content/browser/renderer_host/render_view_host_impl.cc - Issue 18129002: Update the child process security policy to use explicit permission grants.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: content/browser/renderer_host/render_view_host_impl.cc

Issue 18129002: Update the child process security policy to use explicit permission grants. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Rebase to head Created 7 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« no previous file with comments | « content/browser/renderer_host/render_view_host_impl.h ('k') | content/browser/renderer_host/render_view_host_unittest.cc » ('j') | content/public/browser/child_process_security_policy.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: content/browser/renderer_host/render_view_host_impl.cc

diff --git a/content/browser/renderer_host/render_view_host_impl.cc b/content/browser/renderer_host/render_view_host_impl.cc

index c2b058414bca4b3b6057ddfb37cef3ec8558145d..3262ce1ee0bb1cadbdb87541b4273e9bbf53e7f0 100644

--- a/content/browser/renderer_host/render_view_host_impl.cc

+++ b/content/browser/renderer_host/render_view_host_impl.cc

@@ -834,12 +834,18 @@ void RenderViewHostImpl::SetInitialFocus(bool reverse) {

void RenderViewHostImpl::FilesSelectedInChooser(

const std::vector<ui::SelectedFileInfo>& files,

- int permissions) {

+ RenderViewHost::FileSelectionPermissions permissions) {

// Grant the security access requested to the given files.

for (size_t i = 0; i < files.size(); ++i) {

const ui::SelectedFileInfo& file = files[i];

- ChildProcessSecurityPolicyImpl::GetInstance()->GrantPermissionsForFile(

- GetProcess()->GetID(), file.local_path, permissions);

+ if (permissions == RenderViewHost::FILE_PERMISSION_READ_ONLY) {

+ ChildProcessSecurityPolicyImpl::GetInstance()->GrantReadFile(

+ GetProcess()->GetID(), file.local_path);

+ }

+ if (permissions == RenderViewHost::FILE_PERMISSION_WRITE) {

Tom Sepez 2013/07/09 18:52:50 nit: else if

Greg Billock 2013/07/09 21:09:50 Done.

+ ChildProcessSecurityPolicyImpl::GetInstance()->GrantCreateWriteFile(

+ GetProcess()->GetID(), file.local_path);

+ }

}

Send(new ViewMsg_RunFileChooserResponse(GetRoutingID(), files));

}