| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/child_process_security_policy_impl.h" | 5 #include "content/browser/child_process_security_policy_impl.h" |
| 6 | 6 |
| 7 #include "base/file_path.h" | 7 #include "base/file_path.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "base/metrics/histogram.h" | 9 #include "base/metrics/histogram.h" |
| 10 #include "base/platform_file.h" | 10 #include "base/platform_file.h" |
| (...skipping 342 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 353 state->second->RevokeAllPermissionsForFile(file); | 353 state->second->RevokeAllPermissionsForFile(file); |
| 354 } | 354 } |
| 355 | 355 |
| 356 void ChildProcessSecurityPolicyImpl::GrantReadFileSystem( | 356 void ChildProcessSecurityPolicyImpl::GrantReadFileSystem( |
| 357 int child_id, const std::string& filesystem_id) { | 357 int child_id, const std::string& filesystem_id) { |
| 358 GrantPermissionsForFileSystem(child_id, filesystem_id, kReadFilePermissions); | 358 GrantPermissionsForFileSystem(child_id, filesystem_id, kReadFilePermissions); |
| 359 } | 359 } |
| 360 | 360 |
| 361 void ChildProcessSecurityPolicyImpl::GrantReadWriteFileSystem( | 361 void ChildProcessSecurityPolicyImpl::GrantReadWriteFileSystem( |
| 362 int child_id, const std::string& filesystem_id) { | 362 int child_id, const std::string& filesystem_id) { |
| 363 fileapi::IsolatedContext::GetInstance()->SetWritable(filesystem_id, true); |
| 363 GrantPermissionsForFileSystem(child_id, filesystem_id, | 364 GrantPermissionsForFileSystem(child_id, filesystem_id, |
| 364 kReadFilePermissions | | 365 kReadFilePermissions | |
| 365 kWriteFilePermissions); | 366 kWriteFilePermissions); |
| 366 } | 367 } |
| 367 | 368 |
| 368 void ChildProcessSecurityPolicyImpl::GrantScheme(int child_id, | 369 void ChildProcessSecurityPolicyImpl::GrantScheme(int child_id, |
| 369 const std::string& scheme) { | 370 const std::string& scheme) { |
| 370 base::AutoLock lock(lock_); | 371 base::AutoLock lock(lock_); |
| 371 | 372 |
| 372 SecurityStateMap::iterator state = security_state_.find(child_id); | 373 SecurityStateMap::iterator state = security_state_.find(child_id); |
| (...skipping 192 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 565 int child_id, | 566 int child_id, |
| 566 const std::string& filesystem_id, | 567 const std::string& filesystem_id, |
| 567 int permission) { | 568 int permission) { |
| 568 base::AutoLock lock(lock_); | 569 base::AutoLock lock(lock_); |
| 569 | 570 |
| 570 SecurityStateMap::iterator state = security_state_.find(child_id); | 571 SecurityStateMap::iterator state = security_state_.find(child_id); |
| 571 if (state == security_state_.end()) | 572 if (state == security_state_.end()) |
| 572 return false; | 573 return false; |
| 573 return state->second->HasPermissionsForFileSystem(filesystem_id, permission); | 574 return state->second->HasPermissionsForFileSystem(filesystem_id, permission); |
| 574 } | 575 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10540070:
Make Isolated file system writable only if it is configured so (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src