Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(286)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/child_process_security_policy_unittest.cc

Issue 6623015: Add a path for a web page to request the enumeration of a directory. This, t... (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: '' Created 9 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « content/browser/child_process_security_policy.cc ('k') | content/browser/renderer_host/render_view_host.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <string> 5 #include <string>
6 6
7 #include "base/basictypes.h" 7 #include "base/basictypes.h"
8 #include "base/file_path.h" 8 #include "base/file_path.h"
9 #include "base/platform_file.h" 9 #include "base/platform_file.h"
10 #include "chrome/common/url_constants.h" 10 #include "chrome/common/url_constants.h"
(...skipping 197 matching lines...) Expand 10 before | Expand all | Expand 10 after
208 p->Add(kRendererID); 208 p->Add(kRendererID);
209 209
210 EXPECT_FALSE(p->CanReadFile(kRendererID, 210 EXPECT_FALSE(p->CanReadFile(kRendererID,
211 FilePath(FILE_PATH_LITERAL("/etc/passwd")))); 211 FilePath(FILE_PATH_LITERAL("/etc/passwd"))));
212 EXPECT_FALSE(p->CanReadFile(kRendererID, 212 EXPECT_FALSE(p->CanReadFile(kRendererID,
213 FilePath(FILE_PATH_LITERAL("/etc/shadow")))); 213 FilePath(FILE_PATH_LITERAL("/etc/shadow"))));
214 214
215 p->Remove(kRendererID); 215 p->Remove(kRendererID);
216 } 216 }
217 217
218 TEST_F(ChildProcessSecurityPolicyTest, CanReadDirectories) {
219 ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance();
220
221 p->Add(kRendererID);
222
223 EXPECT_FALSE(p->CanReadDirectory(kRendererID,
224 FilePath(FILE_PATH_LITERAL("/etc/"))));
225 p->GrantReadDirectory(kRendererID, FilePath(FILE_PATH_LITERAL("/etc/")));
226 EXPECT_TRUE(p->CanReadDirectory(kRendererID,
227 FilePath(FILE_PATH_LITERAL("/etc/"))));
228 EXPECT_TRUE(p->CanReadFile(kRendererID,
229 FilePath(FILE_PATH_LITERAL("/etc/passwd"))));
230
231 p->Remove(kRendererID);
232 p->Add(kRendererID);
233
234 EXPECT_FALSE(p->CanReadDirectory(kRendererID,
235 FilePath(FILE_PATH_LITERAL("/etc/"))));
236 EXPECT_FALSE(p->CanReadFile(kRendererID,
237 FilePath(FILE_PATH_LITERAL("/etc/passwd"))));
238
239 // Just granting read permission as a file doesn't imply reading as a
240 // directory.
241 p->GrantReadFile(kRendererID, FilePath(FILE_PATH_LITERAL("/etc/")));
242 EXPECT_TRUE(p->CanReadFile(kRendererID,
243 FilePath(FILE_PATH_LITERAL("/etc/passwd"))));
244 EXPECT_FALSE(p->CanReadDirectory(kRendererID,
245 FilePath(FILE_PATH_LITERAL("/etc/"))));
246
247 p->Remove(kRendererID);
248 }
249
218 TEST_F(ChildProcessSecurityPolicyTest, FilePermissions) { 250 TEST_F(ChildProcessSecurityPolicyTest, FilePermissions) {
219 ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance(); 251 ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance();
220 252
221 // Grant permissions for a file. 253 // Grant permissions for a file.
222 p->Add(kRendererID); 254 p->Add(kRendererID);
223 FilePath file = FilePath(FILE_PATH_LITERAL("/etc/passwd")); 255 FilePath file = FilePath(FILE_PATH_LITERAL("/etc/passwd"));
224 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file, 256 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file,
225 base::PLATFORM_FILE_OPEN)); 257 base::PLATFORM_FILE_OPEN));
226 258
227 p->GrantPermissionsForFile(kRendererID, file, 259 p->GrantPermissionsForFile(kRendererID, file,
(...skipping 100 matching lines...) Expand 10 before | Expand all | Expand 10 after
328 360
329 // Renderers are added and removed on the UI thread, but the policy can be 361 // Renderers are added and removed on the UI thread, but the policy can be
330 // queried on the IO thread. The ChildProcessSecurityPolicy needs to be 362 // queried on the IO thread. The ChildProcessSecurityPolicy needs to be
331 // prepared to answer policy questions about renderers who no longer exist. 363 // prepared to answer policy questions about renderers who no longer exist.
332 364
333 // In this case, we default to secure behavior. 365 // In this case, we default to secure behavior.
334 EXPECT_FALSE(p->CanRequestURL(kRendererID, url)); 366 EXPECT_FALSE(p->CanRequestURL(kRendererID, url));
335 EXPECT_FALSE(p->CanReadFile(kRendererID, file)); 367 EXPECT_FALSE(p->CanReadFile(kRendererID, file));
336 EXPECT_FALSE(p->HasWebUIBindings(kRendererID)); 368 EXPECT_FALSE(p->HasWebUIBindings(kRendererID));
337 } 369 }
OLDNEW
« no previous file with comments | « content/browser/child_process_security_policy.cc ('k') | content/browser/renderer_host/render_view_host.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698