Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(12)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: base/file_util_posix.cc

Issue 7718021: Add external extensions json source in proper mac location. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Address rev comments. Created 9 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « base/file_util.h ('k') | base/file_util_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "base/file_util.h" 5 #include "base/file_util.h"
6 6
7 #include <dirent.h> 7 #include <dirent.h>
8 #include <errno.h> 8 #include <errno.h>
9 #include <fcntl.h> 9 #include <fcntl.h>
10 #include <fnmatch.h> 10 #include <fnmatch.h>
(...skipping 922 matching lines...) Expand 10 before | Expand all | Expand 10 after
933 933
934 if (HANDLE_EINTR(close(infile)) < 0) 934 if (HANDLE_EINTR(close(infile)) < 0)
935 result = false; 935 result = false;
936 if (HANDLE_EINTR(close(outfile)) < 0) 936 if (HANDLE_EINTR(close(outfile)) < 0)
937 result = false; 937 result = false;
938 938
939 return result; 939 return result;
940 } 940 }
941 #endif // defined(OS_MACOSX) 941 #endif // defined(OS_MACOSX)
942 942
943 bool IsPathControlledByUser(const FilePath& base,
944 const FilePath& path,
945 uid_t owner_uid) {
946 if (path == base)
Mark Mentovai 2011/08/25 14:15:49 This scheme seems to provide absolutely no way to
Sam Kerner (Chrome) 2011/08/26 19:59:15 Changed the test to include the base path, sop tha
947 return true;
948
949 if (!IsPathControlledByUser(base, path.DirName(), owner_uid))
950 return false;
951
952 stat_wrapper_t stat_info;
953 if (CallStat(path.value().c_str(), &stat_info) != 0) {
954 PLOG(ERROR) << "Failed to get information on path " << path.value();
955 return false;
956 }
957
958 if (stat_info.st_uid != owner_uid) {
TVL 2011/08/25 14:07:28 what happens if any segment is a link? does that
Sam Kerner (Chrome) 2011/08/26 19:59:15 Good point. Links are now forbidden.
959 LOG(ERROR) << "Path " << path.value()
960 << " is owned by the wrong user.";
961 return false;
962 }
963
964 if (stat_info.st_mode & S_IWOTH) {
965 LOG(ERROR) << "Path "<< path.value() << " is writable by any user.";
966 return false;
967 }
968
969 return true;
TVL 2011/08/25 14:07:28 the group permissions could still be a issue, but
Sam Kerner (Chrome) 2011/08/26 19:59:15 Hardcoded check for the group named "admin".
970 }
971
972 bool IsPathControlledByAdmin(const FilePath& path) {
973 const unsigned kRootUid = 0;
974 const FilePath kFileSystemRoot("/");
975 return IsPathControlledByUser(kFileSystemRoot, path, kRootUid);
976 }
977
943 } // namespace file_util 978 } // namespace file_util
OLDNEW
« no previous file with comments | « base/file_util.h ('k') | base/file_util_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698