Chromium Code Reviews Chromium Code Reviews
Issue 19599006:
ChildProcessSecurityPolicy: Deprecate bitmask-based permissions checks for files. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/child_process_security_policy_impl.h" | 5 #include "content/browser/child_process_security_policy_impl.h" |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "base/files/file_path.h" | 8 #include "base/files/file_path.h" |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/metrics/histogram.h" | 10 #include "base/metrics/histogram.h" |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 42 base::PLATFORM_FILE_ASYNC | | 42 base::PLATFORM_FILE_ASYNC | |
| 43 base::PLATFORM_FILE_WRITE_ATTRIBUTES; | 43 base::PLATFORM_FILE_WRITE_ATTRIBUTES; |
| 44 | 44 |
| 45 const int kCreateFilePermissions = | 45 const int kCreateFilePermissions = |
| 46 base::PLATFORM_FILE_CREATE; | 46 base::PLATFORM_FILE_CREATE; |
| 47 | 47 |
| 48 const int kEnumerateDirectoryPermissions = | 48 const int kEnumerateDirectoryPermissions = |
| 49 kReadFilePermissions | | 49 kReadFilePermissions | |
| 50 base::PLATFORM_FILE_ENUMERATE; | 50 base::PLATFORM_FILE_ENUMERATE; |
| 51 | 51 |
| 52 const int kReadWriteFilePermissions = | 52 const int kCreateReadWriteFilePermissions = |
| 53 base::PLATFORM_FILE_OPEN | | 53 base::PLATFORM_FILE_OPEN | |
| 54 base::PLATFORM_FILE_CREATE | | 54 base::PLATFORM_FILE_CREATE | |
| 55 base::PLATFORM_FILE_OPEN_ALWAYS | | 55 base::PLATFORM_FILE_OPEN_ALWAYS | |
| 56 base::PLATFORM_FILE_CREATE_ALWAYS | | 56 base::PLATFORM_FILE_CREATE_ALWAYS | |
| 57 base::PLATFORM_FILE_OPEN_TRUNCATED | | 57 base::PLATFORM_FILE_OPEN_TRUNCATED | |
| 58 base::PLATFORM_FILE_READ | | 58 base::PLATFORM_FILE_READ | |
| 59 base::PLATFORM_FILE_WRITE | | 59 base::PLATFORM_FILE_WRITE | |
| 60 base::PLATFORM_FILE_EXCLUSIVE_READ | | 60 base::PLATFORM_FILE_EXCLUSIVE_READ | |
| 61 base::PLATFORM_FILE_EXCLUSIVE_WRITE | | 61 base::PLATFORM_FILE_EXCLUSIVE_WRITE | |
| 62 base::PLATFORM_FILE_ASYNC | | 62 base::PLATFORM_FILE_ASYNC | |
| 63 base::PLATFORM_FILE_WRITE_ATTRIBUTES; | 63 base::PLATFORM_FILE_WRITE_ATTRIBUTES; |
| 64 | 64 |
| 65 const int kCreateWriteFilePermissions = | 65 const int kCreateWriteFilePermissions = |
|
tommycli
2013/07/17 22:31:11
Here I added EXCLUSIVE_WRITE to the list. Otherwis
vandebo (ex-Chrome)
2013/07/18 15:16:59
Maybe... Please make sure the the security reviewe
| |
| 66 base::PLATFORM_FILE_CREATE | | 66 kCreateFilePermissions | |
| 67 base::PLATFORM_FILE_CREATE_ALWAYS | | 67 kWriteFilePermissions | |
| 68 base::PLATFORM_FILE_OPEN | | 68 base::PLATFORM_FILE_CREATE_ALWAYS | |
| 69 base::PLATFORM_FILE_OPEN_ALWAYS | | 69 base::PLATFORM_FILE_OPEN_ALWAYS | |
| 70 base::PLATFORM_FILE_OPEN_TRUNCATED | | 70 base::PLATFORM_FILE_OPEN_TRUNCATED; |
| 71 base::PLATFORM_FILE_WRITE | | |
| 72 base::PLATFORM_FILE_WRITE_ATTRIBUTES | | |
| 73 base::PLATFORM_FILE_ASYNC; | |
| 74 // need EXCLUSIVE_WRITE in this mix? | |
| 75 | 71 |
| 76 } // namespace | 72 } // namespace |
| 77 | 73 |
| 78 // The SecurityState class is used to maintain per-child process security state | 74 // The SecurityState class is used to maintain per-child process security state |
| 79 // information. | 75 // information. |
| 80 class ChildProcessSecurityPolicyImpl::SecurityState { | 76 class ChildProcessSecurityPolicyImpl::SecurityState { |
| 81 public: | 77 public: |
| 82 SecurityState() | 78 SecurityState() |
| 83 : enabled_bindings_(0), | 79 : enabled_bindings_(0), |
