[webkit-reviews] review granted: [Bug 203618] It should be possible to create a mach sandbox extension for the WebContent process before the audit token is known : [Attachment 382332] Patch

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed Oct 30 16:43:50 PDT 2019


Brent Fulgham <bfulgham at webkit.org> has granted Per Arne Vollan
<pvollan at apple.com>'s request for review:
Bug 203618: It should be possible to create a mach sandbox extension for the
WebContent process before the audit token is known
https://bugs.webkit.org/show_bug.cgi?id=203618

Attachment 382332: Patch

https://bugs.webkit.org/attachment.cgi?id=382332&action=review




--- Comment #6 from Brent Fulgham <bfulgham at webkit.org> ---
Comment on attachment 382332
  --> https://bugs.webkit.org/attachment.cgi?id=382332
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=382332&action=review

>>> Source/WebKit/ChangeLog:11
>>> +	     typically sent in the WebProcess creation parameters.
>> 
>> Is there a way to ensure we only call this no-audit-token code in cases
where we don't have a connection yet? Maybe have the code take a ProcessProxy
object and get its connection internally so a future developer can't
accidentally misuse the API?
> 
> I think this is an excellent idea to enforce providing the audit token when
available. However, I see that we normally don't include things from WebKit
(e.g. #include <WebKit/WebProcessProxy.h>) from files in the WebKit Shared
folder. Given this, should I still make the change?
> 
> Thanks for reviewing!

I see -- since this is used in UIProcess and {Web|Network}Process, this would
be a layering violation.

Okay -- let's leave it as-is.


More information about the webkit-reviews mailing list