[Webkit-unassigned] [Bug 193571] [GTK][WPE] Add API to add paths to sandbox

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Jan 25 10:13:56 PST 2019


--- Comment #43 from Patrick Griffis <pgriffis at igalia.com> ---
(In reply to youenn fablet from comment #42)
> > As long as WebExtensions exist which run arbitrary user provided code inside
> > the sandbox applications will want to add custom paths to the sandbox for
> > various functionality. A simple example is Epiphany stores adblock data that
> > the web process has to read. This data does not fall under any normal WebKit
> > directories.
> In that particular case, the UIProcess could open this adblock data file and
> pass the file handle to the WebProcess. The WebProcess could then read the
> content (or if not feasible, the content would be sent through IPC either
> raw or processed).

Yes but it can get out of hand, what if you want the ability to write arbitrary
cache files to a private directory. I also think for that plan to be realistic
WebKitGTK needs to grow new APIs to easily expose private IPC (DBus) as I believe
the WebKit IPC exposed is only one-way (correct me if I'm wrong).

> Given JavaScript is run in WebProcess, I am not sure it is safe for
> arbitrary user provided code to run in it and provide priviledges to enable
> it to run.

The goal is certainly to minimize it but the example of an adblocker is entirely
safe to run in that context IMO. Yes the application must understand that adding
directories increases risk.

You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20190125/f6183be7/attachment-0001.html>

More information about the webkit-unassigned mailing list