OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <set> | 5 #include <set> |
6 #include <string> | 6 #include <string> |
7 | 7 |
8 #include "base/basictypes.h" | 8 #include "base/basictypes.h" |
9 #include "base/file_path.h" | 9 #include "base/file_path.h" |
10 #include "base/platform_file.h" | 10 #include "base/platform_file.h" |
(...skipping 329 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
340 p->GrantReadFile(kRendererID, FilePath(FILE_PATH_LITERAL("/etc/"))); | 340 p->GrantReadFile(kRendererID, FilePath(FILE_PATH_LITERAL("/etc/"))); |
341 EXPECT_TRUE(p->CanReadFile(kRendererID, | 341 EXPECT_TRUE(p->CanReadFile(kRendererID, |
342 FilePath(FILE_PATH_LITERAL("/etc/passwd")))); | 342 FilePath(FILE_PATH_LITERAL("/etc/passwd")))); |
343 EXPECT_FALSE(p->CanReadDirectory(kRendererID, | 343 EXPECT_FALSE(p->CanReadDirectory(kRendererID, |
344 FilePath(FILE_PATH_LITERAL("/etc/")))); | 344 FilePath(FILE_PATH_LITERAL("/etc/")))); |
345 | 345 |
346 p->Remove(kRendererID); | 346 p->Remove(kRendererID); |
347 } | 347 } |
348 | 348 |
349 TEST_F(ChildProcessSecurityPolicyTest, FilePermissions) { | 349 TEST_F(ChildProcessSecurityPolicyTest, FilePermissions) { |
| 350 FilePath file = FilePath(FILE_PATH_LITERAL("/home/joe")); |
| 351 FilePath sibling_file = FilePath(FILE_PATH_LITERAL("/home/bob")); |
| 352 FilePath child_file = FilePath(FILE_PATH_LITERAL("/home/joe/file")); |
| 353 FilePath parent_file = FilePath(FILE_PATH_LITERAL("/home")); |
| 354 FilePath parent_slash_file = FilePath(FILE_PATH_LITERAL("/home/")); |
| 355 FilePath evil_file = FilePath( |
| 356 FILE_PATH_LITERAL("/home/joe/../../etc/passwd")); |
| 357 |
350 ChildProcessSecurityPolicyImpl* p = | 358 ChildProcessSecurityPolicyImpl* p = |
351 ChildProcessSecurityPolicyImpl::GetInstance(); | 359 ChildProcessSecurityPolicyImpl::GetInstance(); |
352 | 360 |
353 // Grant permissions for a file. | 361 // Grant permissions for a file. |
354 p->Add(kRendererID); | 362 p->Add(kRendererID); |
355 FilePath file = FilePath(FILE_PATH_LITERAL("/etc/passwd")); | |
356 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file, | 363 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file, |
357 base::PLATFORM_FILE_OPEN)); | 364 base::PLATFORM_FILE_OPEN)); |
358 | 365 |
359 p->GrantPermissionsForFile(kRendererID, file, | 366 p->GrantPermissionsForFile(kRendererID, file, |
360 base::PLATFORM_FILE_OPEN | | 367 base::PLATFORM_FILE_OPEN | |
361 base::PLATFORM_FILE_OPEN_TRUNCATED | | 368 base::PLATFORM_FILE_OPEN_TRUNCATED | |
362 base::PLATFORM_FILE_READ | | 369 base::PLATFORM_FILE_READ | |
363 base::PLATFORM_FILE_WRITE); | 370 base::PLATFORM_FILE_WRITE); |
364 EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, file, | 371 EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, file, |
365 base::PLATFORM_FILE_OPEN | | 372 base::PLATFORM_FILE_OPEN | |
366 base::PLATFORM_FILE_OPEN_TRUNCATED | | 373 base::PLATFORM_FILE_OPEN_TRUNCATED | |
367 base::PLATFORM_FILE_READ | | 374 base::PLATFORM_FILE_READ | |
368 base::PLATFORM_FILE_WRITE)); | 375 base::PLATFORM_FILE_WRITE)); |
369 EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, file, | 376 EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, file, |
370 base::PLATFORM_FILE_OPEN | | 377 base::PLATFORM_FILE_OPEN | |
371 base::PLATFORM_FILE_READ)); | 378 base::PLATFORM_FILE_READ)); |
372 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file, | 379 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file, |
373 base::PLATFORM_FILE_CREATE)); | 380 base::PLATFORM_FILE_CREATE)); |
374 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file, | 381 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file, |
375 base::PLATFORM_FILE_CREATE | | 382 base::PLATFORM_FILE_CREATE | |
376 base::PLATFORM_FILE_OPEN_TRUNCATED | | 383 base::PLATFORM_FILE_OPEN_TRUNCATED | |
377 base::PLATFORM_FILE_READ | | 384 base::PLATFORM_FILE_READ | |
378 base::PLATFORM_FILE_WRITE)); | 385 base::PLATFORM_FILE_WRITE)); |
| 386 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, sibling_file, |
| 387 base::PLATFORM_FILE_OPEN | |
