OLD | NEW |
1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <string> | 5 #include <string> |
6 | 6 |
7 #include "base/basictypes.h" | 7 #include "base/basictypes.h" |
8 #include "base/file_path.h" | 8 #include "base/file_path.h" |
| 9 #include "base/platform_file.h" |
9 #include "chrome/browser/child_process_security_policy.h" | 10 #include "chrome/browser/child_process_security_policy.h" |
10 #include "chrome/common/url_constants.h" | 11 #include "chrome/common/url_constants.h" |
11 #include "net/url_request/url_request.h" | 12 #include "net/url_request/url_request.h" |
12 #include "net/url_request/url_request_test_job.h" | 13 #include "net/url_request/url_request_test_job.h" |
13 #include "testing/gtest/include/gtest/gtest.h" | 14 #include "testing/gtest/include/gtest/gtest.h" |
14 | 15 |
15 class ChildProcessSecurityPolicyTest : public testing::Test { | 16 class ChildProcessSecurityPolicyTest : public testing::Test { |
16 protected: | 17 protected: |
17 // testing::Test | 18 // testing::Test |
18 virtual void SetUp() { | 19 virtual void SetUp() { |
(...skipping 159 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
178 | 179 |
179 p->GrantRequestURL(kRendererID, GURL("view-source:file:///etc/passwd")); | 180 p->GrantRequestURL(kRendererID, GURL("view-source:file:///etc/passwd")); |
180 // View source needs to be able to request the embedded scheme. | 181 // View source needs to be able to request the embedded scheme. |
181 EXPECT_TRUE(p->CanRequestURL(kRendererID, | 182 EXPECT_TRUE(p->CanRequestURL(kRendererID, |
182 GURL("view-source:file:///etc/passwd"))); | 183 GURL("view-source:file:///etc/passwd"))); |
183 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); | 184 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); |
184 | 185 |
185 p->Remove(kRendererID); | 186 p->Remove(kRendererID); |
186 } | 187 } |
187 | 188 |
188 TEST_F(ChildProcessSecurityPolicyTest, CanUploadFiles) { | 189 TEST_F(ChildProcessSecurityPolicyTest, CanReadFiles) { |
189 ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance(); | 190 ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance(); |
190 | 191 |
191 p->Add(kRendererID); | 192 p->Add(kRendererID); |
192 | 193 |
193 EXPECT_FALSE(p->CanUploadFile(kRendererID, | 194 EXPECT_FALSE(p->CanReadFile(kRendererID, |
194 FilePath(FILE_PATH_LITERAL("/etc/passwd")))); | 195 FilePath(FILE_PATH_LITERAL("/etc/passwd")))); |
195 p->GrantUploadFile(kRendererID, FilePath(FILE_PATH_LITERAL("/etc/passwd"))); | 196 p->GrantReadFile(kRendererID, FilePath(FILE_PATH_LITERAL("/etc/passwd"))); |
196 EXPECT_TRUE(p->CanUploadFile(kRendererID, | 197 EXPECT_TRUE(p->CanReadFile(kRendererID, |
197 FilePath(FILE_PATH_LITERAL("/etc/passwd")))); | 198 FilePath(FILE_PATH_LITERAL("/etc/passwd")))); |
198 EXPECT_FALSE(p->CanUploadFile(kRendererID, | 199 EXPECT_FALSE(p->CanReadFile(kRendererID, |
199 FilePath(FILE_PATH_LITERAL("/etc/shadow")))); | 200 FilePath(FILE_PATH_LITERAL("/etc/shadow")))); |
200 | 201 |
201 p->Remove(kRendererID); | 202 p->Remove(kRendererID); |
202 p->Add(kRendererID); | 203 p->Add(kRendererID); |
203 | 204 |
204 EXPECT_FALSE(p->CanUploadFile(kRendererID, | 205 EXPECT_FALSE(p->CanReadFile(kRendererID, |
