[Mac][WK2] Tighten Keychain directory access
authorbfulgham@apple.com <bfulgham@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 13 Dec 2016 22:56:28 +0000 (22:56 +0000)
committerbfulgham@apple.com <bfulgham@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 13 Dec 2016 22:56:28 +0000 (22:56 +0000)
commitcd3ab904b1504586474afcfe3762068df04ddebf
tree701481d97acd3159ce34e33c0030f4c61312259d
parent7f1366f8e4b183cb75c070a292cc6ae24ab553f7
[Mac][WK2] Tighten Keychain directory access
https://bugs.webkit.org/show_bug.cgi?id=165818
<rdar://problem/16863857>

Reviewed by Anders Carlsson.

Lock down Keychain directory access to just the file-read-data, file-read-metadata, and
file-write-data operations we actually need.

* NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in:
* PluginProcess/mac/com.apple.WebKit.plugin-common.sb.in:
* WebProcess/com.apple.WebProcess.sb.in:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209779 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Source/WebKit2/ChangeLog
Source/WebKit2/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in
Source/WebKit2/PluginProcess/mac/com.apple.WebKit.plugin-common.sb.in
Source/WebKit2/WebProcess/com.apple.WebProcess.sb.in