summaryrefslogtreecommitdiffstats
path: root/mojo/shell/standalone
diff options
context:
space:
mode:
authorben <ben@chromium.org>2016-02-23 23:50:19 -0800
committerCommit bot <commit-bot@chromium.org>2016-02-24 07:51:20 +0000
commita16b491f249de01d84114889f2ea3a8aea966413 (patch)
treebf275c5f7a0fb4704e170b4d2aa112bec1288313 /mojo/shell/standalone
parent3436fa2dc73318d3dbaf6a6784d0ddee9be0243d (diff)
downloadchromium_src-a16b491f249de01d84114889f2ea3a8aea966413.zip
chromium_src-a16b491f249de01d84114889f2ea3a8aea966413.tar.gz
chromium_src-a16b491f249de01d84114889f2ea3a8aea966413.tar.bz2
Add a user id parameter to connections.
This is simply a uint32 that identifies the user running a particular instance. Note that the shell cares nothing about higher level semantic meaning/mapping of this identifier. That's for a user service to perform. An application that connects to another specifies the user id they wish the target to be run as. This can either be a specific user, the root user, or "inherit" which means either their own identity or root, whichever is available in that order. The application manager resolves "inherit" to the source identity or the root identity, and initializes & completes the connection. When a target application is initialized, the shell tells it (via Initialize()) the identity it is run as. When a target application receives an inbound connection, the shell tells it (via AcceptConnection) the identity of the caller. This allows a service run as root to service connections from other users, and create facades scoped to that user. Long term, only specific applications will be able to pass anything other than "inherit" as the user id. (e.g. the login app and the profile creator app). This isn't done in this CL. I need to add some tests for this, along with the rest of the shell stuff. TBD. R=sky@chromium.org CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_site_isolation Review URL: https://codereview.chromium.org/1719193003 Cr-Commit-Position: refs/heads/master@{#377239}
Diffstat (limited to 'mojo/shell/standalone')
-rw-r--r--mojo/shell/standalone/context.cc8
1 files changed, 5 insertions, 3 deletions
diff --git a/mojo/shell/standalone/context.cc b/mojo/shell/standalone/context.cc
index 2c49e73..a966020 100644
--- a/mojo/shell/standalone/context.cc
+++ b/mojo/shell/standalone/context.cc
@@ -155,9 +155,9 @@ void Context::Init(const base::FilePath& shell_file_root) {
new TracingInterfaceProvider(&tracer_, GetProxy(&tracing_local_interfaces));
scoped_ptr<ConnectParams> params(new ConnectParams);
- params->set_source(Identity(GURL("mojo:shell"), std::string(),
- GetPermissiveCapabilityFilter()));
+ params->set_source(CreateShellIdentity());
params->set_target(Identity(GURL("mojo:tracing"), std::string(),
+ mojom::Shell::kUserInherit,
GetPermissiveCapabilityFilter()));
params->set_remote_interfaces(GetProxy(&tracing_remote_interfaces));
params->set_local_interfaces(std::move(tracing_local_interfaces));
@@ -227,8 +227,10 @@ void Context::Run(const GURL& url) {
shell::mojom::InterfaceProviderPtr local_interfaces;
scoped_ptr<ConnectParams> params(new ConnectParams);
+ params->set_source(CreateShellIdentity());
params->set_target(
- Identity(url, std::string(), GetPermissiveCapabilityFilter()));
+ Identity(url, std::string(), mojom::Shell::kUserRoot,
+ GetPermissiveCapabilityFilter()));
params->set_remote_interfaces(GetProxy(&remote_interfaces));
params->set_local_interfaces(std::move(local_interfaces));
application_manager_->Connect(std::move(params));