| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/child_process_security_policy_impl.h" | 5 #include "content/browser/child_process_security_policy_impl.h" |
| 6 | 6 |
| 7 #include "base/file_path.h" | 7 #include "base/file_path.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "base/metrics/histogram.h" | 9 #include "base/metrics/histogram.h" |
| 10 #include "base/platform_file.h" | 10 #include "base/platform_file.h" |
| (...skipping 381 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 392 state->second->RevokeAllPermissionsForFile(file); | 392 state->second->RevokeAllPermissionsForFile(file); |
| 393 } | 393 } |
| 394 | 394 |
| 395 void ChildProcessSecurityPolicyImpl::GrantReadFileSystem( | 395 void ChildProcessSecurityPolicyImpl::GrantReadFileSystem( |
| 396 int child_id, const std::string& filesystem_id) { | 396 int child_id, const std::string& filesystem_id) { |
| 397 GrantPermissionsForFileSystem(child_id, filesystem_id, kReadFilePermissions); | 397 GrantPermissionsForFileSystem(child_id, filesystem_id, kReadFilePermissions); |
| 398 } | 398 } |
| 399 | 399 |
| 400 void ChildProcessSecurityPolicyImpl::GrantReadWriteFileSystem( | 400 void ChildProcessSecurityPolicyImpl::GrantReadWriteFileSystem( |
| 401 int child_id, const std::string& filesystem_id) { | 401 int child_id, const std::string& filesystem_id) { |
| 402 fileapi::IsolatedContext::GetInstance()->SetWritable(filesystem_id, true); |
| 402 GrantPermissionsForFileSystem(child_id, filesystem_id, | 403 GrantPermissionsForFileSystem(child_id, filesystem_id, |
| 403 kReadFilePermissions | | 404 kReadFilePermissions | |
| 404 kWriteFilePermissions); | 405 kWriteFilePermissions); |
| 405 } | 406 } |
| 406 | 407 |
| 407 void ChildProcessSecurityPolicyImpl::GrantScheme(int child_id, | 408 void ChildProcessSecurityPolicyImpl::GrantScheme(int child_id, |
| 408 const std::string& scheme) { | 409 const std::string& scheme) { |
| 409 base::AutoLock lock(lock_); | 410 base::AutoLock lock(lock_); |
| 410 | 411 |
| 411 SecurityStateMap::iterator state = security_state_.find(child_id); | 412 SecurityStateMap::iterator state = security_state_.find(child_id); |
| (...skipping 199 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 611 int child_id, | 612 int child_id, |
| 612 const std::string& filesystem_id, | 613 const std::string& filesystem_id, |
| 613 int permission) { | 614 int permission) { |
| 614 base::AutoLock lock(lock_); | 615 base::AutoLock lock(lock_); |
| 615 | 616 |
| 616 SecurityStateMap::iterator state = security_state_.find(child_id); | 617 SecurityStateMap::iterator state = security_state_.find(child_id); |
| 617 if (state == security_state_.end()) | 618 if (state == security_state_.end()) |
| 618 return false; | 619 return false; |
| 619 return state->second->HasPermissionsForFileSystem(filesystem_id, permission); | 620 return state->second->HasPermissionsForFileSystem(filesystem_id, permission); |
| 620 } | 621 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10540070:
Make Isolated file system writable only if it is configured so (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src