple Inc. All rights reserved.
</del><ins>+; Copyright (C) 2010-2016 Apple Inc. All rights reserved.
</ins><span class="cx"> ;
</span><span class="cx"> ; Redistribution and use in source and binary forms, with or without
</span><span class="cx"> ; modification, are permitted provided that the following conditions
</span><span class="lines">@@ -174,7 +174,9 @@
</span><span class="cx"> (global-name "com.apple.DiskArbitration.diskarbitrationd")
</span><span class="cx"> (global-name "com.apple.FileCoordination")
</span><span class="cx"> (global-name "com.apple.FontObjectsServer")
</span><ins>+#if __MAC_OS_X_VERSION_MIN_REQUIRED < 101200
</ins><span class="cx"> (global-name "com.apple.FontServer")
</span><ins>+#endif
</ins><span class="cx"> (global-name "com.apple.SystemConfiguration.configd")
</span><span class="cx"> (global-name "com.apple.SystemConfiguration.PPPController")
</span><span class="cx"> (global-name "com.apple.audio.SystemSoundServer-OSX")
</span></span></pre>
</div>
</div>
</body>
</html>