| Index: sandbox/linux/services/credentials_unittest.cc
|
| diff --git a/sandbox/linux/services/credentials_unittest.cc b/sandbox/linux/services/credentials_unittest.cc
|
| index 5d1ebba62b80cb1875d2447ac29dc4f317f006e8..92f199a4bf036e1195c90e284d1cab0801c65bdc 100644
|
| --- a/sandbox/linux/services/credentials_unittest.cc
|
| +++ b/sandbox/linux/services/credentials_unittest.cc
|
| @@ -48,32 +48,20 @@ bool WorkingDirectoryIsRoot() {
|
| return true;
|
| }
|
|
|
| -// Give dynamic tools a simple thing to test.
|
| -TEST(Credentials, CreateAndDestroy) {
|
| - {
|
| - Credentials cred1;
|
| - (void) cred1;
|
| - }
|
| - scoped_ptr<Credentials> cred2(new Credentials);
|
| -}
|
| -
|
| SANDBOX_TEST(Credentials, DropAllCaps) {
|
| - Credentials creds;
|
| - CHECK(creds.DropAllCapabilities());
|
| - CHECK(!creds.HasAnyCapability());
|
| + CHECK(Credentials::DropAllCapabilities());
|
| + CHECK(!Credentials::HasAnyCapability());
|
| }
|
|
|
| SANDBOX_TEST(Credentials, GetCurrentCapString) {
|
| - Credentials creds;
|
| - CHECK(creds.DropAllCapabilities());
|
| + CHECK(Credentials::DropAllCapabilities());
|
| const char kNoCapabilityText[] = "=";
|
| - CHECK(*creds.GetCurrentCapString() == kNoCapabilityText);
|
| + CHECK(*Credentials::GetCurrentCapString() == kNoCapabilityText);
|
| }
|
|
|
| SANDBOX_TEST(Credentials, MoveToNewUserNS) {
|
| - Credentials creds;
|
| - CHECK(creds.DropAllCapabilities());
|
| - bool moved_to_new_ns = creds.MoveToNewUserNS();
|
| + CHECK(Credentials::DropAllCapabilities());
|
| + bool moved_to_new_ns = Credentials::MoveToNewUserNS();
|
| fprintf(stdout,
|
| "Unprivileged CLONE_NEWUSER supported: %s\n",
|
| moved_to_new_ns ? "true." : "false.");
|
| @@ -84,28 +72,26 @@ SANDBOX_TEST(Credentials, MoveToNewUserNS) {
|
| fflush(stdout);
|
| return;
|
| }
|
| - CHECK(creds.HasAnyCapability());
|
| - CHECK(creds.DropAllCapabilities());
|
| - CHECK(!creds.HasAnyCapability());
|
| + CHECK(Credentials::HasAnyCapability());
|
| + CHECK(Credentials::DropAllCapabilities());
|
| + CHECK(!Credentials::HasAnyCapability());
|
| }
|
|
|
| SANDBOX_TEST(Credentials, SupportsUserNS) {
|
| - Credentials creds;
|
| - CHECK(creds.DropAllCapabilities());
|
| + CHECK(Credentials::DropAllCapabilities());
|
| bool user_ns_supported = Credentials::SupportsNewUserNS();
|
| - bool moved_to_new_ns = creds.MoveToNewUserNS();
|
| + bool moved_to_new_ns = Credentials::MoveToNewUserNS();
|
| CHECK_EQ(user_ns_supported, moved_to_new_ns);
|
| }
|
|
|
| SANDBOX_TEST(Credentials, UidIsPreserved) {
|
| - Credentials creds;
|
| - CHECK(creds.DropAllCapabilities());
|
| + CHECK(Credentials::DropAllCapabilities());
|
| uid_t old_ruid, old_euid, old_suid;
|
| gid_t old_rgid, old_egid, old_sgid;
|
| PCHECK(0 == getresuid(&old_ruid, &old_euid, &old_suid));
|
| PCHECK(0 == getresgid(&old_rgid, &old_egid, &old_sgid));
|
| // Probably missing kernel support.
