Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(64)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/common/sandbox_mac_system_access_unittest.mm

Issue 197873014: Revert of Implement ScopedFD in terms of ScopedGeneric. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 6 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « content/common/sandbox_mac.mm ('k') | ipc/ipc_channel_factory.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #import <Cocoa/Cocoa.h> 5 #import <Cocoa/Cocoa.h>
6 6
7 #include "base/file_util.h" 7 #include "base/file_util.h"
8 #include "base/files/scoped_file.h"
9 #include "base/logging.h" 8 #include "base/logging.h"
10 #include "base/strings/sys_string_conversions.h" 9 #include "base/strings/sys_string_conversions.h"
11 #include "content/common/sandbox_mac.h" 10 #include "content/common/sandbox_mac.h"
12 #include "content/common/sandbox_mac_unittest_helper.h" 11 #include "content/common/sandbox_mac_unittest_helper.h"
13 #include "crypto/nss_util.h" 12 #include "crypto/nss_util.h"
14 #include "testing/gtest/include/gtest/gtest.h" 13 #include "testing/gtest/include/gtest/gtest.h"
15 14
16 namespace content { 15 namespace content {
17 16
18 //--------------------- Clipboard Sandboxing ---------------------- 17 //--------------------- Clipboard Sandboxing ----------------------
(...skipping 61 matching lines...) Expand 10 before | Expand all | Expand 10 after
80 //--------------------- File Access Sandboxing ---------------------- 79 //--------------------- File Access Sandboxing ----------------------
81 // Test case for checking sandboxing of filesystem apis. 80 // Test case for checking sandboxing of filesystem apis.
82 class MacSandboxedFileAccessTestCase : public MacSandboxTestCase { 81 class MacSandboxedFileAccessTestCase : public MacSandboxTestCase {
83 public: 82 public:
84 virtual bool SandboxedTest() OVERRIDE; 83 virtual bool SandboxedTest() OVERRIDE;
85 }; 84 };
86 85
87 REGISTER_SANDBOX_TEST_CASE(MacSandboxedFileAccessTestCase); 86 REGISTER_SANDBOX_TEST_CASE(MacSandboxedFileAccessTestCase);
88 87
89 bool MacSandboxedFileAccessTestCase::SandboxedTest() { 88 bool MacSandboxedFileAccessTestCase::SandboxedTest() {
90 base::ScopedFD fdes(open("/etc/passwd", O_RDONLY)); 89 int fdes = open("/etc/passwd", O_RDONLY);
91 return !fdes.is_valid(); 90 file_util::ScopedFD file_closer(&fdes);
91 return fdes == -1;
92 } 92 }
93 93
94 TEST_F(MacSandboxTest, FileAccess) { 94 TEST_F(MacSandboxTest, FileAccess) {
95 EXPECT_TRUE(RunTestInAllSandboxTypes("MacSandboxedFileAccessTestCase", NULL)); 95 EXPECT_TRUE(RunTestInAllSandboxTypes("MacSandboxedFileAccessTestCase", NULL));
96 } 96 }
97 97
98 //--------------------- /dev/urandom Sandboxing ---------------------- 98 //--------------------- /dev/urandom Sandboxing ----------------------
99 // /dev/urandom is available to any sandboxed process. 99 // /dev/urandom is available to any sandboxed process.
100 class MacSandboxedUrandomTestCase : public MacSandboxTestCase { 100 class MacSandboxedUrandomTestCase : public MacSandboxTestCase {
101 public: 101 public:
102 virtual bool SandboxedTest() OVERRIDE; 102 virtual bool SandboxedTest() OVERRIDE;
103 }; 103 };
104 104
105 REGISTER_SANDBOX_TEST_CASE(MacSandboxedUrandomTestCase); 105 REGISTER_SANDBOX_TEST_CASE(MacSandboxedUrandomTestCase);
106 106
107 bool MacSandboxedUrandomTestCase::SandboxedTest() { 107 bool MacSandboxedUrandomTestCase::SandboxedTest() {
108 base::ScopedFD fdes(open("/dev/urandom", O_RDONLY)); 108 int fdes = open("/dev/urandom", O_RDONLY);
109 file_util::ScopedFD file_closer(&fdes);
109 110
110 // Opening /dev/urandom succeeds under the sandbox. 111 // Opening /dev/urandom succeeds under the sandbox.
111 if (!fdes.is_valid()) 112 if (fdes == -1)
112 return false; 113 return false;
113 114
114 char buf[16]; 115 char buf[16];
115 int rc = read(fdes.get(), buf, sizeof(buf)); 116 int rc = read(fdes, buf, sizeof(buf));
116 return rc == sizeof(buf); 117 return rc == sizeof(buf);
117 } 118 }
118 119
119 TEST_F(MacSandboxTest, UrandomAccess) { 120 TEST_F(MacSandboxTest, UrandomAccess) {
120 EXPECT_TRUE(RunTestInAllSandboxTypes("MacSandboxedUrandomTestCase", NULL)); 121 EXPECT_TRUE(RunTestInAllSandboxTypes("MacSandboxedUrandomTestCase", NULL));
121 } 122 }
122 123
123 //--------------------- NSS Sandboxing ---------------------- 124 //--------------------- NSS Sandboxing ----------------------
124 // Test case for checking sandboxing of NSS initialization. 125 // Test case for checking sandboxing of NSS initialization.
125 class MacSandboxedNSSTestCase : public MacSandboxTestCase { 126 class MacSandboxedNSSTestCase : public MacSandboxTestCase {
126 public: 127 public:
127 virtual bool SandboxedTest() OVERRIDE; 128 virtual bool SandboxedTest() OVERRIDE;
128 }; 129 };
129 130
130 REGISTER_SANDBOX_TEST_CASE(MacSandboxedNSSTestCase); 131 REGISTER_SANDBOX_TEST_CASE(MacSandboxedNSSTestCase);
131 132
132 bool MacSandboxedNSSTestCase::SandboxedTest() { 133 bool MacSandboxedNSSTestCase::SandboxedTest() {
133 // If NSS cannot read from /dev/urandom, NSS initialization will call abort(), 134 // If NSS cannot read from /dev/urandom, NSS initialization will call abort(),
134 // which will cause this test case to fail. 135 // which will cause this test case to fail.
135 crypto::ForceNSSNoDBInit(); 136 crypto::ForceNSSNoDBInit();
136 crypto::EnsureNSSInit(); 137 crypto::EnsureNSSInit();
137 return true; 138 return true;
138 } 139 }
139 140
140 TEST_F(MacSandboxTest, NSSAccess) { 141 TEST_F(MacSandboxTest, NSSAccess) {
141 EXPECT_TRUE(RunTestInAllSandboxTypes("MacSandboxedNSSTestCase", NULL)); 142 EXPECT_TRUE(RunTestInAllSandboxTypes("MacSandboxedNSSTestCase", NULL));
142 } 143 }
143 144
144 } // namespace content 145 } // namespace content
OLDNEW
« no previous file with comments | « content/common/sandbox_mac.mm ('k') | ipc/ipc_channel_factory.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698