diff options
| author | skerner@chromium.org <skerner@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-06-30 05:57:37 +0000 |
|---|---|---|
| committer | skerner@chromium.org <skerner@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-06-30 05:57:37 +0000 |
| commit | cadb40bdf4335ee89371b09a754cbf1197c68f73 (patch) | |
| tree | 231b6cbf99d5d38d22fc4fe0ead53f484ef1cf7a /chrome/browser/extensions | |
| parent | 6a1d0f520bbbad446501a1cfd94e7451671f2633 (diff) | |
| download | chromium_src-cadb40bdf4335ee89371b09a754cbf1197c68f73.zip chromium_src-cadb40bdf4335ee89371b09a754cbf1197c68f73.tar.gz chromium_src-cadb40bdf4335ee89371b09a754cbf1197c68f73.tar.bz2 | |
Loosen permission on extension temp dir when a flag is used.
Issue 35198 can not be reproduced locally. To enable users to do experiments, three command line flags are added to chrome:
--issue35198-crxdir-browser: Have the browser process create the directory in which the extension will be unzipped.
--issue35198-logging: Enable log messages from directory creation in the utility process to be moved to the browser process.
--issue35198-permission: Use the most permissive file permissions possible on the extension unpack directory.
BUG=35198
TEST=manual
Review URL: http://codereview.chromium.org/2802018
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@51231 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/browser/extensions')
| -rw-r--r-- | chrome/browser/extensions/sandboxed_extension_unpacker.cc | 24 |
1 files changed, 20 insertions, 4 deletions
diff --git a/chrome/browser/extensions/sandboxed_extension_unpacker.cc b/chrome/browser/extensions/sandboxed_extension_unpacker.cc index eda5e3f..c087649 100644 --- a/chrome/browser/extensions/sandboxed_extension_unpacker.cc +++ b/chrome/browser/extensions/sandboxed_extension_unpacker.cc @@ -42,8 +42,18 @@ void SandboxedExtensionUnpacker::Start() { // file IO on. CHECK(ChromeThread::GetCurrentThreadIdentifier(&thread_identifier_)); + // To understand crbug/35198, allow users who can reproduce the bug + // to loosen permissions on the scoped directory. + bool loosen_permissions = false; +#if defined (OS_WIN) + loosen_permissions = CommandLine::ForCurrentProcess()->HasSwitch( + switches::kIssue35198Permission); + LOG(INFO) << "loosen_permissions = " << loosen_permissions; +#endif + // Create a temporary directory to work in. - if (!temp_dir_.CreateUniqueTempDirUnderPath(temp_path_)) { + if (!temp_dir_.CreateUniqueTempDirUnderPath(temp_path_, + loosen_permissions)) { ReportFailure("Could not create temporary directory."); return; } @@ -52,6 +62,15 @@ void SandboxedExtensionUnpacker::Start() { extension_root_ = temp_dir_.path().AppendASCII( extension_filenames::kTempExtensionName); + // To understand crbug/35198, allow users who can reproduce the bug to + // create the unpack directory in the browser process. + bool crxdir_in_browser = CommandLine::ForCurrentProcess()->HasSwitch( + switches::kIssue35198CrxDirBrowser); + LOG(INFO) << "crxdir_in_browser = " << crxdir_in_browser; + if (crxdir_in_browser && !file_util::CreateDirectory(extension_root_)) { + LOG(ERROR) << "Failed to create directory " << extension_root_.value(); + } + // Extract the public key and validate the package. if (!ValidateSignature()) return; // ValidateSignature() already reported the error. @@ -69,9 +88,6 @@ void SandboxedExtensionUnpacker::Start() { // the link will cause file system access outside the sandbox path. FilePath normalized_crx_path; if (!file_util::NormalizeFilePath(temp_crx_path, &normalized_crx_path)) { - // TODO(skerner): Remove this logging once crbug/13044 is fixed. - // This bug is starred by many users who have some kind of link. - // If NormalizeFilePath() fails we want to see it in the logs they send. LOG(ERROR) << "Could not get the normalized path of " << temp_crx_path.value(); normalized_crx_path = temp_crx_path; |