content/browser/renderer_host/pepper/pepper_security_helper.cc - Issue 19723010: Pepper Message Filters: Port to use explicit permission grants in ChildProcessSecurityPolicy.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: content/browser/renderer_host/pepper/pepper_security_helper.cc

Issue 19723010: Pepper Message Filters: Port to use explicit permission grants in ChildProcessSecurityPolicy. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@0044-write-support-remove-child-process-security-policy-bitmask-usage

Patch Set: Created 7 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
(Empty)
	1 // Copyright 2013 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #include "content/browser/renderer_host/pepper/pepper_security_helper.h"

	6

	7 #include "base/logging.h"

	8 #include "ppapi/c/ppb_file_io.h"

	9

	10 namespace content {

	11

	12 bool CanOpenWithPepperFlags(int pp_open_flags, int child_id,

	13 const base::FilePath& file) {

	14 ChildProcessSecurityPolicyImpl* policy =

	15 ChildProcessSecurityPolicyImpl::GetInstance();

	16

	17 bool pp_read = !!(pp_open_flags & PP_FILEOPENFLAG_READ);

	18 bool pp_write = !!(pp_open_flags & PP_FILEOPENFLAG_WRITE);

	19 bool pp_create = !!(pp_open_flags & PP_FILEOPENFLAG_CREATE);

	20 bool pp_truncate = !!(pp_open_flags & PP_FILEOPENFLAG_TRUNCATE);

	21 bool pp_exclusive = !!(pp_open_flags & PP_FILEOPENFLAG_EXCLUSIVE);

	22 bool pp_append = !!(pp_open_flags & PP_FILEOPENFLAG_APPEND);

	23

	24 if (pp_read && !policy->CanReadFile(child_id, file))

	25 return false;

	26

	27 if (pp_write && !policy->CanWriteFile(child_id, file))

	28 return false;

	29

	30 if (pp_append) {

	31 // Given ChildSecurityPolicyImpl's current definition of permissions,

	32 // APPEND is never supported.

	33 return false;
	dmichael (off chromium) 2013/07/24 17:02:25 I don't think we can do this change until APPEND i I don't think we can do this change until APPEND is supported... we added support for append recently to our FileIO API: https://code.google.com/p/chromium/issues/detail?id=242383 Have you run browser_tests?
	34 }

	35

	36 if (pp_truncate && !pp_write)

	37 return false;

	38

	39 if (pp_create) {

	40 if (pp_exclusive) {

	41 return policy->CanCreateFile(child_id, file);

	42 } else {

	43 // Asks for too much, but this is the only grant that allows overwrite.

	44 return policy->CanCreateWriteFile(child_id, file);

	45 }

	46 } else if (pp_truncate) {

	47 return policy->CanCreateWriteFile(child_id, file);

	48 }

	49

	50 return true;

	51 }

	52

	53 } // namespace content

OLD	NEW