Bug 1576733 - Part 2 - Remove the Hardened Runtime AppleEvent entitlement r=spohl
authorHaik Aftandilian <haftandilian@mozilla.com>
Wed, 06 Nov 2019 04:45:03 +0000
changeset 500786 0cf565692fa17e124eb0b2a10b9547b307b8b7f5
parent 500785 cbb0f17943ae38fb9d602072aca336fb89429b40
child 500787 f2c17f2a388c97c41f16be6f944cd2aa776d3fd2
push id114166
push userapavel@mozilla.com
push dateThu, 07 Nov 2019 10:04:01 +0000
treeherdermozilla-inbound@d271c572a9bc [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersspohl
bugs1576733, 1570581
milestone72.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1576733 - Part 2 - Remove the Hardened Runtime AppleEvent entitlement r=spohl Revert bug 1570581 by removing the AppleEvent entitlement from our hardened runtime configuration for both production and development. Now that native messaging helpers are started 'disclaimed' with a new attribution chain, the entitlement is not needed. Differential Revision: https://phabricator.services.mozilla.com/D48029
security/mac/hardenedruntime/developer.entitlements.xml
security/mac/hardenedruntime/production.entitlements.xml
--- a/security/mac/hardenedruntime/developer.entitlements.xml
+++ b/security/mac/hardenedruntime/developer.entitlements.xml
@@ -3,19 +3,17 @@
 <!--
      Entitlements to apply to the .app bundle and all executable files
      contained within it during codesigning of developer builds. These
      entitlements configure hardened runtime and allow debugging of the
      application. The com.apple.security.get-task-allow entitlement must be
      set to true to allow debuggers to attach to application processes but
      this prohibits notarization with the notary service. Aside from allowing
      debugging, these entitlements enable hardened runtime protections to the
-     extent possible for Firefox. Supporting binaries within the bundle could
-     use more restrictive entitlements, but they are launched by the main
-     Firefox process and therefore inherit the parent process entitlements.
+     extent possible for Firefox.
 -->
 <plist version="1.0">
   <dict>
     <!-- Firefox does not use MAP_JIT for executable mappings -->
     <key>com.apple.security.cs.allow-jit</key><false/>
 
     <!-- Firefox needs to create executable pages (without MAP_JIT) -->
     <key>com.apple.security.cs.allow-unsigned-executable-memory</key><true/>
@@ -36,18 +34,13 @@
     <!-- Firefox needs to access the microphone on sites the user allows -->
     <key>com.apple.security.device.audio-input</key><true/>
 
     <!-- Firefox needs to access the camera on sites the user allows -->
     <key>com.apple.security.device.camera</key><true/>
 
     <!-- Firefox needs to access the location on sites the user allows -->
     <key>com.apple.security.personal-information.location</key><true/>
-
-    <!-- Allow Firefox to send Apple events to other applications. Needed
-         for native messaging webextension helper applications launched by
-         Firefox which rely on Apple Events to signal other processes. -->
-    <key>com.apple.security.automation.apple-events</key><true/>
-
+    
     <!-- For SmartCardServices(7) -->
     <key>com.apple.security.smartcard</key><true/>
   </dict>
 </plist>
--- a/security/mac/hardenedruntime/production.entitlements.xml
+++ b/security/mac/hardenedruntime/production.entitlements.xml
@@ -1,18 +1,15 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
 <!--
      Entitlements to apply to the .app bundle and all executable files
      contained within it during codesigning of production channel builds that
      will be notarized. These entitlements enable hardened runtime protections
-     to the extent possible for Firefox. Some supporting binaries within the
-     bundle could use more restrictive entitlements, but they are launched by
-     the main Firefox process and therefore inherit the parent process
-     entitlements.
+     to the extent possible for Firefox.
 -->
 <plist version="1.0">
   <dict>
     <!-- Firefox does not use MAP_JIT for executable mappings -->
     <key>com.apple.security.cs.allow-jit</key><false/>
 
     <!-- Firefox needs to create executable pages (without MAP_JIT) -->
     <key>com.apple.security.cs.allow-unsigned-executable-memory</key><true/>
@@ -36,18 +33,13 @@
     <!-- Firefox needs to access the microphone on sites the user allows -->
     <key>com.apple.security.device.audio-input</key><true/>
 
     <!-- Firefox needs to access the camera on sites the user allows -->
     <key>com.apple.security.device.camera</key><true/>
 
     <!-- Firefox needs to access the location on sites the user allows -->
     <key>com.apple.security.personal-information.location</key><true/>
-
-    <!-- Allow Firefox to send Apple events to other applications. Needed
-         for native messaging webextension helper applications launched by
-         Firefox which rely on Apple Events to signal other processes. -->
-    <key>com.apple.security.automation.apple-events</key><true/>
-
+    
     <!-- For SmartCardServices(7) -->
     <key>com.apple.security.smartcard</key><true/>
   </dict>
 </plist>