| 388 base::PLATFORM_FILE_READ)); |
| 389 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, parent_file, |
| 390 base::PLATFORM_FILE_OPEN | |
| 391 base::PLATFORM_FILE_READ)); |
| 392 EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, child_file, |
| 393 base::PLATFORM_FILE_OPEN | |
| 394 base::PLATFORM_FILE_READ)); |
| 395 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, evil_file, |
| 396 base::PLATFORM_FILE_OPEN | |
| 397 base::PLATFORM_FILE_READ)); |
379 p->Remove(kRendererID); | 398 p->Remove(kRendererID); |
380 | 399 |
381 // Grant permissions for the directory the file is in. | 400 // Grant permissions for the directory the file is in. |
382 p->Add(kRendererID); | 401 p->Add(kRendererID); |
383 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file, | 402 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file, |
384 base::PLATFORM_FILE_OPEN)); | 403 base::PLATFORM_FILE_OPEN)); |
385 p->GrantPermissionsForFile(kRendererID, FilePath(FILE_PATH_LITERAL("/etc")), | 404 p->GrantPermissionsForFile(kRendererID, parent_file, |
386 base::PLATFORM_FILE_OPEN | | 405 base::PLATFORM_FILE_OPEN | |
387 base::PLATFORM_FILE_READ); | 406 base::PLATFORM_FILE_READ); |
388 EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, file, | 407 EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, file, |
389 base::PLATFORM_FILE_OPEN)); | 408 base::PLATFORM_FILE_OPEN)); |
390 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file, | 409 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file, |
391 base::PLATFORM_FILE_READ | | 410 base::PLATFORM_FILE_READ | |
392 base::PLATFORM_FILE_WRITE)); | 411 base::PLATFORM_FILE_WRITE)); |
393 p->Remove(kRendererID); | 412 p->Remove(kRendererID); |
394 | 413 |
395 // Grant permissions for the directory the file is in (with trailing '/'). | 414 // Grant permissions for the directory the file is in (with trailing '/'). |
396 p->Add(kRendererID); | 415 p->Add(kRendererID); |
397 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file, | 416 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file, |
398 base::PLATFORM_FILE_OPEN)); | 417 base::PLATFORM_FILE_OPEN)); |
399 p->GrantPermissionsForFile(kRendererID, FilePath(FILE_PATH_LITERAL("/etc/")), | 418 p->GrantPermissionsForFile(kRendererID, parent_slash_file, |
400 base::PLATFORM_FILE_OPEN | | 419 base::PLATFORM_FILE_OPEN | |
401 base::PLATFORM_FILE_READ); | 420 base::PLATFORM_FILE_READ); |
402 EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, file, | 421 EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, file, |
403 base::PLATFORM_FILE_OPEN)); | 422 base::PLATFORM_FILE_OPEN)); |
404 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file, | 423 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file, |
405 base::PLATFORM_FILE_READ | | 424 base::PLATFORM_FILE_READ | |
406 base::PLATFORM_FILE_WRITE)); | 425 base::PLATFORM_FILE_WRITE)); |
407 | 426 |
408 // Grant permissions for the file (should overwrite the permissions granted | 427 // Grant permissions for the file (should overwrite the permissions granted |
409 // for the directory). | 428 // for the directory). |
(...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
486 // queried on the IO thread. The ChildProcessSecurityPolicy needs to be | 505 // queried on the IO thread. The ChildProcessSecurityPolicy needs to be |
487 // prepared to answer policy questions about renderers who no longer exist. | 506 // prepared to answer policy questions about renderers who no longer exist. |
488 | 507 |
489 // In this case, we default to secure behavior. | 508 // In this case, we default to secure behavior. |
490 EXPECT_FALSE(p->CanRequestURL(kRendererID, url)); | 509 EXPECT_FALSE(p->CanRequestURL(kRendererID, url)); |
491 EXPECT_FALSE(p->CanReadFile(kRendererID, file)); | 510 EXPECT_FALSE(p->CanReadFile(kRendererID, file)); |
492 EXPECT_FALSE(p->HasWebUIBindings(kRendererID)); | 511 EXPECT_FALSE(p->HasWebUIBindings(kRendererID)); |
493 } | 512 } |
494 | 513 |
495 } // namespace content | 514 } // namespace content |
OLD | NEW |