| 84 can_read_raw_cookies_(false) { } | 80 can_read_raw_cookies_(false) { } |
| (...skipping 342 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 427 } | 423 } |
| 428 } | 424 } |
| 429 | 425 |
| 430 void ChildProcessSecurityPolicyImpl::GrantReadFile(int child_id, | 426 void ChildProcessSecurityPolicyImpl::GrantReadFile(int child_id, |
| 431 const base::FilePath& file) { | 427 const base::FilePath& file) { |
| 432 GrantPermissionsForFile(child_id, file, kReadFilePermissions); | 428 GrantPermissionsForFile(child_id, file, kReadFilePermissions); |
| 433 } | 429 } |
| 434 | 430 |
| 435 void ChildProcessSecurityPolicyImpl::GrantCreateReadWriteFile( | 431 void ChildProcessSecurityPolicyImpl::GrantCreateReadWriteFile( |
| 436 int child_id, const base::FilePath& file) { | 432 int child_id, const base::FilePath& file) { |
| 437 GrantPermissionsForFile(child_id, file, kReadWriteFilePermissions); | 433 GrantPermissionsForFile(child_id, file, kCreateReadWriteFilePermissions); |
| 438 } | 434 } |
| 439 | 435 |
| 440 void ChildProcessSecurityPolicyImpl::GrantCreateWriteFile( | 436 void ChildProcessSecurityPolicyImpl::GrantCreateWriteFile( |
| 441 int child_id, const base::FilePath& file) { | 437 int child_id, const base::FilePath& file) { |
| 442 GrantPermissionsForFile(child_id, file, kCreateWriteFilePermissions); | 438 GrantPermissionsForFile(child_id, file, kCreateWriteFilePermissions); |
| 443 } | 439 } |
| 444 | 440 |
| 445 void ChildProcessSecurityPolicyImpl::GrantReadDirectory( | 441 void ChildProcessSecurityPolicyImpl::GrantReadDirectory( |
| 446 int child_id, const base::FilePath& directory) { | 442 int child_id, const base::FilePath& directory) { |
| 447 GrantPermissionsForFile(child_id, directory, kEnumerateDirectoryPermissions); | 443 GrantPermissionsForFile(child_id, directory, kEnumerateDirectoryPermissions); |
| (...skipping 146 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 594 // allowed to request the URL. | 590 // allowed to request the URL. |
| 595 return state->second->CanRequestURL(url); | 591 return state->second->CanRequestURL(url); |
| 596 } | 592 } |
| 597 } | 593 } |
| 598 | 594 |
| 599 bool ChildProcessSecurityPolicyImpl::CanReadFile(int child_id, | 595 bool ChildProcessSecurityPolicyImpl::CanReadFile(int child_id, |
| 600 const base::FilePath& file) { | 596 const base::FilePath& file) { |
| 601 return HasPermissionsForFile(child_id, file, kReadFilePermissions); | 597 return HasPermissionsForFile(child_id, file, kReadFilePermissions); |
| 602 } | 598 } |
| 603 | 599 |
| 600 bool ChildProcessSecurityPolicyImpl::CanWriteFile(int child_id, | |
| 601 const base::FilePath& file) { | |
| 602 return HasPermissionsForFile(child_id, file, kWriteFilePermissions); | |
| 603 } | |
| 604 | |
| 605 bool ChildProcessSecurityPolicyImpl::CanCreateFile(int child_id, | |
| 606 const base::FilePath& file) { | |
| 607 return HasPermissionsForFile(child_id, file, kCreateFilePermissions); | |
| 608 } | |
| 609 | |
| 610 bool ChildProcessSecurityPolicyImpl::CanCreateReadWriteFile( | |
| 611 int child_id, | |
| 612 const base::FilePath& file) { | |
| 613 return HasPermissionsForFile(child_id, file, kCreateReadWriteFilePermissions); | |
| 614 } | |
| 615 | |
| 604 bool ChildProcessSecurityPolicyImpl::CanReadDirectory( | 616 bool ChildProcessSecurityPolicyImpl::CanReadDirectory( |
| 605 int child_id, const base::FilePath& directory) { | 617 int child_id, const base::FilePath& directory) { |
| 606 return HasPermissionsForFile(child_id, | 618 return HasPermissionsForFile(child_id, |
