Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(452)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/linux/suid/client/setuid_sandbox_host_unittest.cc

Issue 877153005: sandbox: extract SetuidSandboxHost code from SetuidSandboxClient (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Respond to rickyz feedback Created 5 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« sandbox/linux/suid/client/setuid_sandbox_host.cc ('K') | « sandbox/linux/suid/client/setuid_sandbox_host.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
jln (very slow on Chromium) 2015/02/04 23:28:24 2015
mdempsky 2015/02/05 03:02:08 Done.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "sandbox/linux/suid/client/setuid_sandbox_host.h"
6
hidehiko 2015/02/04 15:40:05 nit: Following the source code, maybe #include <st
mdempsky 2015/02/05 03:02:08 Done.
5 #include "base/environment.h" 7 #include "base/environment.h"
6 #include "base/logging.h" 8 #include "base/logging.h"
7 #include "base/memory/scoped_ptr.h" 9 #include "base/memory/scoped_ptr.h"
8 #include "base/strings/string_number_conversions.h" 10 #include "base/strings/string_number_conversions.h"
9 #include "sandbox/linux/suid/client/setuid_sandbox_client.h"
10 #include "sandbox/linux/suid/common/sandbox.h" 11 #include "sandbox/linux/suid/common/sandbox.h"
11 #include "testing/gtest/include/gtest/gtest.h" 12 #include "testing/gtest/include/gtest/gtest.h"
12 13
13 namespace sandbox { 14 namespace sandbox {
14 15
15 TEST(SetuidSandboxClient, SetupLaunchEnvironment) { 16 TEST(SetuidSandboxHost, SetupLaunchEnvironment) {
16 const char kTestValue[] = "This is a test"; 17 const char kTestValue[] = "This is a test";
17 scoped_ptr<base::Environment> env(base::Environment::Create()); 18 scoped_ptr<base::Environment> env(base::Environment::Create());
18 EXPECT_TRUE(env != NULL); 19 EXPECT_TRUE(env != NULL);
19 20
20 std::string saved_ld_preload; 21 std::string saved_ld_preload;
21 bool environment_had_ld_preload; 22 bool environment_had_ld_preload;
22 // First, back-up the real LD_PRELOAD if any. 23 // First, back-up the real LD_PRELOAD if any.
23 environment_had_ld_preload = env->GetVar("LD_PRELOAD", &saved_ld_preload); 24 environment_had_ld_preload = env->GetVar("LD_PRELOAD", &saved_ld_preload);
24 // Setup environment variables to save or not save. 25 // Setup environment variables to save or not save.
25 EXPECT_TRUE(env->SetVar("LD_PRELOAD", kTestValue)); 26 EXPECT_TRUE(env->SetVar("LD_PRELOAD", kTestValue));
26 EXPECT_TRUE(env->UnSetVar("LD_ORIGIN_PATH")); 27 EXPECT_TRUE(env->UnSetVar("LD_ORIGIN_PATH"));
27 28
28 scoped_ptr<SetuidSandboxClient> 29 scoped_ptr<SetuidSandboxHost>
29 sandbox_client(SetuidSandboxClient::Create()); 30 sandbox_host(SetuidSandboxHost::Create());
30 EXPECT_TRUE(sandbox_client != NULL); 31 EXPECT_TRUE(sandbox_host != NULL);
31 32
32 // Make sure the environment is clean. 33 // Make sure the environment is clean.
33 EXPECT_TRUE(env->UnSetVar(kSandboxEnvironmentApiRequest)); 34 EXPECT_TRUE(env->UnSetVar(kSandboxEnvironmentApiRequest));
34 EXPECT_TRUE(env->UnSetVar(kSandboxEnvironmentApiProvides)); 35 EXPECT_TRUE(env->UnSetVar(kSandboxEnvironmentApiProvides));
35 36
36 sandbox_client->SetupLaunchEnvironment(); 37 sandbox_host->SetupLaunchEnvironment();
37 38
38 // Check if the requested API environment was set. 39 // Check if the requested API environment was set.
39 std::string api_request; 40 std::string api_request;
40 EXPECT_TRUE(env->GetVar(kSandboxEnvironmentApiRequest, &api_request)); 41 EXPECT_TRUE(env->GetVar(kSandboxEnvironmentApiRequest, &api_request));
41 int api_request_num; 42 int api_request_num;
42 EXPECT_TRUE(base::StringToInt(api_request, &api_request_num)); 43 EXPECT_TRUE(base::StringToInt(api_request, &api_request_num));
43 EXPECT_EQ(api_request_num, kSUIDSandboxApiNumber); 44 EXPECT_EQ(api_request_num, kSUIDSandboxApiNumber);
44 45
45 // Now check if LD_PRELOAD was saved to SANDBOX_LD_PRELOAD. 46 // Now check if LD_PRELOAD was saved to SANDBOX_LD_PRELOAD.
