243056 – Remove inclusion of dyld related system sandbox

Bug 243056 - Remove inclusion of dyld related system sandbox

Summary: Remove inclusion of dyld related system sandbox

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebKit Misc. (show other bugs)
Version:	Safari 15
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Per Arne Vollan

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2022-07-21 08:01 PDT by Per Arne Vollan
Modified:	2022-07-21 13:23 PDT (History)
CC List:	3 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Per Arne Vollan 2022-07-21 08:01:31 PDT

Remove inclusion of dyld related system sandbox in WebKit sandboxes. Including system sandboxes can lead to sandbox regressions when these are changed. IAlso, most of the rules in this sandbox will not be applied, since we deny them later in the WebKit sandboxes. An example of this is the syscalls, which are all denied later in the sandbox before we add a whitelist.

Comment 1 Radar WebKit Bug Importer 2022-07-21 08:04:14 PDT

<rdar://problem/97380664>

Comment 2 Per Arne Vollan 2022-07-21 08:06:03 PDT

Pull request: https://github.com/WebKit/WebKit/pull/2617

Comment 3 EWS 2022-07-21 13:22:58 PDT

Committed 252702@main (e242d3a2d59f): <https://commits.webkit.org/252702@main>

Reviewed commits have been landed. Closing PR #2617 and removing active labels.