2011-04-07 Maciej Stachowiak <mjs@apple.com>
[WebKit.git] / Source / WebKit2 / WebProcess / com.apple.WebProcess.sb
index fcbabaf3b391b77466bbff7c90489e745aaaeda5..fb7869bffe5f8a329c057735ec34d02a22cd40fb 100644 (file)
    (global-name-regex #"^com\.apple\.qtkitserver\.")
 )
 
-;; FIXME: These rules are required until <rdar://problem/8448410> is addressed. See <rdar://problem/8349882> for discussion.
-(allow network-outbound)
-(deny network-outbound (regex ""))
-(deny network-outbound (local ip))
 (allow network-outbound
    ;; Local mDNSResponder for DNS, arbitrary outbound TCP
    (literal "/private/var/run/mDNSResponder")
 
 (allow network-outbound (remote ip))
 
-;; These rules are required while QTKitServer is being launched directly via posix_spawn (<rdar://problem/6912494>).
-(allow process-fork)
-(allow process-exec (literal "/System/Library/Frameworks/QTKit.framework/Versions/A/Resources/QTKitServer") (with no-sandbox))
-
 ;; FIXME: Once <rdar://problem/8900275> has been fixed, these rules can be removed.
 (allow mach-lookup (global-name "com.apple.pubsub.ipc"))
 (allow network-outbound (regex #"^/private/tmp/launch-[^/]+/Render"))