|
| - if (!creds.MoveToNewUserNS()) return;
|
| + if (!Credentials::MoveToNewUserNS()) return;
|
| uid_t new_ruid, new_euid, new_suid;
|
| PCHECK(0 == getresuid(&new_ruid, &new_euid, &new_suid));
|
| CHECK(old_ruid == new_ruid);
|
| @@ -119,27 +105,25 @@ SANDBOX_TEST(Credentials, UidIsPreserved) {
|
| CHECK(old_sgid == new_sgid);
|
| }
|
|
|
| -bool NewUserNSCycle(Credentials* creds) {
|
| - DCHECK(creds);
|
| - if (!creds->MoveToNewUserNS() ||
|
| - !creds->HasAnyCapability() ||
|
| - !creds->DropAllCapabilities() ||
|
| - creds->HasAnyCapability()) {
|
| +bool NewUserNSCycle() {
|
| + if (!Credentials::MoveToNewUserNS() ||
|
| + !Credentials::HasAnyCapability() ||
|
| + !Credentials::DropAllCapabilities() ||
|
| + Credentials::HasAnyCapability()) {
|
| return false;
|
| }
|
| return true;
|
| }
|
|
|
| SANDBOX_TEST(Credentials, NestedUserNS) {
|
| - Credentials creds;
|
| - CHECK(creds.DropAllCapabilities());
|
| + CHECK(Credentials::DropAllCapabilities());
|
| // Probably missing kernel support.
|
| - if (!creds.MoveToNewUserNS()) return;
|
| - CHECK(creds.DropAllCapabilities());
|
| + if (!Credentials::MoveToNewUserNS()) return;
|
| + CHECK(Credentials::DropAllCapabilities());
|
| // As of 3.12, the kernel has a limit of 32. See create_user_ns().
|
| const int kNestLevel = 10;
|
| for (int i = 0; i < kNestLevel; ++i) {
|
| - CHECK(NewUserNSCycle(&creds)) << "Creating new user NS failed at iteration "
|
| + CHECK(NewUserNSCycle()) << "Creating new user NS failed at iteration "
|
| << i << ".";
|
| }
|
| }
|
| @@ -153,11 +137,10 @@ TEST(Credentials, CanDetectRoot) {
|
| }
|
|
|
| SANDBOX_TEST(Credentials, DISABLE_ON_LSAN(DropFileSystemAccessIsSafe)) {
|
| - Credentials creds;
|
| - CHECK(creds.DropAllCapabilities());
|
| + CHECK(Credentials::DropAllCapabilities());
|
| // Probably missing kernel support.
|
| - if (!creds.MoveToNewUserNS()) return;
|
| - CHECK(creds.DropFileSystemAccess());
|
| + if (!Credentials::MoveToNewUserNS()) return;
|
| + CHECK(Credentials::DropFileSystemAccess());
|
| CHECK(!DirectoryExists("/proc"));
|
| CHECK(WorkingDirectoryIsRoot());
|
| // We want the chroot to never have a subdirectory. A subdirectory
|
| @@ -168,17 +151,16 @@ SANDBOX_TEST(Credentials, DISABLE_ON_LSAN(DropFileSystemAccessIsSafe)) {
|
| // Check that after dropping filesystem access and dropping privileges
|
| // it is not possible to regain capabilities.
|
| SANDBOX_TEST(Credentials, DISABLE_ON_LSAN(CannotRegainPrivileges)) {
|
| - Credentials creds;
|
| - CHECK(creds.DropAllCapabilities());
|
| + CHECK(Credentials::DropAllCapabilities());
|
| // Probably missing kernel support.
|
| - if (!creds.MoveToNewUserNS()) return;
|
| - CHECK(creds.DropFileSystemAccess());
|
| - CHECK(creds.DropAllCapabilities());
|
| + if (!Credentials::MoveToNewUserNS()) return;
|
| + CHECK(Credentials::DropFileSystemAccess());
|
| + CHECK(Credentials::DropAllCapabilities());
|
|
|
| // The kernel should now prevent us from regaining capabilities because we
|
| // are in a chroot.
|
| CHECK(!Credentials::SupportsNewUserNS());
|
| - CHECK(!creds.MoveToNewUserNS());
|
| + CHECK(!Credentials::MoveToNewUserNS());
|
| }
|
|
|
| } // namespace.
|
|
|
Chromium Code Reviews
Issue 851503003:
Update from https://crrev.com/311076 (Closed)
Base URL: git@github.com:domokit/mojo.git@master