Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(153)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/linux/services/credentials_unittest.cc

Issue 895853003: Update from https://crrev.com/314320 (Closed) Base URL: https://github.com/domokit/mojo.git@master
Patch Set: Created 5 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions_unittests.cc ('k') | sandbox/linux/services/namespace_sandbox.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "sandbox/linux/services/credentials.h" 5 #include "sandbox/linux/services/credentials.h"
6 6
7 #include <errno.h> 7 #include <errno.h>
8 #include <fcntl.h> 8 #include <fcntl.h>
9 #include <stdio.h> 9 #include <stdio.h>
10 #include <sys/stat.h> 10 #include <sys/stat.h>
(...skipping 112 matching lines...) Expand 10 before | Expand all | Expand 10 after
123 } 123 }
124 124
125 // Test the WorkingDirectoryIsRoot() helper. 125 // Test the WorkingDirectoryIsRoot() helper.
126 TEST(Credentials, CanDetectRoot) { 126 TEST(Credentials, CanDetectRoot) {
127 ASSERT_EQ(0, chdir("/proc/")); 127 ASSERT_EQ(0, chdir("/proc/"));
128 ASSERT_FALSE(WorkingDirectoryIsRoot()); 128 ASSERT_FALSE(WorkingDirectoryIsRoot());
129 ASSERT_EQ(0, chdir("/")); 129 ASSERT_EQ(0, chdir("/"));
130 ASSERT_TRUE(WorkingDirectoryIsRoot()); 130 ASSERT_TRUE(WorkingDirectoryIsRoot());
131 } 131 }
132 132
133 SANDBOX_TEST(Credentials, DISABLE_ON_LSAN(DropFileSystemAccessIsSafe)) { 133 // Disabled on ASAN because of crbug.com/451603.
134 SANDBOX_TEST(Credentials, DISABLE_ON_ASAN(DropFileSystemAccessIsSafe)) {
134 CHECK(Credentials::DropAllCapabilities()); 135 CHECK(Credentials::DropAllCapabilities());
135 // Probably missing kernel support. 136 // Probably missing kernel support.
136 if (!Credentials::MoveToNewUserNS()) return; 137 if (!Credentials::MoveToNewUserNS()) return;
137 CHECK(Credentials::DropFileSystemAccess()); 138 CHECK(Credentials::DropFileSystemAccess());
138 CHECK(!base::DirectoryExists(base::FilePath("/proc"))); 139 CHECK(!base::DirectoryExists(base::FilePath("/proc")));
139 CHECK(WorkingDirectoryIsRoot()); 140 CHECK(WorkingDirectoryIsRoot());
140 CHECK(base::IsDirectoryEmpty(base::FilePath("/"))); 141 CHECK(base::IsDirectoryEmpty(base::FilePath("/")));
141 // We want the chroot to never have a subdirectory. A subdirectory 142 // We want the chroot to never have a subdirectory. A subdirectory
142 // could allow a chroot escape. 143 // could allow a chroot escape.
143 CHECK_NE(0, mkdir("/test", 0700)); 144 CHECK_NE(0, mkdir("/test", 0700));
144 } 145 }
145 146
146 // Check that after dropping filesystem access and dropping privileges 147 // Check that after dropping filesystem access and dropping privileges
147 // it is not possible to regain capabilities. 148 // it is not possible to regain capabilities.
148 SANDBOX_TEST(Credentials, DISABLE_ON_LSAN(CannotRegainPrivileges)) { 149 SANDBOX_TEST(Credentials, DISABLE_ON_ASAN(CannotRegainPrivileges)) {
149 CHECK(Credentials::DropAllCapabilities()); 150 CHECK(Credentials::DropAllCapabilities());
150 // Probably missing kernel support. 151 // Probably missing kernel support.
151 if (!Credentials::MoveToNewUserNS()) return; 152 if (!Credentials::MoveToNewUserNS()) return;
152 CHECK(Credentials::DropFileSystemAccess()); 153 CHECK(Credentials::DropFileSystemAccess());
153 CHECK(Credentials::DropAllCapabilities()); 154 CHECK(Credentials::DropAllCapabilities());
154 155
155 // The kernel should now prevent us from regaining capabilities because we 156 // The kernel should now prevent us from regaining capabilities because we
156 // are in a chroot. 157 // are in a chroot.
157 CHECK(!Credentials::CanCreateProcessInNewUserNS()); 158 CHECK(!Credentials::CanCreateProcessInNewUserNS());
158 CHECK(!Credentials::MoveToNewUserNS()); 159 CHECK(!Credentials::MoveToNewUserNS());
159 } 160 }
160 161
161 } // namespace. 162 } // namespace.
162 163
163 } // namespace sandbox. 164 } // namespace sandbox.
OLDNEW
« no previous file with comments | « sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions_unittests.cc ('k') | sandbox/linux/services/namespace_sandbox.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698