[webkit-dev] Runtime guarding IPC receivers / messages by [EnabledBy=X] in messages.in
Ryosuke Niwa
rniwa at apple.com
Mon Jul 29 13:32:39 PDT 2024
Hi all,
I’ve recently added a mechanism to filter IPC messages based on which features are enabled at runtime.
By adding `[EnabledBy=X]` either to a whole message receiver or on an individual IPC message, we can enable IPC messages only when feature X is enabled at runtime. Note that to use this feature, a new entry `sharedPreferenceForWebProcess: true` needs to be added to UnifiedWebPreferences.yaml.
Why do we want to do that you may ask? It’s to protect UI, Network, and GPU processes from a compromised WebContent process. By restricting IPC messages/receivers at runtime, we dramatically reduce the attack surface available to the malicious code in WebContent process.
So if you’re adding a new IPC message receiver or a new IPC message, please runtime guard each IPC receiver / message with `[EnabledBy=X]` when possible.
- R. Niwa
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-dev/attachments/20240729/cdbf68fd/attachment.htm>
More information about the webkit-dev
mailing list