Testing and telemetry indicates that we need access to the DNSSD mach service in our Network Process.
<rdar://problem/59158405>
Created attachment 389827 [details] Patch
Comment on attachment 389827 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=389827&action=review > Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb:95 > + (allow network-outbound (literal "/private/var/run/mDNSResponder")) > + (allow mach-lookup (global-name "com.apple.dnssd.service"))) ;; <rdar://problem/55562091> > + (begin > + (allow network-outbound (literal "/private/var/run/mDNSResponder")) > + (allow mach-lookup (global-name "com.apple.dnssd.service")))) ;; <rdar://problem/55562091> Should this be outside 'if gizmo?'?
Comment on attachment 389827 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=389827&action=review >> Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb:95 >> + (allow mach-lookup (global-name "com.apple.dnssd.service")))) ;; <rdar://problem/55562091> > > Should this be outside 'if gizmo?'? It is in the 'else' of the 'if gizmo?' clause, so it's correct.
Comment on attachment 389827 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=389827&action=review R=me. >>> Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb:95 >>> + (allow mach-lookup (global-name "com.apple.dnssd.service")))) ;; <rdar://problem/55562091> >> >> Should this be outside 'if gizmo?'? > > It is in the 'else' of the 'if gizmo?' clause, so it's correct. Ah, I see!
Comment on attachment 389827 [details] Patch Clearing flags on attachment: 389827 Committed r255852: <https://trac.webkit.org/changeset/255852>
All reviewed patches have been landed. Closing bug.