Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(703)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/child_process_security_policy_unittest.cc

Issue 18129002: Update the child process security policy to use explicit permission grants. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Change RVH to use FileChooserParam mode Created 7 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « content/browser/child_process_security_policy_impl.cc ('k') | content/browser/renderer_host/render_view_host_impl.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <set> 5 #include <set>
6 #include <string> 6 #include <string>
7 7
8 #include "base/basictypes.h" 8 #include "base/basictypes.h"
9 #include "base/files/file_path.h" 9 #include "base/files/file_path.h"
10 #include "base/platform_file.h" 10 #include "base/platform_file.h"
(...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after
71 virtual void TearDown() { 71 virtual void TearDown() {
72 test_browser_client_.ClearSchemes(); 72 test_browser_client_.ClearSchemes();
73 SetBrowserClientForTesting(old_browser_client_); 73 SetBrowserClientForTesting(old_browser_client_);
74 } 74 }
75 75
76 protected: 76 protected:
77 void RegisterTestScheme(const std::string& scheme) { 77 void RegisterTestScheme(const std::string& scheme) {
78 test_browser_client_.AddScheme(scheme); 78 test_browser_client_.AddScheme(scheme);
79 } 79 }
80 80
81 void GrantPermissionsForFile(ChildProcessSecurityPolicyImpl* p,
82 int child_id,
83 const base::FilePath& file,
84 int permissions) {
85 p->GrantPermissionsForFile(child_id, file, permissions);
86 }
87
81 private: 88 private:
82 ChildProcessSecurityPolicyTestBrowserClient test_browser_client_; 89 ChildProcessSecurityPolicyTestBrowserClient test_browser_client_;
83 ContentBrowserClient* old_browser_client_; 90 ContentBrowserClient* old_browser_client_;
84 }; 91 };
85 92
86 TEST_F(ChildProcessSecurityPolicyTest, IsWebSafeSchemeTest) { 93 TEST_F(ChildProcessSecurityPolicyTest, IsWebSafeSchemeTest) {
87 ChildProcessSecurityPolicyImpl* p = 94 ChildProcessSecurityPolicyImpl* p =
88 ChildProcessSecurityPolicyImpl::GetInstance(); 95 ChildProcessSecurityPolicyImpl::GetInstance();
89 96
90 EXPECT_TRUE(p->IsWebSafeScheme(chrome::kHttpScheme)); 97 EXPECT_TRUE(p->IsWebSafeScheme(chrome::kHttpScheme));
(...skipping 258 matching lines...) Expand 10 before | Expand all | Expand 10 after
349 base::FilePath relative_file = base::FilePath(FILE_PATH_LITERAL("home/joe")); 356 base::FilePath relative_file = base::FilePath(FILE_PATH_LITERAL("home/joe"));
350 357
351 ChildProcessSecurityPolicyImpl* p = 358 ChildProcessSecurityPolicyImpl* p =
352 ChildProcessSecurityPolicyImpl::GetInstance(); 359 ChildProcessSecurityPolicyImpl::GetInstance();
353 360
354 // Grant permissions for a file. 361 // Grant permissions for a file.
355 p->Add(kRendererID); 362 p->Add(kRendererID);
356 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, granted_file, 363 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, granted_file,
357 base::PLATFORM_FILE_OPEN)); 364 base::PLATFORM_FILE_OPEN));
358 365
359 p->GrantPermissionsForFile(kRendererID, granted_file, 366 GrantPermissionsForFile(p, kRendererID, granted_file,
360 base::PLATFORM_FILE_OPEN | 367 base::PLATFORM_FILE_OPEN |
361 base::PLATFORM_FILE_OPEN_TRUNCATED | 368 base::PLATFORM_FILE_OPEN_TRUNCATED |
362 base::PLATFORM_FILE_READ | 369 base::PLATFORM_FILE_READ |
363 base::PLATFORM_FILE_WRITE); 370 base::PLATFORM_FILE_WRITE);
364 EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, granted_file, 371 EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, granted_file,
365 base::PLATFORM_FILE_OPEN | 372 base::PLATFORM_FILE_OPEN |
366 base::PLATFORM_FILE_OPEN_TRUNCATED | 373 base::PLATFORM_FILE_OPEN_TRUNCATED |
367 base::PLATFORM_FILE_READ | 374 base::PLATFORM_FILE_READ |
368 base::PLATFORM_FILE_WRITE)); 375 base::PLATFORM_FILE_WRITE));
369 EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, granted_file, 376 EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, granted_file,
(...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after
401 // CPSP doesn't allow this case for the sake of simplicity. 408 // CPSP doesn't allow this case for the sake of simplicity.
