OLD | NEW |
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "sandbox/linux/services/credentials.h" | 5 #include "sandbox/linux/services/credentials.h" |
6 | 6 |
7 #include <errno.h> | 7 #include <errno.h> |
8 #include <signal.h> | 8 #include <signal.h> |
9 #include <stdio.h> | 9 #include <stdio.h> |
10 #include <sys/capability.h> | 10 #include <sys/capability.h> |
(...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
52 inline void operator()(FILE* f) const { | 52 inline void operator()(FILE* f) const { |
53 DCHECK(f); | 53 DCHECK(f); |
54 PCHECK(0 == fclose(f)); | 54 PCHECK(0 == fclose(f)); |
55 } | 55 } |
56 }; | 56 }; |
57 | 57 |
58 // Don't use ScopedFILE in base since it doesn't check fclose(). | 58 // Don't use ScopedFILE in base since it doesn't check fclose(). |
59 // TODO(jln): fix base/. | 59 // TODO(jln): fix base/. |
60 typedef scoped_ptr<FILE, FILECloser> ScopedFILE; | 60 typedef scoped_ptr<FILE, FILECloser> ScopedFILE; |
61 | 61 |
62 COMPILE_ASSERT((base::is_same<uid_t, gid_t>::value), UidAndGidAreSameType); | 62 static_assert((base::is_same<uid_t, gid_t>::value), |
| 63 "uid_t and gid_t should be the same type"); |
63 // generic_id_t can be used for either uid_t or gid_t. | 64 // generic_id_t can be used for either uid_t or gid_t. |
64 typedef uid_t generic_id_t; | 65 typedef uid_t generic_id_t; |
65 | 66 |
66 // Write a uid or gid mapping from |id| to |id| in |map_file|. | 67 // Write a uid or gid mapping from |id| to |id| in |map_file|. |
67 bool WriteToIdMapFile(const char* map_file, generic_id_t id) { | 68 bool WriteToIdMapFile(const char* map_file, generic_id_t id) { |
68 ScopedFILE f(fopen(map_file, "w")); | 69 ScopedFILE f(fopen(map_file, "w")); |
69 PCHECK(f); | 70 PCHECK(f); |
70 const uid_t inside_id = id; | 71 const uid_t inside_id = id; |
71 const uid_t outside_id = id; | 72 const uid_t outside_id = id; |
72 int num = fprintf(f.get(), "%d %d 1\n", inside_id, outside_id); | 73 int num = fprintf(f.get(), "%d %d 1\n", inside_id, outside_id); |
(...skipping 21 matching lines...) Expand all Loading... |
94 if (resuid) *resuid = euid; | 95 if (resuid) *resuid = euid; |
95 if (resgid) *resgid = egid; | 96 if (resgid) *resgid = egid; |
96 return true; | 97 return true; |
97 } | 98 } |
98 | 99 |
99 // chroot() and chdir() to /proc/<tid>/fdinfo. | 100 // chroot() and chdir() to /proc/<tid>/fdinfo. |
100 void ChrootToThreadFdInfo(base::PlatformThreadId tid, bool* result) { | 101 void ChrootToThreadFdInfo(base::PlatformThreadId tid, bool* result) { |
101 DCHECK(result); | 102 DCHECK(result); |
102 *result = false; | 103 *result = false; |
103 | 104 |
104 COMPILE_ASSERT((base::is_same<base::PlatformThreadId, int>::value), | 105 static_assert((base::is_same<base::PlatformThreadId, int>::value), |
105 TidIsAnInt); | 106 "platform thread id should be an int"); |
106 const std::string current_thread_fdinfo = "/proc/" + | 107 const std::string current_thread_fdinfo = "/proc/" + |
107 base::IntToString(tid) + "/fdinfo/"; | 108 base::IntToString(tid) + "/fdinfo/"; |
108 | 109 |
109 // Make extra sure that /proc/<tid>/fdinfo is unique to the thread. | 110 // Make extra sure that /proc/<tid>/fdinfo is unique to the thread. |
110 CHECK(0 == unshare(CLONE_FILES)); | 111 CHECK(0 == unshare(CLONE_FILES)); |
111 int chroot_ret = chroot(current_thread_fdinfo.c_str()); | 112 int chroot_ret = chroot(current_thread_fdinfo.c_str()); |
112 if (chroot_ret) { | 113 if (chroot_ret) { |
113 PLOG(ERROR) << "Could not chroot"; | 114 PLOG(ERROR) << "Could not chroot"; |
114 return; | 115 return; |
115 } | 116 } |
(...skipping 132 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
248 } | 249 } |
249 | 250 |
250 bool Credentials::DropFileSystemAccess() { | 251 bool Credentials::DropFileSystemAccess() { |
251 // Chrooting to a safe empty dir will only be safe if no directory file | 252 // Chrooting to a safe empty dir will only be safe if no directory file |
252 // descriptor is available to the process. | 253 // descriptor is available to the process. |
253 DCHECK(!ProcUtil::HasOpenDirectory(-1)); | 254 DCHECK(!ProcUtil::HasOpenDirectory(-1)); |
254 return ChrootToSafeEmptyDir(); | 255 return ChrootToSafeEmptyDir(); |
255 } | 256 } |
256 | 257 |
257 } // namespace sandbox. | 258 } // namespace sandbox. |
OLD | NEW |