205 FilePath(FILE_PATH_LITERAL("/etc/passwd")))); | 206 FilePath(FILE_PATH_LITERAL("/etc/passwd")))); |
206 EXPECT_FALSE(p->CanUploadFile(kRendererID, | 207 EXPECT_FALSE(p->CanReadFile(kRendererID, |
207 FilePath(FILE_PATH_LITERAL("/etc/shadow")))); | 208 FilePath(FILE_PATH_LITERAL("/etc/shadow")))); |
208 | 209 |
209 p->Remove(kRendererID); | 210 p->Remove(kRendererID); |
210 } | 211 } |
211 | 212 |
| 213 TEST_F(ChildProcessSecurityPolicyTest, FilePermissions) { |
| 214 ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance(); |
| 215 |
| 216 // Grant permissions for a file. |
| 217 p->Add(kRendererID); |
| 218 FilePath file = FilePath(FILE_PATH_LITERAL("/etc/passwd")); |
| 219 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file, |
| 220 base::PLATFORM_FILE_OPEN)); |
| 221 |
| 222 p->GrantPermissionsForFile(kRendererID, file, |
| 223 base::PLATFORM_FILE_OPEN | |
| 224 base::PLATFORM_FILE_READ | |
| 225 base::PLATFORM_FILE_WRITE | |
| 226 base::PLATFORM_FILE_TRUNCATE); |
| 227 EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, file, |
| 228 base::PLATFORM_FILE_OPEN | |
| 229 base::PLATFORM_FILE_READ | |
| 230 base::PLATFORM_FILE_WRITE | |
| 231 base::PLATFORM_FILE_TRUNCATE)); |
| 232 EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, file, |
| 233 base::PLATFORM_FILE_OPEN | |
| 234 base::PLATFORM_FILE_READ)); |
| 235 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file, |
| 236 base::PLATFORM_FILE_CREATE)); |
| 237 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file, |
| 238 base::PLATFORM_FILE_CREATE | |
| 239 base::PLATFORM_FILE_READ | |
| 240 base::PLATFORM_FILE_WRITE | |
| 241 base::PLATFORM_FILE_TRUNCATE)); |
| 242 p->Remove(kRendererID); |
| 243 |
| 244 // Grant permissions for the directory the file is in. |
| 245 p->Add(kRendererID); |
| 246 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file, |
| 247 base::PLATFORM_FILE_OPEN)); |
| 248 p->GrantPermissionsForFile(kRendererID, FilePath(FILE_PATH_LITERAL("/etc")), |
| 249 base::PLATFORM_FILE_OPEN | |
| 250 base::PLATFORM_FILE_READ); |
| 251 EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, file, |
| 252 base::PLATFORM_FILE_OPEN)); |
| 253 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file, |
| 254 base::PLATFORM_FILE_READ | |
| 255 base::PLATFORM_FILE_WRITE)); |
| 256 p->Remove(kRendererID); |
| 257 |
| 258 // Grant permissions for the directory the file is in (with trailing '/'). |
| 259 p->Add(kRendererID); |
| 260 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file, |
| 261 base::PLATFORM_FILE_OPEN)); |
| 262 p->GrantPermissionsForFile(kRendererID, FilePath(FILE_PATH_LITERAL("/etc/")), |
| 263 base::PLATFORM_FILE_OPEN | |
| 264 base::PLATFORM_FILE_READ); |
| 265 EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, file, |
| 266 base::PLATFORM_FILE_OPEN)); |
| 267 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file, |
| 268 base::PLATFORM_FILE_READ | |
| 269 base::PLATFORM_FILE_WRITE)); |
| 270 |
| 271 // Grant permissions for the file (should overwrite the permissions granted |
| 272 // for the directory). |
| 273 p->GrantPermissionsForFile(kRendererID, file, base::PLATFORM_FILE_TEMPORARY); |
| 274 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file, |
