[webkit-reviews] review denied: [Bug 211120] Delay SystemStatus call from process launch to when being useful : [Attachment 397831] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Apr 28 06:56:08 PDT 2020
Geoffrey Garen <ggaren at apple.com> has denied youenn fablet
<youennf at gmail.com>'s request for review:
Bug 211120: Delay SystemStatus call from process launch to when being useful
https://bugs.webkit.org/show_bug.cgi?id=211120
Attachment 397831: Patch
https://bugs.webkit.org/attachment.cgi?id=397831&action=review
--- Comment #3 from Geoffrey Garen <ggaren at apple.com> ---
Comment on attachment 397831
--> https://bugs.webkit.org/attachment.cgi?id=397831
Patch
View in context: https://bugs.webkit.org/attachment.cgi?id=397831&action=review
>
Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:178
> + (allow mach-lookup (global-name
"com.apple.systemstatus.activityattribution"))
Sorry, I should have realized this earlier — I don’t think we can take this
approach. Since we’re no loner calling the status function on startup, this
patch has to include an unsafe privileged service in the sandbox. That’s a
pretty serious sandbox regression relative to all the work we’ve done lately. I
don’t think that’s ok.
I guess we need to talk to the systemstatus and integration folks to find some
way forward that allows strong linking.
More information about the webkit-reviews
mailing list