[webkit-reviews] review granted: [Bug 133750] Restrict database process profile : [Attachment 232875] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Jun 11 11:31:58 PDT 2014
Alexey Proskuryakov <ap at webkit.org> has granted Oliver Hunt
<oliver at apple.com>'s request for review:
Bug 133750: Restrict database process profile
https://bugs.webkit.org/show_bug.cgi?id=133750
Attachment 232875: Patch
https://bugs.webkit.org/attachment.cgi?id=232875&action=review
------- Additional Comments from Alexey Proskuryakov <ap at webkit.org>
View in context: https://bugs.webkit.org/attachment.cgi?id=232875&action=review
> Source/WebKit2/Resources/SandboxProfiles/ios/com.apple.WebKit.Databases.sb:47
> +;; FIXME: Should be removed once <rdar://problem/16329087> is fixed.
> +(deny file-write-xattr (xattr "com.apple.quarantine") (with no-log))
Please remove this, there is no quarantine.
> Source/WebKit2/Resources/SandboxProfiles/ios/com.apple.WebKit.Databases.sb:50
> +;; Reserve a namespace for additional protected extended attributes.
> +(deny file-read-xattr file-write-xattr (xattr-regex
#"^com\.apple\.security\.private\."))
Do any iOS profiles have this, or is it an OS X only thing?
More information about the webkit-reviews
mailing list