402 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, self_traversal, 409 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, self_traversal,
403 base::PLATFORM_FILE_OPEN | 410 base::PLATFORM_FILE_OPEN |
404 base::PLATFORM_FILE_READ)); 411 base::PLATFORM_FILE_READ));
405 p->Remove(kRendererID); 412 p->Remove(kRendererID);
406 413
407 // Grant permissions for the directory the file is in. 414 // Grant permissions for the directory the file is in.
408 p->Add(kRendererID); 415 p->Add(kRendererID);
409 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, granted_file, 416 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, granted_file,
410 base::PLATFORM_FILE_OPEN)); 417 base::PLATFORM_FILE_OPEN));
411 p->GrantPermissionsForFile(kRendererID, parent_file, 418 GrantPermissionsForFile(p, kRendererID, parent_file,
412 base::PLATFORM_FILE_OPEN | 419 base::PLATFORM_FILE_OPEN |
413 base::PLATFORM_FILE_READ); 420 base::PLATFORM_FILE_READ);
414 EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, granted_file, 421 EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, granted_file,
415 base::PLATFORM_FILE_OPEN)); 422 base::PLATFORM_FILE_OPEN));
416 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, granted_file, 423 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, granted_file,
417 base::PLATFORM_FILE_READ | 424 base::PLATFORM_FILE_READ |
418 base::PLATFORM_FILE_WRITE)); 425 base::PLATFORM_FILE_WRITE));
419 p->Remove(kRendererID); 426 p->Remove(kRendererID);
420 427
421 // Grant permissions for the directory the file is in (with trailing '/'). 428 // Grant permissions for the directory the file is in (with trailing '/').
422 p->Add(kRendererID); 429 p->Add(kRendererID);
423 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, granted_file, 430 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, granted_file,
424 base::PLATFORM_FILE_OPEN)); 431 base::PLATFORM_FILE_OPEN));
425 p->GrantPermissionsForFile(kRendererID, parent_slash_file, 432 GrantPermissionsForFile(p, kRendererID, parent_slash_file,
426 base::PLATFORM_FILE_OPEN | 433 base::PLATFORM_FILE_OPEN |
427 base::PLATFORM_FILE_READ); 434 base::PLATFORM_FILE_READ);
428 EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, granted_file, 435 EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, granted_file,
429 base::PLATFORM_FILE_OPEN)); 436 base::PLATFORM_FILE_OPEN));
430 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, granted_file, 437 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, granted_file,
431 base::PLATFORM_FILE_READ | 438 base::PLATFORM_FILE_READ |
432 base::PLATFORM_FILE_WRITE)); 439 base::PLATFORM_FILE_WRITE));
433 440
434 // Grant permissions for the file (should overwrite the permissions granted 441 // Grant permissions for the file (should overwrite the permissions granted
435 // for the directory). 442 // for the directory).
436 p->GrantPermissionsForFile(kRendererID, granted_file, 443 GrantPermissionsForFile(p, kRendererID, granted_file,
437 base::PLATFORM_FILE_TEMPORARY); 444 base::PLATFORM_FILE_TEMPORARY);
438 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, granted_file, 445 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, granted_file,
439 base::PLATFORM_FILE_OPEN)); 446 base::PLATFORM_FILE_OPEN));
440 EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, granted_file, 447 EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, granted_file,
441 base::PLATFORM_FILE_TEMPORARY)); 448 base::PLATFORM_FILE_TEMPORARY));
442 449
443 // Revoke all permissions for the file (it should inherit its permissions 450 // Revoke all permissions for the file (it should inherit its permissions
444 // from the directory again). 451 // from the directory again).
445 p->RevokeAllPermissionsForFile(kRendererID, granted_file); 452 p->RevokeAllPermissionsForFile(kRendererID, granted_file);
446 EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, granted_file, 453 EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, granted_file,
447 base::PLATFORM_FILE_OPEN | 454 base::PLATFORM_FILE_OPEN |
448 base::PLATFORM_FILE_READ)); 455 base::PLATFORM_FILE_READ));
449 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, granted_file, 456 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, granted_file,
450 base::PLATFORM_FILE_TEMPORARY)); 457 base::PLATFORM_FILE_TEMPORARY));
451 p->Remove(kRendererID); 458 p->Remove(kRendererID);
452 459
453 // Grant file permissions for the file to main thread renderer process, 460 // Grant file permissions for the file to main thread renderer process,
454 // make sure its worker thread renderer process inherits those. 461 // make sure its worker thread renderer process inherits those.
