[Webkit-unassigned] [Bug 188568] [GTK][WPE] Implement subprocess sandboxing
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sun Sep 30 09:48:14 PDT 2018
https://bugs.webkit.org/show_bug.cgi?id=188568
--- Comment #85 from youenn fablet <youennf at gmail.com> ---
Comment on attachment 350781
--> https://bugs.webkit.org/attachment.cgi?id=350781
[GTK][WPE] Implement subprocess sandboxing
View in context: https://bugs.webkit.org/attachment.cgi?id=350781&action=review
> Source/WebKit/UIProcess/Launcher/ProcessLauncher.h:74
> +#endif
Why not using extraInitializationData instead?
> Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.h:158
> + const String& resolvedLocalStorageDirectory() const { return m_resolvedConfiguration.localStorageDirectory; }
resolvedLocalStorageDirectory() does not seem used anywhere.
> Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.h:159
> +
Extra line.
> Source/WebKit/UIProcess/glib/NetworkProcessProxyGLib.cpp:35
> + launchOptions.extraSandboxPaths.append(store.resolvedNetworkCacheDirectory());
Do you need this at the moment of creating the process?
Or can the UIProcess pass a sandbox extension to the NetworkProcess at a later point?
One potential issue is that the NetworkProcess might need to handle several sessions, hence several WebsiteDataStores, hence several network cache directories.
> Source/WebKit/UIProcess/glib/StorageProcessProxyGLib.cpp:35
> + WebsiteDataStore& store = m_processPool.websiteDataStore()->websiteDataStore();
s/WebsiteDataStore/auto/
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20180930/bb780ac6/attachment.html>
More information about the webkit-unassigned
mailing list