Revert 237242 "Linux sandbox: move CurrentProcessHasOpenDirectories"

trunk/src/sandbox/linux/services/credentials.cc

 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "sandbox/linux/services/credentials.h"
 
-#include <dirent.h>
 #include <errno.h>
-#include <fcntl.h>
 #include <stdio.h>
 #include <sys/capability.h>
-#include <sys/stat.h>
-#include <sys/types.h>
 #include <unistd.h>
 
 #include "base/basictypes.h"
 #include "base/bind.h"
 #include "base/logging.h"
 #include "base/strings/string_number_conversions.h"
 #include "base/template_util.h"
 #include "base/threading/thread.h"
 
 namespace {
@@ skipping 22 matching lines @@
   inline void operator()(FILE* f) const {
     DCHECK(f);
     PCHECK(0 == fclose(f));
   }
 };
 
 // Don't use ScopedFILE in base/file_util.h since it doesn't check fclose().
 // TODO(jln): fix base/.
 typedef scoped_ptr<FILE, FILECloser> ScopedFILE;
 
-struct DIRCloser {
-  void operator()(DIR* d) const {
-    DCHECK(d);
-    PCHECK(0 == closedir(d));
-  }
-};
-
-typedef scoped_ptr<DIR, DIRCloser> ScopedDIR;
-
 COMPILE_ASSERT((base::is_same<uid_t, gid_t>::value), UidAndGidAreSameType);
 // generic_id_t can be used for either uid_t or gid_t.
 typedef uid_t generic_id_t;
 
 // Write a uid or gid mapping from |id| to |id| in |map_file|.
 bool WriteToIdMapFile(const char* map_file, generic_id_t id) {
   ScopedFILE f(fopen(map_file, "w"));
   PCHECK(f);
   const uid_t inside_id = id;
   const uid_t outside_id = id;
@@ skipping 74 matching lines @@
 }  // namespace.
 
 namespace sandbox {
 
 Credentials::Credentials() {
 }
 
 Credentials::~Credentials() {
 }
 
-bool Credentials::HasOpenDirectory(int proc_fd) {
-  int proc_self_fd = -1;
-  if (proc_fd >= 0) {
-    proc_self_fd = openat(proc_fd, "self/fd", O_DIRECTORY | O_RDONLY);
-  } else {
-    proc_self_fd = openat(AT_FDCWD, "/proc/self/fd", O_DIRECTORY | O_RDONLY);
-    if (proc_self_fd < 0) {
-      // If not available, guess false.
-      // TODO(mostynb@opera.com): add a CHECK_EQ(ENOENT, errno); Figure out what
-      // other situations are here. http://crbug.com/314985
-      return false;
-    }
-  }
-  CHECK_GE(proc_self_fd, 0);
-
-  // Ownership of proc_self_fd is transferred here, it must not be closed
-  // or modified afterwards except via dir.
-  ScopedDIR dir(fdopendir(proc_self_fd));
-  CHECK(dir);
-
-  struct dirent e;
-  struct dirent* de;
-  while (!readdir_r(dir.get(), &e, &de) && de) {
-    if (strcmp(e.d_name, ".") == 0 || strcmp(e.d_name, "..") == 0) {
-      continue;
-    }
-
-    int fd_num;
-    CHECK(base::StringToInt(e.d_name, &fd_num));
-    if (fd_num == proc_fd || fd_num == proc_self_fd) {
-      continue;
-    }
-
-    struct stat s;
-    // It's OK to use proc_self_fd here, fstatat won't modify it.
-    CHECK(fstatat(proc_self_fd, e.d_name, &s, 0) == 0);
-    if (S_ISDIR(s.st_mode)) {
-      return true;
-    }
-  }
-
-  // No open unmanaged directories found.
-  return false;
-}
-
 bool Credentials::DropAllCapabilities() {
   ScopedCap cap(cap_init());
   CHECK(cap);
   PCHECK(0 == cap_set_proc(cap.get()));
   // We never let this function fail.
   return true;
 }
 
 bool Credentials::HasAnyCapability() const {
   ScopedCap current_cap(cap_get_proc());
@@ skipping 36 matching lines @@
   DCHECK(GetRESIds(NULL, NULL));
   const char kGidMapFile[] = "/proc/self/gid_map";
   const char kUidMapFile[] = "/proc/self/uid_map";
   CHECK(WriteToIdMapFile(kGidMapFile, gid));
   CHECK(WriteToIdMapFile(kUidMapFile, uid));
   DCHECK(GetRESIds(NULL, NULL));
   return true;
 }
 
 bool Credentials::DropFileSystemAccess() {
-  // Chrooting to a safe empty dir will only be safe if no directory file
-  // descriptor is available to the process.
-  DCHECK(!HasOpenDirectory(-1));
   return ChrootToSafeEmptyDir();
 }
 
 }  // namespace sandbox.