| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright (c) 2009 The Chromium OS Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 // Some portions Copyright (c) 2009 The Chromium Authors. |
| 5 // |
| 6 // Tests for MiniJail |
| 7 #include "env.h" |
| 8 #include "minijail.h" |
| 9 #include <gtest/gtest.h> |
| 10 |
| 11 namespace chromeos { |
| 12 |
| 13 // TODO: pull in gmock to make this non-crazy for testing. |
| 14 class TrueEnv : public minijail::Env { |
| 15 public: |
| 16 TrueEnv() { } |
| 17 ~TrueEnv() { } |
| 18 bool DisableTracing() const { return true; } |
| 19 bool KeepRootCapabilities() const { return true; } |
| 20 bool DisableDefaultRootPrivileges() const { return true; } |
| 21 bool ChangeUser(uid_t uid, gid_t gid) const { return true; } |
| 22 bool SanitizeBoundingSet(uint64 capmask) const { return true; } |
| 23 bool EnterNamespace(int namespaces) const { return true; } |
| 24 bool FilterSyscallsBySource() const { return true; } |
| 25 bool Mount() const { return true; } |
| 26 bool SanitizeCapabilities(uint64 eff_capmask) const { return true; } |
| 27 bool Run(const char *path, |
| 28 char * const *argv, |
| 29 char * const *envp) const { return true; } |
| 30 }; |
| 31 |
| 32 class MiniJailTest : public ::testing::Test { }; |
| 33 |
| 34 TEST(MiniJailTest, TrueJail) { |
| 35 TrueEnv *env = new TrueEnv; |
| 36 MiniJailOptions options; |
| 37 options.set_env(env); |
| 38 MiniJail jail; |
| 39 // This does basically nothing since the options default to false. |
| 40 // Only ChangeUser is actually called. |
| 41 EXPECT_TRUE(jail.Jail()); |
| 42 EXPECT_TRUE(jail.Run()); |
| 43 } |
| 44 |
| 45 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 466049:
Baseline minijail with a commandline switch driven main. (Closed)