| 275 base::PLATFORM_FILE_OPEN)); |
| 276 EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, file, |
| 277 base::PLATFORM_FILE_TEMPORARY)); |
| 278 p->Remove(kRendererID); |
| 279 } |
| 280 |
212 TEST_F(ChildProcessSecurityPolicyTest, CanServiceInspectElement) { | 281 TEST_F(ChildProcessSecurityPolicyTest, CanServiceInspectElement) { |
213 ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance(); | 282 ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance(); |
214 | 283 |
215 GURL url("chrome://devtools/devtools.html"); | 284 GURL url("chrome://devtools/devtools.html"); |
216 | 285 |
217 p->Add(kRendererID); | 286 p->Add(kRendererID); |
218 | 287 |
219 EXPECT_FALSE(p->CanRequestURL(kRendererID, url)); | 288 EXPECT_FALSE(p->CanRequestURL(kRendererID, url)); |
220 p->GrantInspectElement(kRendererID); | 289 p->GrantInspectElement(kRendererID); |
221 EXPECT_TRUE(p->CanRequestURL(kRendererID, url)); | 290 EXPECT_TRUE(p->CanRequestURL(kRendererID, url)); |
(...skipping 19 matching lines...) Expand all Loading... |
241 | 310 |
242 TEST_F(ChildProcessSecurityPolicyTest, RemoveRace) { | 311 TEST_F(ChildProcessSecurityPolicyTest, RemoveRace) { |
243 ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance(); | 312 ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance(); |
244 | 313 |
245 GURL url("file:///etc/passwd"); | 314 GURL url("file:///etc/passwd"); |
246 FilePath file(FILE_PATH_LITERAL("/etc/passwd")); | 315 FilePath file(FILE_PATH_LITERAL("/etc/passwd")); |
247 | 316 |
248 p->Add(kRendererID); | 317 p->Add(kRendererID); |
249 | 318 |
250 p->GrantRequestURL(kRendererID, url); | 319 p->GrantRequestURL(kRendererID, url); |
251 p->GrantUploadFile(kRendererID, file); | 320 p->GrantReadFile(kRendererID, file); |
252 p->GrantDOMUIBindings(kRendererID); | 321 p->GrantDOMUIBindings(kRendererID); |
253 | 322 |
254 EXPECT_TRUE(p->CanRequestURL(kRendererID, url)); | 323 EXPECT_TRUE(p->CanRequestURL(kRendererID, url)); |
255 EXPECT_TRUE(p->CanUploadFile(kRendererID, file)); | 324 EXPECT_TRUE(p->CanReadFile(kRendererID, file)); |
256 EXPECT_TRUE(p->HasDOMUIBindings(kRendererID)); | 325 EXPECT_TRUE(p->HasDOMUIBindings(kRendererID)); |
257 | 326 |
258 p->Remove(kRendererID); | 327 p->Remove(kRendererID); |
259 | 328 |
260 // Renderers are added and removed on the UI thread, but the policy can be | 329 // Renderers are added and removed on the UI thread, but the policy can be |
261 // queried on the IO thread. The ChildProcessSecurityPolicy needs to be | 330 // queried on the IO thread. The ChildProcessSecurityPolicy needs to be |
262 // prepared to answer policy questions about renderers who no longer exist. | 331 // prepared to answer policy questions about renderers who no longer exist. |
263 | 332 |
264 // In this case, we default to secure behavior. | 333 // In this case, we default to secure behavior. |
265 EXPECT_FALSE(p->CanRequestURL(kRendererID, url)); | 334 EXPECT_FALSE(p->CanRequestURL(kRendererID, url)); |
266 EXPECT_FALSE(p->CanUploadFile(kRendererID, file)); | 335 EXPECT_FALSE(p->CanReadFile(kRendererID, file)); |
267 EXPECT_FALSE(p->HasDOMUIBindings(kRendererID)); | 336 EXPECT_FALSE(p->HasDOMUIBindings(kRendererID)); |
268 } | 337 } |
OLD | NEW |