ChildProcessSecurityPolicy: Add CopyIntoFileSystem permission.

This change adds a CopyInto permission into the ChildProcessSecurityPolicy. This permission is used by the Media Galleries API write support, which we hope to get into M30. Currently, it's implemented by granting Create. Eventually, we want CopyInto to be a more restricted permission. This requires divorcing the ChildProcessSecurityPolicy class from PlatformFile access mode flags, which is an in-process CL. See: - Bug: http://crbug.com/262142 - CL: https://codereview.chromium.org/19599006/ BUG=NONE Review URL: https://chromiumcodereview.appspot.com/19639003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@213166 0039d316-1c4b-4281-b951-d872f2087c98
author: tommycli@chromium.org <tommycli@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2013-07-23 18:04:45 +0000
committer: tommycli@chromium.org <tommycli@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2013-07-23 18:04:45 +0000
commit: b78c188fa6f3cab07da0584e61e395bc94a73bc4 (patch)
tree: 371c89d009319a1be1162859d7f8c0033a2f94c9 /content/browser/child_process_security_policy_impl.cc
parent: f0e476d543294624435c8f7b1576330056cf9942 (diff)
download: chromium_src-b78c188fa6f3cab07da0584e61e395bc94a73bc4.zip
chromium_src-b78c188fa6f3cab07da0584e61e395bc94a73bc4.tar.gz
chromium_src-b78c188fa6f3cab07da0584e61e395bc94a73bc4.tar.bz2
1 files changed, 17 insertions, 0 deletions
diff --git a/content/browser/child_process_security_policy_impl.cc b/content/browser/child_process_security_policy_impl.cc
index f9ba44e..ecdff0c 100644
--- a/content/browser/child_process_security_policy_impl.cc
+++ b/content/browser/child_process_security_policy_impl.cc
@@ -485,6 +485,14 @@ void ChildProcessSecurityPolicyImpl::GrantCreateFileForFileSystem(
                                 kCreateFilePermissions);
 }
 
+void ChildProcessSecurityPolicyImpl::GrantCopyIntoFileSystem(
+    int child_id, const std::string& filesystem_id) {
+  // TODO(tommycli): These granted permissions a bit too broad, but not abused.
+  // We are fixing in http://crbug.com/262142 and associated CL.
+  GrantPermissionsForFileSystem(child_id, filesystem_id,
+                                kCreateFilePermissions);
+}
+
 void ChildProcessSecurityPolicyImpl::GrantScheme(int child_id,
                                                  const std::string& scheme) {
   base::AutoLock lock(lock_);
@@ -623,6 +631,15 @@ bool ChildProcessSecurityPolicyImpl::CanReadWriteFileSystem(
                                      kWriteFilePermissions);
 }
 
+bool ChildProcessSecurityPolicyImpl::CanCopyIntoFileSystem(
+    int child_id, const std::string& filesystem_id) {
+  // TODO(tommycli): These granted permissions a bit too broad, but not abused.
+  // We are fixing in http://crbug.com/262142 and associated CL.
+  return HasPermissionsForFileSystem(child_id,
+                                     filesystem_id,
+                                     kCreateFilePermissions);
+}
+
 bool ChildProcessSecurityPolicyImpl::HasPermissionsForFile(
     int child_id, const base::FilePath& file, int permissions) {
   base::AutoLock lock(lock_);
author	tommycli@chromium.org <tommycli@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2013-07-23 18:04:45 +0000
committer	tommycli@chromium.org <tommycli@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2013-07-23 18:04:45 +0000
commit	b78c188fa6f3cab07da0584e61e395bc94a73bc4 (patch)
tree	371c89d009319a1be1162859d7f8c0033a2f94c9 /content/browser/child_process_security_policy_impl.cc
parent	f0e476d543294624435c8f7b1576330056cf9942 (diff)
download	chromium_src-b78c188fa6f3cab07da0584e61e395bc94a73bc4.zip chromium_src-b78c188fa6f3cab07da0584e61e395bc94a73bc4.tar.gz chromium_src-b78c188fa6f3cab07da0584e61e395bc94a73bc4.tar.bz2