Remove unused com.apple.webkit.* rules from profiles
authoroliver@apple.com <oliver@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 22 Jul 2014 21:25:24 +0000 (21:25 +0000)
committeroliver@apple.com <oliver@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 22 Jul 2014 21:25:24 +0000 (21:25 +0000)
https://bugs.webkit.org/show_bug.cgi?id=135174
<rdar://17755931>

Reviewed by Anders Carlsson.

We never send these rules so we should just remove use of them
from the profiles.

* Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb:
* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@171363 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebKit2/ChangeLog
Source/WebKit2/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb
Source/WebKit2/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb

index 545aac1..52ce088 100644 (file)
@@ -1,5 +1,19 @@
 2014-07-22  Oliver Hunt  <oliver@apple.com>
 
+        Remove unused com.apple.webkit.* rules from profiles
+        https://bugs.webkit.org/show_bug.cgi?id=135174
+        <rdar://17755931>
+
+        Reviewed by Anders Carlsson.
+
+        We never send these rules so we should just remove use of them
+        from the profiles.
+
+        * Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb:
+        * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
+
+2014-07-22  Oliver Hunt  <oliver@apple.com>
+
         Provide networking process with access to its HSTS db
         https://bugs.webkit.org/show_bug.cgi?id=135121
         <rdar://17654369>
index 0412415..861266d 100644 (file)
 (import "common.sb")
 (import "removed-dev-nodes.sb")
 
-;; Sandbox extensions
-(allow file-read* (extension "com.apple.webkit.read"))
-
 ;; Access to client's cache folder & re-vending to CFNetwork.
 ;; FIXME: Remove the webkti specific extension classes <rdar://problem/17755931>
 (allow file-issue-extension (require-all
-    (require-any (extension "com.apple.webkit.read-write") (extension "com.apple.app-sandbox.read-write"))
+    (extension "com.apple.app-sandbox.read-write")
     (extension-class "com.apple.nsurlstorage.extension-cache")))
 
 ;; App sandbox extensions
 (allow file-read* file-write* (extension "com.apple.app-sandbox.read-write"))
 
-;; Access to own cache & temp folders.
-(allow file-read* file-write* (extension "com.apple.webkit.read-write"))
-
 ;; IOKit user clients
 (allow iokit-open
        (iokit-user-client-class "RootDomainUserClient"))
index 9a89dec..a6ca8a0 100644 (file)
 (read-only-and-issue-extensions (extension "com.apple.app-sandbox.read"))
 (read-write-and-issue-extensions (extension "com.apple.app-sandbox.read-write"))
 
-(allow file-issue-extension
-    (require-all
-        (extension-class "com.apple.webkit.read")
-        (require-any
-            (extension "com.apple.app-sandbox.read")
-            (extension "com.apple.app-sandbox.read-write"))))
-
-
 ;; Access to client's cache folder & re-vending to CFNetwork.
 ;; FIXME: Remove the webkti specific extension classes <rdar://problem/17755931>
 (allow file-issue-extension (require-all
-    (require-any (extension "com.apple.webkit.read-write") (extension "com.apple.app-sandbox.read-write"))
+    (extension "com.apple.app-sandbox.read-write")
     (extension-class "com.apple.nsurlstorage.extension-cache")))
 
-;; Access to own cache & temp folders.
-(allow file-read* (extension "com.apple.webkit.read"))
-(allow file-read* file-write* (extension "com.apple.webkit.read-write"))
-
-
 ;; Allow the OpenGL Profiler to attach.
 (instruments-support)    ; For <rdar://problem/7931952>