[iOS] Deny mach lookup access to the tccd service in the WebContent process
authorpvollan@apple.com <pvollan@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 11 Feb 2020 22:22:23 +0000 (22:22 +0000)
committerpvollan@apple.com <pvollan@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 11 Feb 2020 22:22:23 +0000 (22:22 +0000)
https://bugs.webkit.org/show_bug.cgi?id=207488

Reviewed by Darin Adler.

Source/WebKit:

As part of sandbox hardening, deny mach lookup access to the tccd service.

Test: fast/sandbox/ios/sandbox-mach-lookup.html

* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:

LayoutTests:

* fast/sandbox/ios/sandbox-mach-lookup-expected.txt:
* fast/sandbox/ios/sandbox-mach-lookup.html:

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@256371 268f45cc-cd09-0410-ab3c-d52691b4dbfc

LayoutTests/ChangeLog
LayoutTests/fast/sandbox/ios/sandbox-mach-lookup-expected.txt
LayoutTests/fast/sandbox/ios/sandbox-mach-lookup.html
Source/WebKit/ChangeLog
Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb

index 3b48e58..8ad64c5 100644 (file)
@@ -1,3 +1,13 @@
+2020-02-11  Per Arne Vollan  <pvollan@apple.com>
+
+        [iOS] Deny mach lookup access to the tccd service in the WebContent process
+        https://bugs.webkit.org/show_bug.cgi?id=207488
+
+        Reviewed by Darin Adler.
+
+        * fast/sandbox/ios/sandbox-mach-lookup-expected.txt:
+        * fast/sandbox/ios/sandbox-mach-lookup.html:
+
 2020-02-11  Jason Lawrence  <lawrence.j@apple.com>
 
         [ iOS wk2 ] http/wpt/beacon/cors/crossorigin-arraybufferview-no-preflight.html is flaky failing.
index f98bb7c..b735658 100644 (file)
@@ -17,4 +17,4 @@ PASS internals.hasSandboxMachLookupAccessToGlobalName("com.apple.WebKit.WebConte
 PASS internals.hasSandboxMachLookupAccessToGlobalName("com.apple.WebKit.WebContent", "com.apple.powerlog.plxpclogger.xpc") is false
 PASS internals.hasSandboxMachLookupAccessToGlobalName("com.apple.WebKit.WebContent", "com.apple.system.logger") is false
 PASS internals.hasSandboxMachLookupAccessToGlobalName("com.apple.WebKit.WebContent", "com.apple.aggregated") is false
-
+PASS internals.hasSandboxMachLookupAccessToGlobalName("com.apple.WebKit.WebContent", "com.apple.tccd") is false
index d520f2e..8bb5230 100644 (file)
@@ -20,6 +20,7 @@ if (window.internals) {
     shouldBeFalse("internals.hasSandboxMachLookupAccessToGlobalName(\"com.apple.WebKit.WebContent\", \"com.apple.powerlog.plxpclogger.xpc\")");
     shouldBeFalse("internals.hasSandboxMachLookupAccessToGlobalName(\"com.apple.WebKit.WebContent\", \"com.apple.system.logger\")");
     shouldBeFalse("internals.hasSandboxMachLookupAccessToGlobalName(\"com.apple.WebKit.WebContent\", \"com.apple.aggregated\")");
+    shouldBeFalse("internals.hasSandboxMachLookupAccessToGlobalName(\"com.apple.WebKit.WebContent\", \"com.apple.tccd\")");
 }
 </script>
 </head>
index a8ef4c8..c3302c3 100644 (file)
@@ -1,3 +1,16 @@
+2020-02-11  Per Arne Vollan  <pvollan@apple.com>
+
+        [iOS] Deny mach lookup access to the tccd service in the WebContent process
+        https://bugs.webkit.org/show_bug.cgi?id=207488
+
+        Reviewed by Darin Adler.
+
+        As part of sandbox hardening, deny mach lookup access to the tccd service.
+
+        Test: fast/sandbox/ios/sandbox-mach-lookup.html
+
+        * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
+
 2020-02-11  Eric Carlson  <eric.carlson@apple.com>
 
         Support in-band VTT captions when loading media in the GPU Process
index 5535bfd..2786a55 100644 (file)
     (global-name "com.apple.cfprefsd.daemon"))
 
 (allow mach-lookup (with report) (with telemetry)
-    (global-name "com.apple.distributed_notifications@1v3")
-    (global-name "com.apple.tccd"))
+    (global-name "com.apple.distributed_notifications@1v3"))
 
 (allow ipc-posix-shm-read*
        (ipc-posix-name-prefix "apple.cfprefs."))