diff options
author | jschuh@chromium.org <jschuh@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-03-01 22:55:55 +0000 |
---|---|---|
committer | jschuh@chromium.org <jschuh@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-03-01 22:55:55 +0000 |
commit | 14c105f94902b18ec03072ff664ca9214569ca09 (patch) | |
tree | e91a06dd5ce63ba300b1a7d1be59d20755a7dec9 | |
parent | 11f39b3a06be5aa6e828b3e02b201639006bf3e0 (diff) | |
download | chromium_src-14c105f94902b18ec03072ff664ca9214569ca09.zip chromium_src-14c105f94902b18ec03072ff664ca9214569ca09.tar.gz chromium_src-14c105f94902b18ec03072ff664ca9214569ca09.tar.bz2 |
Merge 123147 - Grant Flash read access to Talk application directory.
This makes the Talk plugin work with sandboxed Flash.
Copied from https://chromiumcodereview.appspot.com/9433016/
BUG=113891
Review URL: http://codereview.chromium.org/9429031
TBR=jschuh@chromium.org
Review URL: https://chromiumcodereview.appspot.com/9569039
git-svn-id: svn://svn.chromium.org/chrome/branches/1025/src@124514 0039d316-1c4b-4281-b951-d872f2087c98
-rw-r--r-- | chrome/common/chrome_content_client.cc | 31 |
1 files changed, 25 insertions, 6 deletions
diff --git a/chrome/common/chrome_content_client.cc b/chrome/common/chrome_content_client.cc index c60a9cb..b763ecb 100644 --- a/chrome/common/chrome_content_client.cc +++ b/chrome/common/chrome_content_client.cc @@ -13,7 +13,6 @@ #include "base/string_split.h" #include "base/string_util.h" #include "base/utf_string_conversions.h" -#include "base/win/windows_version.h" #include "chrome/common/child_process_logging.h" #include "chrome/common/chrome_paths.h" #include "chrome/common/chrome_switches.h" @@ -29,6 +28,8 @@ #include "webkit/plugins/plugin_constants.h" #if defined(OS_WIN) +#include "base/win/registry.h" +#include "base/win/windows_version.h" #include "sandbox/src/sandbox.h" #elif defined(OS_MACOSX) #include "chrome/common/chrome_sandbox_type_mac.h" @@ -386,15 +387,33 @@ bool ChromeContentClient::SandboxPlugin(CommandLine* command_line, } // Add the policy for the pipes. - sandbox::ResultCode result = sandbox::SBOX_ALL_OK; - result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_NAMED_PIPES, - sandbox::TargetPolicy::NAMEDPIPES_ALLOW_ANY, - L"\\\\.\\pipe\\chrome.*"); - if (result != sandbox::SBOX_ALL_OK) { + if (policy->AddRule(sandbox::TargetPolicy::SUBSYS_NAMED_PIPES, + sandbox::TargetPolicy::NAMEDPIPES_ALLOW_ANY, + L"\\\\.\\pipe\\chrome.*") != sandbox::SBOX_ALL_OK) { NOTREACHED(); return false; } + // Allow Talk's camera control. + base::win::RegKey talk_key(HKEY_CURRENT_USER, + L"Software\\Google\\Google Talk Plugin", + KEY_READ); + if (talk_key.Valid()) { + string16 install_dir; + if (talk_key.ReadValue(L"install_dir", &install_dir) == ERROR_SUCCESS) { + if (install_dir[install_dir.size() - 1] != '\\') + install_dir.append(L"\\*"); + else + install_dir.append(L"*"); + // This is not a hard failure because a reparse point in the path can + // cause the rule to fail, but we should not abort sandboxing. + DCHECK_EQ(policy->AddRule(sandbox::TargetPolicy::SUBSYS_FILES, + sandbox::TargetPolicy::FILES_ALLOW_READONLY, + install_dir.c_str()), sandbox::SBOX_ALL_OK); + } + talk_key.Close(); + } + // Spawn the flash broker and apply sandbox policy. if (LoadFlashBroker(plugin_path, command_line)) { // UI job restrictions break windowless Flash, so just pick up single |