[iOS] Deny mach lookup access to view service in the WebContent process
authorpvollan@apple.com <pvollan@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 12 Feb 2020 18:40:04 +0000 (18:40 +0000)
committerpvollan@apple.com <pvollan@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 12 Feb 2020 18:40:04 +0000 (18:40 +0000)
commit220ffdf61df921c598c1c80b4783aec024cce82d
tree242fa1f84e21f207f905e5528daaf24082321a30
parentbb22f400dc55377c3058d55562ee57a0d9bcad95
[iOS] Deny mach lookup access to view service in the WebContent process
https://bugs.webkit.org/show_bug.cgi?id=207487
Source/WebKit:

<rdar://problem/56995704>

Reviewed by Darin Adler.

As part of sandbox hardening, mach lookup access to com.apple.uikit.viewservice should be denied.

Test: fast/sandbox/ios/sandbox-mach-lookup.html

* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:

LayoutTests:

Reviewed by Darin Adler.

* fast/sandbox/ios/sandbox-mach-lookup-expected.txt:
* fast/sandbox/ios/sandbox-mach-lookup.html:

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@256450 268f45cc-cd09-0410-ab3c-d52691b4dbfc
LayoutTests/ChangeLog
LayoutTests/fast/sandbox/ios/sandbox-mach-lookup-expected.txt
LayoutTests/fast/sandbox/ios/sandbox-mach-lookup.html
Source/WebKit/ChangeLog
Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb