Bug 1576733 - Part 2 - Remove the Hardened Runtime AppleEvent entitlement r=spohl
☠☠ backed out by 47f54345d704 ☠ ☠
authorHaik Aftandilian <haftandilian@mozilla.com>
Tue, 05 Nov 2019 17:42:09 +0000
changeset 500692 12df7898b0eee9b11ed6189769f2a6199d93d4e1
parent 500691 4ab691bf4228cb145501c18e766b4c22bf8437c4
child 500693 08e402640f7e00dcdf86b194c1eaa6c07b01626f
push id114166
push userapavel@mozilla.com
push dateThu, 07 Nov 2019 10:04:01 +0000
treeherdermozilla-inbound@d271c572a9bc [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersspohl
bugs1576733, 1570581
milestone72.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1576733 - Part 2 - Remove the Hardened Runtime AppleEvent entitlement r=spohl Revert bug 1570581 by removing the AppleEvent entitlement from our hardened runtime configuration for both production and development. Now that native messaging helpers are started 'disclaimed' with a new attribution chain, the entitlement is not needed. Differential Revision: https://phabricator.services.mozilla.com/D48029
security/mac/hardenedruntime/developer.entitlements.xml
security/mac/hardenedruntime/production.entitlements.xml
--- a/security/mac/hardenedruntime/developer.entitlements.xml
+++ b/security/mac/hardenedruntime/developer.entitlements.xml
@@ -3,19 +3,17 @@
 <!--
      Entitlements to apply to the .app bundle and all executable files
      contained within it during codesigning of developer builds. These
      entitlements configure hardened runtime and allow debugging of the
      application. The com.apple.security.get-task-allow entitlement must be
      set to true to allow debuggers to attach to application processes but
      this prohibits notarization with the notary service. Aside from allowing
      debugging, these entitlements enable hardened runtime protections to the
-     extent possible for Firefox. Supporting binaries within the bundle could
-     use more restrictive entitlements, but they are launched by the main
-     Firefox process and therefore inherit the parent process entitlements.
+     extent possible for Firefox.
 -->
 <plist version="1.0">
   <dict>
     <!-- Firefox does not use MAP_JIT for executable mappings -->
     <key>com.apple.security.cs.allow-jit</key><false/>
 
     <!-- Firefox needs to create executable pages (without MAP_JIT) -->
     <key>com.apple.security.cs.allow-unsigned-executable-memory</key><true/>
@@ -36,18 +34,13 @@
     <!-- Firefox needs to access the microphone on sites the user allows -->
     <key>com.apple.security.device.audio-input</key><true/>
 
     <!-- Firefox needs to access the camera on sites the user allows -->
     <key>com.apple.security.device.camera</key><true/>
 
     <!-- Firefox needs to access the location on sites the user allows -->
     <key>com.apple.security.personal-information.location</key><true/>
-
-    <!-- Allow Firefox to send Apple events to other applications. Needed
-         for native messaging webextension helper applications launched by
-         Firefox which rely on Apple Events to signal other processes. -->
-    <key>com.apple.security.automation.apple-events</key><true/>
-
+    
     <!-- For SmartCardServices(7) -->
     <key>com.apple.security.smartcard</key><true/>
   </dict>
 </plist>
--- a/security/mac/hardenedruntime/production.entitlements.xml
+++ b/security/mac/hardenedruntime/production.entitlements.xml
@@ -1,18 +1,15 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
 <!--
      Entitlements to apply to the .app bundle and all executable files
      contained within it during codesigning of production channel builds that
      will be notarized. These entitlements enable hardened runtime protections
-     to the extent possible for Firefox. Some supporting binaries within the
-     bundle could use more restrictive entitlements, but they are launched by
-     the main Firefox process and therefore inherit the parent process
-     entitlements.
+     to the extent possible for Firefox.
 -->
 <plist version="1.0">
   <dict>
     <!-- Firefox does not use MAP_JIT for executable mappings -->
     <key>com.apple.security.cs.allow-jit</key><false/>
 
     <!-- Firefox needs to create executable pages (without MAP_JIT) -->
     <key>com.apple.security.cs.allow-unsigned-executable-memory</key><true/>
@@ -36,18 +33,13 @@
     <!-- Firefox needs to access the microphone on sites the user allows -->
     <key>com.apple.security.device.audio-input</key><true/>
 
     <!-- Firefox needs to access the camera on sites the user allows -->
     <key>com.apple.security.device.camera</key><true/>
 
     <!-- Firefox needs to access the location on sites the user allows -->
     <key>com.apple.security.personal-information.location</key><true/>
-
-    <!-- Allow Firefox to send Apple events to other applications. Needed
-         for native messaging webextension helper applications launched by
-         Firefox which rely on Apple Events to signal other processes. -->
-    <key>com.apple.security.automation.apple-events</key><true/>
-
+    
     <!-- For SmartCardServices(7) -->
     <key>com.apple.security.smartcard</key><true/>
   </dict>
 </plist>