455 p->Add(kRendererID); 462 p->Add(kRendererID);
456 p->GrantPermissionsForFile(kRendererID, granted_file, 463 GrantPermissionsForFile(p, kRendererID, granted_file,
457 base::PLATFORM_FILE_OPEN | 464 base::PLATFORM_FILE_OPEN |
458 base::PLATFORM_FILE_READ); 465 base::PLATFORM_FILE_READ);
459 EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, granted_file, 466 EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, granted_file,
460 base::PLATFORM_FILE_OPEN | 467 base::PLATFORM_FILE_OPEN |
461 base::PLATFORM_FILE_READ)); 468 base::PLATFORM_FILE_READ));
462 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, granted_file, 469 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, granted_file,
463 base::PLATFORM_FILE_WRITE)); 470 base::PLATFORM_FILE_WRITE));
464 p->AddWorker(kWorkerRendererID, kRendererID); 471 p->AddWorker(kWorkerRendererID, kRendererID);
465 EXPECT_TRUE(p->HasPermissionsForFile(kWorkerRendererID, granted_file, 472 EXPECT_TRUE(p->HasPermissionsForFile(kWorkerRendererID, granted_file,
466 base::PLATFORM_FILE_OPEN | 473 base::PLATFORM_FILE_OPEN |
467 base::PLATFORM_FILE_READ)); 474 base::PLATFORM_FILE_READ));
468 EXPECT_FALSE(p->HasPermissionsForFile(kWorkerRendererID, granted_file, 475 EXPECT_FALSE(p->HasPermissionsForFile(kWorkerRendererID, granted_file,
469 base::PLATFORM_FILE_WRITE)); 476 base::PLATFORM_FILE_WRITE));
470 p->Remove(kRendererID); 477 p->Remove(kRendererID);
471 EXPECT_FALSE(p->HasPermissionsForFile(kWorkerRendererID, granted_file, 478 EXPECT_FALSE(p->HasPermissionsForFile(kWorkerRendererID, granted_file,
472 base::PLATFORM_FILE_OPEN | 479 base::PLATFORM_FILE_OPEN |
473 base::PLATFORM_FILE_READ)); 480 base::PLATFORM_FILE_READ));
474 p->Remove(kWorkerRendererID); 481 p->Remove(kWorkerRendererID);
475 482
476 p->Add(kRendererID); 483 p->Add(kRendererID);
477 p->GrantPermissionsForFile(kRendererID, relative_file, 484 GrantPermissionsForFile(p, kRendererID, relative_file,
478 base::PLATFORM_FILE_OPEN); 485 base::PLATFORM_FILE_OPEN);
479 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, relative_file, 486 EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, relative_file,
480 base::PLATFORM_FILE_OPEN)); 487 base::PLATFORM_FILE_OPEN));
481 p->Remove(kRendererID); 488 p->Remove(kRendererID);
482 } 489 }
483 490
484 TEST_F(ChildProcessSecurityPolicyTest, CanServiceWebUIBindings) { 491 TEST_F(ChildProcessSecurityPolicyTest, CanServiceWebUIBindings) {
485 ChildProcessSecurityPolicyImpl* p = 492 ChildProcessSecurityPolicyImpl* p =
486 ChildProcessSecurityPolicyImpl::GetInstance(); 493 ChildProcessSecurityPolicyImpl::GetInstance();
487 494
(...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after
521 // queried on the IO thread. The ChildProcessSecurityPolicy needs to be 528 // queried on the IO thread. The ChildProcessSecurityPolicy needs to be
522 // prepared to answer policy questions about renderers who no longer exist. 529 // prepared to answer policy questions about renderers who no longer exist.
523 530
524 // In this case, we default to secure behavior. 531 // In this case, we default to secure behavior.
525 EXPECT_FALSE(p->CanRequestURL(kRendererID, url)); 532 EXPECT_FALSE(p->CanRequestURL(kRendererID, url));
526 EXPECT_FALSE(p->CanReadFile(kRendererID, file)); 533 EXPECT_FALSE(p->CanReadFile(kRendererID, file));
527 EXPECT_FALSE(p->HasWebUIBindings(kRendererID)); 534 EXPECT_FALSE(p->HasWebUIBindings(kRendererID));
528 } 535 }
529 536
530 } // namespace content 537 } // namespace content
OLDNEW
« no previous file with comments | « content/browser/child_process_security_policy_impl.cc ('k') | content/browser/renderer_host/render_view_host_impl.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698