OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <string> | 5 #include <string> |
6 | 6 |
7 #include "base/basictypes.h" | 7 #include "base/basictypes.h" |
8 #include "base/file_path.h" | 8 #include "base/file_path.h" |
9 #include "base/platform_file.h" | 9 #include "base/platform_file.h" |
10 #include "chrome/common/url_constants.h" | 10 #include "chrome/common/url_constants.h" |
(...skipping 197 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
208 p->Add(kRendererID); | 208 p->Add(kRendererID); |
209 | 209 |
210 EXPECT_FALSE(p->CanReadFile(kRendererID, | 210 EXPECT_FALSE(p->CanReadFile(kRendererID, |
211 FilePath(FILE_PATH_LITERAL("/etc/passwd")))); | 211 FilePath(FILE_PATH_LITERAL("/etc/passwd")))); |
212 EXPECT_FALSE(p->CanReadFile(kRendererID, | 212 EXPECT_FALSE(p->CanReadFile(kRendererID, |
213 FilePath(FILE_PATH_LITERAL("/etc/shadow")))); | 213 FilePath(FILE_PATH_LITERAL("/etc/shadow")))); |
214 | 214 |
215 p->Remove(kRendererID); | 215 p->Remove(kRendererID); |
216 } | 216 } |
217 | 217 |
| 218 TEST_F(ChildProcessSecurityPolicyTest, CanReadDirectories) { |
| 219 ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance(); |
| 220 |
| 221 p->Add(kRendererID); |
| 222 |
| 223 EXPECT_FALSE(p->CanReadDirectory(kRendererID, |
| 224 FilePath(FILE_PATH_LITERAL("/etc/")))); |
| 225 p->GrantReadDirectory(kRendererID, FilePath(FILE_PATH_LITERAL("/etc/"))); |
| 226 EXPECT_TRUE(p->CanReadDirectory(kRendererID, |
| 227 FilePath(FILE_PATH_LITERAL("/etc/")))); |
| 228 EXPECT_TRUE(p->CanReadFile(kRendererID, |
| 229 FilePath(FILE_PATH_LITERAL("/etc/passwd")))); |
| 230 |
| 231 p->Remove(kRendererID); |
| 232 p->Add(kRendererID); |
| 233 |
| 234 EXPECT_FALSE(p->CanReadDirectory(kRendererID, |
| 235 FilePath(FILE_PATH_LITERAL("/etc/")))); |
| 236 EXPECT_FALSE(p->CanReadFile(kRendererID, |
| 237 FilePath(FILE_PATH_LITERAL("/etc/passwd")))); |
| 238 |
| 239 // Just granting read permission as a file doesn't imply reading as a |
| 240 // directory. |
| 241 p->GrantReadFile(kRendererID, FilePath(FILE_PATH_LITERAL("/etc/"))); |
| 242 EXPECT_TRUE(p->CanReadFile(kRendererID, |
| 243 FilePath(FILE_PATH_LITERAL("/etc/passwd")))); |
| 244 EXPECT_FALSE(p->CanReadDirectory(kRendererID, |
| 245 FilePath(FILE_PATH_LITERAL("/etc/")))); |
| 246 |
| 247 p->Remove(kRendererID); |
| 248 } |
| 249 |
218 TEST_F(ChildProcessSecurityPolicyTest, FilePermissions) { | 250 TEST_F(ChildProcessSecurityPolicyTest, FilePermissions) { |
219 ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance(); | 251 ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance(); |
220 | 252 |
221 // Grant permissions for a file. | 253 // Grant permissions for a file. |
222 p->Add(kRendererID); | 254 p->Add(kRendererID); |
223 FilePath file = FilePath(FILE_PATH_LITERAL("/etc/passwd")); | 255 FilePath file = FilePath(FILE_PATH_LITERAL("/etc/passwd")); |
224 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file, | 256 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file, |
225 base::PLATFORM_FILE_OPEN)); | 257 base::PLATFORM_FILE_OPEN)); |
226 | 258 |
227 p->GrantPermissionsForFile(kRendererID, file, | 259 p->GrantPermissionsForFile(kRendererID, file, |
(...skipping 100 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
328 | 360 |
329 // Renderers are added and removed on the UI thread, but the policy can be | 361 // Renderers are added and removed on the UI thread, but the policy can be |
330 // queried on the IO thread. The ChildProcessSecurityPolicy needs to be | 362 // queried on the IO thread. The ChildProcessSecurityPolicy needs to be |
331 // prepared to answer policy questions about renderers who no longer exist. | 363 // prepared to answer policy questions about renderers who no longer exist. |
332 | 364 |
333 // In this case, we default to secure behavior. | 365 // In this case, we default to secure behavior. |
334 EXPECT_FALSE(p->CanRequestURL(kRendererID, url)); | 366 EXPECT_FALSE(p->CanRequestURL(kRendererID, url)); |
335 EXPECT_FALSE(p->CanReadFile(kRendererID, file)); | 367 EXPECT_FALSE(p->CanReadFile(kRendererID, file)); |
336 EXPECT_FALSE(p->HasWebUIBindings(kRendererID)); | 368 EXPECT_FALSE(p->HasWebUIBindings(kRendererID)); |
337 } | 369 } |
OLD | NEW |