sandbox/linux/services/credentials_unittest.cc - Issue 835623005: Remove the open directory fd check.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: sandbox/linux/services/credentials_unittest.cc

Issue 835623005: Remove the open directory fd check. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Respond to comments. Created 5 years, 11 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: sandbox/linux/services/credentials_unittest.cc

diff --git a/sandbox/linux/services/credentials_unittest.cc b/sandbox/linux/services/credentials_unittest.cc

index 5951d4ab73a1d7dc3609ec3c9cf763d8f091d0b4..5d1ebba62b80cb1875d2447ac29dc4f317f006e8 100644

--- a/sandbox/linux/services/credentials_unittest.cc

+++ b/sandbox/linux/services/credentials_unittest.cc

@@ -72,7 +72,7 @@ SANDBOX_TEST(Credentials, GetCurrentCapString) {

SANDBOX_TEST(Credentials, MoveToNewUserNS) {

Credentials creds;

- creds.DropAllCapabilities();

+ CHECK(creds.DropAllCapabilities());

bool moved_to_new_ns = creds.MoveToNewUserNS();

fprintf(stdout,

"Unprivileged CLONE_NEWUSER supported: %s\n",

@@ -85,13 +85,13 @@ SANDBOX_TEST(Credentials, MoveToNewUserNS) {

return;

}

CHECK(creds.HasAnyCapability());

- creds.DropAllCapabilities();

+ CHECK(creds.DropAllCapabilities());

CHECK(!creds.HasAnyCapability());

}

SANDBOX_TEST(Credentials, SupportsUserNS) {

Credentials creds;

- creds.DropAllCapabilities();

+ CHECK(creds.DropAllCapabilities());

bool user_ns_supported = Credentials::SupportsNewUserNS();

bool moved_to_new_ns = creds.MoveToNewUserNS();

CHECK_EQ(user_ns_supported, moved_to_new_ns);

@@ -99,7 +99,7 @@ SANDBOX_TEST(Credentials, SupportsUserNS) {

SANDBOX_TEST(Credentials, UidIsPreserved) {

Credentials creds;

- creds.DropAllCapabilities();

+ CHECK(creds.DropAllCapabilities());

uid_t old_ruid, old_euid, old_suid;

gid_t old_rgid, old_egid, old_sgid;

PCHECK(0 == getresuid(&old_ruid, &old_euid, &old_suid));

@@ -135,7 +135,7 @@ SANDBOX_TEST(Credentials, NestedUserNS) {

CHECK(creds.DropAllCapabilities());

// Probably missing kernel support.

if (!creds.MoveToNewUserNS()) return;

- creds.DropAllCapabilities();

+ CHECK(creds.DropAllCapabilities());

// As of 3.12, the kernel has a limit of 32. See create_user_ns().

const int kNestLevel = 10;

for (int i = 0; i < kNestLevel; ++i) {

« no previous file with comments | « sandbox/linux/services/credentials.cc ('k') | no next file » | no next file with comments »