46 std::string sandbox_ld_preload; 47 std::string sandbox_ld_preload;
47 EXPECT_TRUE(env->GetVar("SANDBOX_LD_PRELOAD", &sandbox_ld_preload)); 48 EXPECT_TRUE(env->GetVar("SANDBOX_LD_PRELOAD", &sandbox_ld_preload));
48 EXPECT_EQ(sandbox_ld_preload, kTestValue); 49 EXPECT_EQ(sandbox_ld_preload, kTestValue);
49 50
50 // Check that LD_ORIGIN_PATH was not saved. 51 // Check that LD_ORIGIN_PATH was not saved.
51 EXPECT_FALSE(env->HasVar("SANDBOX_LD_ORIGIN_PATH")); 52 EXPECT_FALSE(env->HasVar("SANDBOX_LD_ORIGIN_PATH"));
52 53
53 // We should not forget to restore LD_PRELOAD at the end, or this environment 54 // We should not forget to restore LD_PRELOAD at the end, or this environment
54 // variable will affect the next running tests! 55 // variable will affect the next running tests!
55 if (environment_had_ld_preload) { 56 if (environment_had_ld_preload) {
56 EXPECT_TRUE(env->SetVar("LD_PRELOAD", saved_ld_preload)); 57 EXPECT_TRUE(env->SetVar("LD_PRELOAD", saved_ld_preload));
57 } else { 58 } else {
58 EXPECT_TRUE(env->UnSetVar("LD_PRELOAD")); 59 EXPECT_TRUE(env->UnSetVar("LD_PRELOAD"));
59 } 60 }
60 } 61 }
61 62
62 TEST(SetuidSandboxClient, SandboxedClientAPI) {
63 scoped_ptr<base::Environment> env(base::Environment::Create());
64 EXPECT_TRUE(env != NULL);
65
66 scoped_ptr<SetuidSandboxClient>
67 sandbox_client(SetuidSandboxClient::Create());
68 EXPECT_TRUE(sandbox_client != NULL);
69
70 // Set-up a fake environment as if we went through the setuid sandbox.
71 EXPECT_TRUE(env->SetVar(kSandboxEnvironmentApiProvides,
72 base::IntToString(kSUIDSandboxApiNumber)));
73 EXPECT_TRUE(env->SetVar(kSandboxDescriptorEnvironmentVarName, "1"));
74 EXPECT_TRUE(env->SetVar(kSandboxPIDNSEnvironmentVarName, "1"));
75 EXPECT_TRUE(env->UnSetVar(kSandboxNETNSEnvironmentVarName));
76
77 // Check the API.
78 EXPECT_TRUE(sandbox_client->IsSuidSandboxUpToDate());
79 EXPECT_TRUE(sandbox_client->IsSuidSandboxChild());
80 EXPECT_TRUE(sandbox_client->IsInNewPIDNamespace());
81 EXPECT_FALSE(sandbox_client->IsInNewNETNamespace());
82
83 // Forge an incorrect API version and check.
84 EXPECT_TRUE(env->SetVar(kSandboxEnvironmentApiProvides,
85 base::IntToString(kSUIDSandboxApiNumber + 1)));
86 EXPECT_FALSE(sandbox_client->IsSuidSandboxUpToDate());
87 // We didn't go through the actual sandboxing mechanism as it is
88 // very hard in a unit test.
89 EXPECT_FALSE(sandbox_client->IsSandboxed());
90 }
91
92 // This test doesn't accomplish much, but will make sure that analysis tools 63 // This test doesn't accomplish much, but will make sure that analysis tools
93 // will run this codepath. 64 // will run this codepath.
94 TEST(SetuidSandboxClient, GetSandboxBinaryPath) { 65 TEST(SetuidSandboxHost, GetSandboxBinaryPath) {
95 scoped_ptr<SetuidSandboxClient> setuid_sandbox_client( 66 scoped_ptr<SetuidSandboxHost> setuid_sandbox_host(
96 SetuidSandboxClient::Create()); 67 SetuidSandboxHost::Create());
97 ignore_result(setuid_sandbox_client->GetSandboxBinaryPath()); 68 ignore_result(setuid_sandbox_host->GetSandboxBinaryPath());
98 } 69 }
99 70
100 } // namespace sandbox 71 } // namespace sandbox
101 72
OLDNEW
« sandbox/linux/suid/client/setuid_sandbox_host.cc ('K') | « sandbox/linux/suid/client/setuid_sandbox_host.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698