| 607 directory, | 619 directory, |
| 608 kEnumerateDirectoryPermissions); | 620 kEnumerateDirectoryPermissions); |
| 609 } | 621 } |
| 610 | 622 |
| 611 bool ChildProcessSecurityPolicyImpl::CanReadFileSystem( | 623 bool ChildProcessSecurityPolicyImpl::CanReadFileSystem( |
| 612 int child_id, const std::string& filesystem_id) { | 624 int child_id, const std::string& filesystem_id) { |
| 613 return HasPermissionsForFileSystem(child_id, | 625 return HasPermissionsForFileSystem(child_id, |
| (...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 674 | 686 |
| 675 if (found->second & fileapi::FILE_PERMISSION_USE_FILE_PERMISSION) | 687 if (found->second & fileapi::FILE_PERMISSION_USE_FILE_PERMISSION) |
| 676 return HasPermissionsForFile(child_id, url.path(), permissions); | 688 return HasPermissionsForFile(child_id, url.path(), permissions); |
| 677 | 689 |
| 678 if (found->second & fileapi::FILE_PERMISSION_SANDBOX) | 690 if (found->second & fileapi::FILE_PERMISSION_SANDBOX) |
| 679 return true; | 691 return true; |
| 680 | 692 |
| 681 return false; | 693 return false; |
| 682 } | 694 } |
| 683 | 695 |
| 696 bool ChildProcessSecurityPolicyImpl::CanReadFileSystemFile( | |
| 697 int child_id, | |
| 698 const fileapi::FileSystemURL& url) { | |
| 699 return HasPermissionsForFileSystemFile(child_id, url, kReadFilePermissions); | |
| 700 } | |
| 701 | |
| 702 bool ChildProcessSecurityPolicyImpl::CanWriteFileSystemFile( | |
| 703 int child_id, | |
| 704 const fileapi::FileSystemURL& url) { | |
| 705 return HasPermissionsForFileSystemFile(child_id, url, kWriteFilePermissions); | |
| 706 } | |
| 707 | |
| 708 bool ChildProcessSecurityPolicyImpl::CanCreateFileSystemFile( | |
| 709 int child_id, | |
| 710 const fileapi::FileSystemURL& url) { | |
| 711 return HasPermissionsForFileSystemFile(child_id, url, kCreateFilePermissions); | |
| 712 } | |
| 713 | |
| 714 bool ChildProcessSecurityPolicyImpl::CanCreateReadWriteFileSystemFile( | |
| 715 int child_id, | |
| 716 const fileapi::FileSystemURL& url) { | |
| 717 return HasPermissionsForFileSystemFile(child_id, url, | |
| 718 kCreateReadWriteFilePermissions); | |
| 719 } | |
| 720 | |
| 684 bool ChildProcessSecurityPolicyImpl::HasWebUIBindings(int child_id) { | 721 bool ChildProcessSecurityPolicyImpl::HasWebUIBindings(int child_id) { |
| 685 base::AutoLock lock(lock_); | 722 base::AutoLock lock(lock_); |
| 686 | 723 |
| 687 SecurityStateMap::iterator state = security_state_.find(child_id); | 724 SecurityStateMap::iterator state = security_state_.find(child_id); |
| 688 if (state == security_state_.end()) | 725 if (state == security_state_.end()) |
| 689 return false; | 726 return false; |
| 690 | 727 |
| 691 return state->second->has_web_ui_bindings(); | 728 return state->second->has_web_ui_bindings(); |
| 692 } | 729 } |
| 693 | 730 |
| (...skipping 77 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 771 } | 808 } |
| 772 | 809 |
| 773 void ChildProcessSecurityPolicyImpl::RegisterFileSystemPermissionPolicy( | 810 void ChildProcessSecurityPolicyImpl::RegisterFileSystemPermissionPolicy( |
| 774 fileapi::FileSystemType type, | 811 fileapi::FileSystemType type, |
| 775 int policy) { | 812 int policy) { |
| 776 base::AutoLock lock(lock_); | 813 base::AutoLock lock(lock_); |
| 777 file_system_policy_map_[type] = policy; | 814 file_system_policy_map_[type] = policy; |
| 778 } | 815 } |
| 779 | 816 |
| 780 } // namespace content | 817 } // namespace content |
| OLD | NEW |
