content/browser/renderer_host/pepper/pepper_security_helper.cc - Issue 19723010: Pepper Message Filters: Port to use explicit permission grants in ChildProcessSecurityPolicy.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: content/browser/renderer_host/pepper/pepper_security_helper.cc

Issue 19723010: Pepper Message Filters: Port to use explicit permission grants in ChildProcessSecurityPolicy. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@0044-write-support-remove-child-process-security-policy-bitmask-usage

Patch Set: Created 7 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
(Empty)
	1 // Copyright 2013 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #include "content/browser/renderer_host/pepper/pepper_security_helper.h"

	6

	7 #include "base/logging.h"

	8 #include "content/browser/child_process_security_policy_impl.h"

	9 #include "ppapi/c/ppb_file_io.h"

	10

	11 namespace content {

	12

	13 bool CanOpenWithPepperFlags(int pp_open_flags, int child_id,

	14 const base::FilePath& file) {

	15 ChildProcessSecurityPolicyImpl* policy =

	16 ChildProcessSecurityPolicyImpl::GetInstance();

	17

	18 bool pp_read = !!(pp_open_flags & PP_FILEOPENFLAG_READ);

	19 bool pp_write = !!(pp_open_flags & PP_FILEOPENFLAG_WRITE);

	20 bool pp_create = !!(pp_open_flags & PP_FILEOPENFLAG_CREATE);

	21 bool pp_truncate = !!(pp_open_flags & PP_FILEOPENFLAG_TRUNCATE);

	22 bool pp_exclusive = !!(pp_open_flags & PP_FILEOPENFLAG_EXCLUSIVE);

	23 bool pp_append = !!(pp_open_flags & PP_FILEOPENFLAG_APPEND);

	24

	25 if (pp_read && !policy->CanReadFile(child_id, file))

	26 return false;

	27

	28 if (pp_write && !policy->CanWriteFile(child_id, file))

	29 return false;

	30

	31 if (pp_append) {

	32 // Given ChildSecurityPolicyImpl's current definition of permissions,

	33 // APPEND is never supported.

	34 return false;

	35 }

	36

	37 if (pp_truncate && !pp_write)

	38 return false;

	39

	40 if (pp_create) {

	41 if (pp_exclusive) {

	42 return policy->CanCreateFile(child_id, file);

	43 } else {

	44 // Asks for too much, but this is the only grant that allows overwrite.

	45 return policy->CanCreateWriteFile(child_id, file);

	46 }

	47 } else if (pp_truncate) {

	48 return policy->CanCreateWriteFile(child_id, file);

	49 }

	50

	51 return true;

	52 }

	53

	54 } // namespace content

OLD	NEW