Update the child process security policy to use explicit permission grants.

chrome/browser/chromeos/extensions/file_manager/file_browser_private_api.cc

Index: chrome/browser/chromeos/extensions/file_manager/file_browser_private_api.cc
diff --git a/chrome/browser/chromeos/extensions/file_manager/file_browser_private_api.cc b/chrome/browser/chromeos/extensions/file_manager/file_browser_private_api.cc
index b3f9e14beb39891e4455358fb6b028ab0c657b9a..28db3b8fc62d1d4b07dfcd8cd954d96426c8d311 100644
--- a/chrome/browser/chromeos/extensions/file_manager/file_browser_private_api.cc
+++ b/chrome/browser/chromeos/extensions/file_manager/file_browser_private_api.cc
@@ -201,14 +201,6 @@ base::DictionaryValue* CreateValueFromMountPoint(Profile* profile,
   return mount_info;
 }
 
-// Gives the extension renderer |host| file |permissions| for the given |path|.
-void GrantFilePermissionsToHost(content::RenderViewHost* host,
-                                const base::FilePath& path,
-                                int permissions) {
-  ChildProcessSecurityPolicy::GetInstance()->GrantPermissionsForFile(
-      host->GetProcess()->GetID(), path, permissions);
-}
-
 void SetDriveMountPointPermissions(
     Profile* profile,
     const std::string& extension_id,
@@ -228,9 +220,8 @@ void SetDriveMountPointPermissions(
   const base::FilePath mount_point = drive::util::GetDriveMountPointPath();
   // Grant R/W permissions to drive 'folder'. File API layer still
   // expects this to be satisfied.
-  GrantFilePermissionsToHost(render_view_host,
-                             mount_point,
-                             file_handler_util::GetReadWritePermissions());
+  ChildProcessSecurityPolicy::GetInstance()->GrantReadWriteFile(
+      render_view_host->GetProcess()->GetID(), mount_point);
 
   base::FilePath mount_point_virtual;
   if (provider->GetVirtualPath(mount_point, &mount_point_virtual))
@@ -553,9 +544,8 @@ bool RequestFileSystemFunction::SetupFileSystemAccessPermissions(
   // extension for all paths exposed by our local file system provider.
   std::vector<base::FilePath> root_dirs = provider->GetRootDirectories();
   for (size_t i = 0; i < root_dirs.size(); ++i) {
-    ChildProcessSecurityPolicy::GetInstance()->GrantPermissionsForFile(
-        child_id, root_dirs[i],
-        file_handler_util::GetReadWritePermissions());
+    ChildProcessSecurityPolicy::GetInstance()->GrantReadWriteFile(
+        child_id, root_dirs[i]);
   }
   return true;
 }