diff options
| author | jln@chromium.org <jln@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-07-16 21:15:43 +0000 |
|---|---|---|
| committer | jln@chromium.org <jln@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-07-16 21:15:43 +0000 |
| commit | 9a01143136ebef2586d03f923c9d63d2c54f5d45 (patch) | |
| tree | a90361ddc20497bb9078996ceb48f61659e8be6b /sandbox/linux | |
| parent | 3915802d4ea0d953067bad3f041106c4bbbc7c18 (diff) | |
| download | chromium_src-9a01143136ebef2586d03f923c9d63d2c54f5d45.zip chromium_src-9a01143136ebef2586d03f923c9d63d2c54f5d45.tar.gz chromium_src-9a01143136ebef2586d03f923c9d63d2c54f5d45.tar.bz2 | |
Linux sandbox unittests: make tests pass as root
Android sometimes run the tests as root. Make sure that our unittests
pass when running as root.
R=jorgelo@chromium.org
Review URL: https://codereview.chromium.org/19240009
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@211842 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'sandbox/linux')
| -rw-r--r-- | sandbox/linux/services/broker_process_unittest.cc | 49 |
1 files changed, 28 insertions, 21 deletions
diff --git a/sandbox/linux/services/broker_process_unittest.cc b/sandbox/linux/services/broker_process_unittest.cc index b6589ef..ee2b96a2 100644 --- a/sandbox/linux/services/broker_process_unittest.cc +++ b/sandbox/linux/services/broker_process_unittest.cc @@ -9,6 +9,8 @@ #include <sys/stat.h> #include <sys/types.h> #include <sys/wait.h> +#include <unistd.h> + #include <string> #include <vector> @@ -101,27 +103,32 @@ void TestOpenFilePerms(bool fast_check_in_client) { ret = open_broker.Access(kR_WhiteListed, R_OK | X_OK); ASSERT_EQ(ret, -EPERM); - fd = open_broker.Open(kR_WhiteListedButDenied, O_RDONLY); - // The broker process will allow this, but the normal permission system - // won't. - ASSERT_EQ(fd, -EACCES); - fd = open_broker.Open(kR_WhiteListedButDenied, O_WRONLY); - ASSERT_EQ(fd, -EPERM); - fd = open_broker.Open(kR_WhiteListedButDenied, O_RDWR); - ASSERT_EQ(fd, -EPERM); - ret = open_broker.Access(kR_WhiteListedButDenied, F_OK); - // The normal permission system will let us check that the file exist. - ASSERT_EQ(ret, 0); - ret = open_broker.Access(kR_WhiteListedButDenied, R_OK); - ASSERT_EQ(ret, -EACCES); - ret = open_broker.Access(kR_WhiteListedButDenied, W_OK); - ASSERT_EQ(ret, -EPERM); - ret = open_broker.Access(kR_WhiteListedButDenied, R_OK | W_OK); - ASSERT_EQ(ret, -EPERM); - ret = open_broker.Access(kR_WhiteListedButDenied, X_OK); - ASSERT_EQ(ret, -EPERM); - ret = open_broker.Access(kR_WhiteListedButDenied, R_OK | X_OK); - ASSERT_EQ(ret, -EPERM); + // Android sometimes runs tests as root. + // This part of the test requires a process that doesn't have + // CAP_DAC_OVERRIDE. We check against a root euid as a proxy for that. + if (geteuid()) { + fd = open_broker.Open(kR_WhiteListedButDenied, O_RDONLY); + // The broker process will allow this, but the normal permission system + // won't. + ASSERT_EQ(fd, -EACCES); + fd = open_broker.Open(kR_WhiteListedButDenied, O_WRONLY); + ASSERT_EQ(fd, -EPERM); + fd = open_broker.Open(kR_WhiteListedButDenied, O_RDWR); + ASSERT_EQ(fd, -EPERM); + ret = open_broker.Access(kR_WhiteListedButDenied, F_OK); + // The normal permission system will let us check that the file exists. + ASSERT_EQ(ret, 0); + ret = open_broker.Access(kR_WhiteListedButDenied, R_OK); + ASSERT_EQ(ret, -EACCES); + ret = open_broker.Access(kR_WhiteListedButDenied, W_OK); + ASSERT_EQ(ret, -EPERM); + ret = open_broker.Access(kR_WhiteListedButDenied, R_OK | W_OK); + ASSERT_EQ(ret, -EPERM); + ret = open_broker.Access(kR_WhiteListedButDenied, X_OK); + ASSERT_EQ(ret, -EPERM); + ret = open_broker.Access(kR_WhiteListedButDenied, R_OK | X_OK); + ASSERT_EQ(ret, -EPERM); + } fd = open_broker.Open(kW_WhiteListed, O_RDONLY); ASSERT_EQ(fd, -EPERM); |