Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(773)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: base/file_util_posix.cc

Issue 7718021: Add external extensions json source in proper mac location. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: rev Created 9 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« base/file_util.h ('K') | « base/file_util.h ('k') | base/file_util_unittest.cc » ('j') | base/file_util_unittest.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: base/file_util_posix.cc
diff --git a/base/file_util_posix.cc b/base/file_util_posix.cc
index 9904584abd3c0fa9059c7ce1f276caaa9642b065..1678ce466626f0ec3e833a94b97b78100bb441e6 100644
--- a/base/file_util_posix.cc
+++ b/base/file_util_posix.cc
@@ -940,4 +940,45 @@ bool CopyFile(const FilePath& from_path, const FilePath& to_path) {
}
#endif // defined(OS_MACOSX)
+// Test that a path is owned by a specific user, and not writable
+// by all users. This is useful for checking that a config file
+// is administrator-controlled. All components of |path| after |base|
+// are checked. Note that |base| is not checked, and |base| must be a
+// parent of |path|.
Evan Martin 2011/08/24 22:38:53 These comments belong in the header.
Sam Kerner (Chrome) 2011/08/25 14:04:37 Done.
+bool IsPathControlledByUser(const FilePath& base,
+ const FilePath& path,
+ uid_t owner_uid) {
+ if (path == base)
TVL 2011/08/25 14:07:28 do you need to sanity check that base is the prefi
Sam Kerner (Chrome) 2011/08/26 19:59:15 Sanity checks added. Unit test IsPathControlledBy
+ return true;
+
+
Evan Martin 2011/08/24 22:38:53 Is the double-newline here intentional?
Sam Kerner (Chrome) 2011/08/25 14:04:37 No. Removed.
+ if (!IsPathControlledByUser(base, path.DirName(), owner_uid))
TVL 2011/08/25 14:07:28 could this be done with a loop to avoid the recurs
Sam Kerner (Chrome) 2011/08/26 19:59:15 Done.
+ return false;
+
+ stat_wrapper_t stat_info;
+ if (CallStat(path.value().c_str(), &stat_info) != 0) {
+ LOG(ERROR) << "Failed to get information on path " << path.value();
Evan Martin 2011/08/24 22:38:53 Use PLOG() for functions like this that use errno
Sam Kerner (Chrome) 2011/08/25 14:04:37 Done.
+ return false;
+ }
+
+ if (stat_info.st_uid != owner_uid) {
+ LOG(ERROR) << "Path " << path.value()
+ << " is owned by the wrong user.";
+ return false;
+ }
+
+ if (stat_info.st_mode & S_IWOTH) {
+ LOG(ERROR) << "Path "<< path.value() << " is writable by any user.";
+ return false;
+ }
+
+ return true;
+}
+
+bool IsPathControlledByAdmin(const FilePath& path) {
+ const unsigned kRootUid = 0;
+ const FilePath kFileSystemRoot(FILE_PATH_LITERAL("/"));
Evan Martin 2011/08/24 22:38:53 Since this is in POSIX code, you can use "/" witho
Sam Kerner (Chrome) 2011/08/25 14:04:37 Done.
+ return IsPathControlledByUser(kFileSystemRoot, path, kRootUid);
+}
+
} // namespace file_util
« base/file_util.h ('K') | « base/file_util.h ('k') | base/file_util_unittest.cc » ('j') | base/file_util_unittest.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698