Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(7)

Side by Side Diff: sandbox/linux/services/broker_process_unittest.cc

Issue 11778056: Linux Sandbox: handle O_CREAT properly in broker process. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 7 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "sandbox/linux/services/broker_process.h" 5 #include "sandbox/linux/services/broker_process.h"
6 6
7 #include <errno.h> 7 #include <errno.h>
8 #include <fcntl.h> 8 #include <fcntl.h>
9 #include <sys/stat.h> 9 #include <sys/stat.h>
10 #include <sys/types.h> 10 #include <sys/types.h>
(...skipping 81 matching lines...) Expand 10 before | Expand all | Expand 10 after
92 fd = open_broker.Open(k_NotWhitelisted, O_RDONLY); 92 fd = open_broker.Open(k_NotWhitelisted, O_RDONLY);
93 EXPECT_EQ(fd, -EPERM); 93 EXPECT_EQ(fd, -EPERM);
94 fd = open_broker.Open(k_NotWhitelisted, O_WRONLY); 94 fd = open_broker.Open(k_NotWhitelisted, O_WRONLY);
95 EXPECT_EQ(fd, -EPERM); 95 EXPECT_EQ(fd, -EPERM);
96 fd = open_broker.Open(k_NotWhitelisted, O_RDWR); 96 fd = open_broker.Open(k_NotWhitelisted, O_RDWR);
97 EXPECT_EQ(fd, -EPERM); 97 EXPECT_EQ(fd, -EPERM);
98 98
99 // We have some extra sanity check for clearly wrong values. 99 // We have some extra sanity check for clearly wrong values.
100 fd = open_broker.Open(kRW_WhiteListed, O_RDONLY|O_WRONLY|O_RDWR); 100 fd = open_broker.Open(kRW_WhiteListed, O_RDONLY|O_WRONLY|O_RDWR);
101 EXPECT_EQ(fd, -EPERM); 101 EXPECT_EQ(fd, -EPERM);
102
103 // It makes no sense to allow O_CREAT in a 2-parameters open. Ensure this
104 // is denied.
105 fd = open_broker.Open(kRW_WhiteListed, O_RDWR|O_CREAT);
106 EXPECT_EQ(fd, -EPERM);
102 } 107 }
103 108
104 // Run the same thing twice. The second time, we make sure that no security 109 // Run the same thing twice. The second time, we make sure that no security
105 // check is performed on the client. 110 // check is performed on the client.
106 TEST(BrokerProcess, OpenFilePermsWithClientCheck) { 111 TEST(BrokerProcess, OpenFilePermsWithClientCheck) {
107 TestOpenFilePerms(true /* fast_check_in_client */); 112 TestOpenFilePerms(true /* fast_check_in_client */);
108 } 113 }
109 114
110 TEST(BrokerProcess, OpenOpenFilePermsNoClientCheck) { 115 TEST(BrokerProcess, OpenOpenFilePermsNoClientCheck) {
111 TestOpenFilePerms(false /* fast_check_in_client */); 116 TestOpenFilePerms(false /* fast_check_in_client */);
(...skipping 166 matching lines...) Expand 10 before | Expand all | Expand 10 after
278 283
279 TEST(BrokerProcess, ComplexFlagsWithClientCheck) { 284 TEST(BrokerProcess, ComplexFlagsWithClientCheck) {
280 TestComplexFlags(true /* fast_check_in_client */); 285 TestComplexFlags(true /* fast_check_in_client */);
281 } 286 }
282 287
283 TEST(BrokerProcess, ComplexFlagsNoClientCheck) { 288 TEST(BrokerProcess, ComplexFlagsNoClientCheck) {
284 TestComplexFlags(false /* fast_check_in_client */); 289 TestComplexFlags(false /* fast_check_in_client */);
285 } 290 }
286 291
287 } // namespace sandbox 292 } // namespace sandbox
OLDNEW
« sandbox/linux/services/broker_process.cc ('K') | « sandbox/linux/services/broker_process.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698