| Index: sandbox/linux/services/credentials_unittest.cc
|
| diff --git a/sandbox/linux/services/credentials_unittest.cc b/sandbox/linux/services/credentials_unittest.cc
|
| index b95ba0bab273ebf4a11f165fd0dd8992b42edf72..661e096850f30c8ce6ae16e03055715754e71875 100644
|
| --- a/sandbox/linux/services/credentials_unittest.cc
|
| +++ b/sandbox/linux/services/credentials_unittest.cc
|
| @@ -145,11 +145,12 @@ SANDBOX_TEST(Credentials, CanDetectRoot) {
|
|
|
| // Disabled on ASAN because of crbug.com/451603.
|
| SANDBOX_TEST(Credentials, DISABLE_ON_ASAN(DropFileSystemAccessIsSafe)) {
|
| + CHECK(Credentials::HasFileSystemAccess());
|
| CHECK(Credentials::DropAllCapabilities());
|
| // Probably missing kernel support.
|
| if (!Credentials::MoveToNewUserNS()) return;
|
| CHECK(Credentials::DropFileSystemAccess(ProcUtil::OpenProc().get()));
|
| - CHECK(!base::DirectoryExists(base::FilePath("/proc")));
|
| + CHECK(!Credentials::HasFileSystemAccess());
|
| CHECK(WorkingDirectoryIsRoot());
|
| CHECK(base::IsDirectoryEmpty(base::FilePath("/")));
|
| // We want the chroot to never have a subdirectory. A subdirectory
|
|
|
Chromium Code Reviews
Issue 2357393003:
Add check for file system access to the sandbox. (Closed)
