[iOS] Remove unneeded accessibility-related sandbox rules

https://bugs.webkit.org/show_bug.cgi?id=181619 <rdar://problem/36485356> Reviewed by Eric Carlson. Remove a number of sandbox exceptions that were in place for accessibility support. These are not needed in the WebContent process, since Safari (not WebKit) handles the accessibility interactions. * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb: Canonical link: https://commits.webkit.org/197478@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226926 268f45cc-cd09-0410-ab3c-d52691b4dbfc
WebKit · Jan 13, 2018 · 8441c1c0891267841e887add9711e4f95f3a83bb · 8441c1c
1 parent d166b82
commit 8441c1c0891267841e887add9711e4f95f3a83bb
Showing with 23 additions and 20 deletions.

+14 −0 Source/WebKit/ChangeLog

+9 −20 Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb
diff --git a/Source/WebKit/ChangeLog b/Source/WebKit/ChangeLog
@@ -1,3 +1,17 @@
+2018-01-12  Brent Fulgham  <bfulgham@apple.com>
+
+        [iOS] Remove unneeded accessibility-related sandbox rules
+        https://bugs.webkit.org/show_bug.cgi?id=181619
+        <rdar://problem/36485356>
+
+        Reviewed by Eric Carlson.
+
+        Remove a number of sandbox exceptions that were in place for accessibility support. These are
+        not needed in the WebContent process, since Safari (not WebKit) handles the accessibility
+        interactions.
+
+        * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
+
 2018-01-12  Keith Rollin  <krollin@apple.com>
 
         Logged JSON should escape "'s and \'s in strings.

diff --git a/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb b/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb
@@ -1,4 +1,4 @@
-; Copyright (C) 2010-2017 Apple Inc. All rights reserved.
+; Copyright (C) 2010-2018 Apple Inc. All rights reserved.
 ;
 ; Redistribution and use in source and binary forms, with or without
 ; modification, are permitted provided that the following conditions
@@ -72,18 +72,7 @@
 
 ;; Various Accessibility services.
 (allow mach-lookup
-    (xpc-service-name "com.apple.accessibility.AccessibilityUIServer"))
-
-;; Guided Access support (<rdar://problem/11683460>).
-(allow mach-lookup
-    (global-name "com.apple.accessibility.gax.backboard"))
-(allow mach-register
-    (local-name "com.apple.accessibility.gax.client"))
-
-;; AssistiveTouch
-;; <rdar://problem/11800071> sandbox error for remote message services when AssistiveTouch is running
-(allow mach-lookup
-    (global-name "UIASTNotificationCenter"))
+    (xpc-service-name "com.apple.accessibility.AccessibilityUIServer")) ; Needed for Zoom focus updates
 
 ;; ZoomTouch
 ;; <rdar://problem/11823957>
@@ -94,18 +83,18 @@
 ;; <rdar://problem/12030530> AX: Sandbox violation with changing Language while VO is on
 ;; and <rdar://problem/13071747>
 (mobile-preferences-read
-    "com.apple.SpeakSelection"
-    "com.apple.VoiceOverTouch"
-    "com.apple.voiceservices")
+    "com.apple.SpeakSelection") ; Needed for WebSpeech
+
 (allow mach-lookup
     (global-name "com.apple.audio.AudioComponentPrefs")
     (global-name "com.apple.audio.AudioComponentRegistrar")
-    (global-name "com.apple.audio.AudioQueueServer")
-    (global-name "com.apple.voiceservices.keepalive")
-    (global-name "com.apple.voiceservices.tts"))
+    (global-name "com.apple.audio.AudioQueueServer"))
+
 (allow mach-register
-    (local-name "com.apple.iphone.axserver"))
+    (local-name "com.apple.iphone.axserver")) ; Needed for Application Accessibility
+
 ;; <rdar://problem/14555119> Access to high quality speech voices
+;; Needed for WebSpeech
 (allow file-read*
     (home-subpath "/Library/VoiceServices/Assets")
     (home-subpath "/Library/Assets/com_apple_MobileAsset_VoiceServicesVocalizerVoice"))