Bug 238041

Summary: Sandbox: Remove telemetry in Network Process sandbox macOS
Product: WebKit Reporter: Adam Mazander <mazander>
Component: WebKit Misc.Assignee: Adam Mazander <mazander>
Status: RESOLVED FIXED    
Severity: Normal CC: bfulgham, ggaren, mazander, pvollan
Priority: P2 Keywords: InRadar
Version: WebKit Local Build   
Hardware: Mac (Apple Silicon)   
OS: Unspecified   
Attachments:
Description Flags
Patch
none
Patch
none
Patch
none
Patch
none
Patch
none
Patch
none
Patch none

Description Adam Mazander 2022-03-17 13:07:13 PDT 
We have enough data, removing telemetry
Comment 1 Adam Mazander 2022-03-17 13:09:02 PDT 
<rdar://90448244>
Comment 2 Adam Mazander 2022-03-17 13:14:28 PDT 
Created attachment 455013 [details]
Patch
Comment 3 Adam Mazander 2022-03-17 13:35:20 PDT 
Created attachment 455018 [details]
Patch
Comment 4 Adam Mazander 2022-03-17 13:59:36 PDT 
Created attachment 455024 [details]
Patch
Comment 5 Per Arne Vollan 2022-03-17 14:03:00 PDT 
Comment on attachment 455024 [details]
Patch

R=me.
Comment 6 Per Arne Vollan 2022-03-18 09:40:57 PDT 
Comment on attachment 455024 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=455024&action=review

> Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in:-57
> -(allow file-map-executable (with telemetry))

Removed one too many parentheses.

> Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in:-165
> -(deny sysctl* (with telemetry))

Ditto.
Comment 7 Adam Mazander 2022-03-18 10:05:43 PDT 
adding back telemetry for file-map-executable
Comment 8 Adam Mazander 2022-03-18 10:13:18 PDT 
Created attachment 455106 [details]
Patch
Comment 9 Per Arne Vollan 2022-03-18 10:19:40 PDT 
Comment on attachment 455106 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=455106&action=review

> Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in:165
> -(deny sysctl* (with telemetry))
> +(deny sysctl* 

Missing parenthesis.

> Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in:179
> +    (sysctl-name-prefix "net.routetable")))

Remove last parenthesis.
Comment 10 Adam Mazander 2022-03-18 12:57:23 PDT 
Created attachment 455127 [details]
Patch
Comment 11 Per Arne Vollan 2022-03-18 16:48:43 PDT 
Comment on attachment 455127 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=455127&action=review

> Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in:464
> -    (allow syscall-unix (with telemetry))
> +    (allow syscall-unix)

We may want to keep this a little longer.

> Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in:594
> -            (allow mach-message-send (with telemetry)))))
> +            (allow mach-message-send ))))

Ditto.

> Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in:597
> -    (allow syscall-mach (with report) (with telemetry))
> +    (allow syscall-mach (with report))

Ditto.
Comment 12 Adam Mazander 2022-03-18 17:10:42 PDT 
Created attachment 455153 [details]
Patch
Comment 13 Adam Mazander 2022-03-18 17:11:28 PDT 
added back syscall telemetry
Comment 14 Per Arne Vollan 2022-03-18 18:19:02 PDT 
Comment on attachment 455153 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=455153&action=review

> Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in:-597
> -    (allow syscall-mach (with report) (with telemetry))

There seems to be missing a paranthesis here.
Comment 15 Adam Mazander 2022-03-18 19:37:51 PDT 
Created attachment 455160 [details]
Patch
Comment 16 Adam Mazander 2022-03-18 19:40:19 PDT 
Fixed. Thanks.
Comment 17 Brent Fulgham 2022-03-21 10:31:57 PDT 
Comment on attachment 455160 [details]
Patch

r=me
Comment 18 EWS 2022-03-21 10:38:20 PDT 
Committed r291563 (248665@main): <https://commits.webkit.org/248665@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 455160 [details].