[webkit-reviews] review denied: [Bug 211446] [Cocoa] Block preference services without using CFPrefs direct mode : [Attachment 398516] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sat May 9 17:14:34 PDT 2020
Darin Adler <darin at apple.com> has denied Per Arne Vollan <pvollan at apple.com>'s
request for review:
Bug 211446: [Cocoa] Block preference services without using CFPrefs direct mode
https://bugs.webkit.org/show_bug.cgi?id=211446
Attachment 398516: Patch
https://bugs.webkit.org/attachment.cgi?id=398516&action=review
--- Comment #6 from Darin Adler <darin at apple.com> ---
Comment on attachment 398516
--> https://bugs.webkit.org/attachment.cgi?id=398516
Patch
View in context: https://bugs.webkit.org/attachment.cgi?id=398516&action=review
>>> Source/WebKit/ChangeLog:10
>>> + extensions, then perform a dummy preference request to map
preferences into memory, and finally revoke the extensions. The WebContent
>>
>> How does revoking the extension achieve our security goal?
>>
>> My understanding is that, if we consume a sandbox extension to
"com.apple.cfprefsd.agent" and "com.apple.cfprefsd.daemon", and then connect to
them, and then revoke the extension, we will end up with an open connection to
these daemons. If so, revoking the extensions will prevent new connections from
being made, but will not close the existing connections, which can still be
used to send malicious messages.
>
> Ah, good catch! This patch is invalid, then.
Setting review- based on this exchange.
More information about the webkit-reviews
mailing list