Linux Sandbox: Move setuid sandbox localization code.

Move the code that finds the setuid sandbox binary to
the SetuidSandboxClient class.

BUG=358733
R=mdempsky@chromium.org, piman@chromium.org

Review URL: https://codereview.chromium.org/238153002

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@263792 0039d316-1c4b-4281-b951-d872f2087c98

3 files changed, 88 insertions, 2 deletions

diff --git a/sandbox/linux/suid/client/setuid_sandbox_client.cc b/sandbox/linux/suid/client/setuid_sandbox_client.cc
index 8ed1a97..8feec04 100644
--- a/sandbox/linux/suid/client/setuid_sandbox_client.cc
+++ b/sandbox/linux/suid/client/setuid_sandbox_client.cc
@@ -4,16 +4,21 @@
 
 #include "sandbox/linux/suid/client/setuid_sandbox_client.h"
 
+#include <sys/stat.h>
 #include <sys/types.h>
 #include <sys/wait.h>
 #include <unistd.h>
 
+#include "base/command_line.h"
 #include "base/environment.h"
+#include "base/file_util.h"
+#include "base/files/file_path.h"
 #include "base/logging.h"
 #include "base/memory/scoped_ptr.h"
+#include "base/path_service.h"
 #include "base/posix/eintr_wrapper.h"
+#include "base/process/process_metrics.h"
 #include "base/strings/string_number_conversions.h"
-
 #include "sandbox/linux/services/init_process_reaper.h"
 #include "sandbox/linux/suid/common/sandbox.h"
 #include "sandbox/linux/suid/common/suid_unsafe_environment_variables.h"
@@ -92,6 +97,10 @@ int GetIPCDescriptor(base::Environment* env) {
   return EnvToInt(env, sandbox::kSandboxDescriptorEnvironmentVarName);
 }
 
+const char* GetDevelSandboxPath() {
+  return getenv("CHROME_DEVEL_SANDBOX");
+}
+
 }  // namespace
 
 namespace sandbox {
@@ -177,6 +186,63 @@ bool SetuidSandboxClient::IsSandboxed() const {
   return sandboxed_;
 }
 
+// Check if CHROME_DEVEL_SANDBOX is set but empty. This currently disables
+// the setuid sandbox. TODO(jln): fix this (crbug.com/245376).
+bool SetuidSandboxClient::IsDisabledViaEnvironment() {
+  const char* devel_sandbox_path = GetDevelSandboxPath();
+  if (devel_sandbox_path && '\0' == *devel_sandbox_path) {
+    return true;
+  }
+  return false;
+}
+
+base::FilePath SetuidSandboxClient::GetSandboxBinaryPath() {
+  base::FilePath sandbox_binary;
+  base::FilePath exe_dir;
+  if (PathService::Get(base::DIR_EXE, &exe_dir)) {
+    base::FilePath sandbox_candidate = exe_dir.AppendASCII("chrome-sandbox");
+    if (base::PathExists(sandbox_candidate))
+      sandbox_binary = sandbox_candidate;
+  }
+
+  // In user-managed builds, including development builds, an environment
+  // variable is required to enable the sandbox. See
+  // http://code.google.com/p/chromium/wiki/LinuxSUIDSandboxDevelopment
+  struct stat st;
+  if (sandbox_binary.empty() && stat(base::kProcSelfExe, &st) == 0 &&
+      st.st_uid == getuid()) {
+    const char* devel_sandbox_path = GetDevelSandboxPath();
+    if (devel_sandbox_path) {
+      sandbox_binary = base::FilePath(devel_sandbox_path);
+    }
+  }
+
+  return sandbox_binary;
+}
+
+void SetuidSandboxClient::PrependWrapper(base::CommandLine* cmd_line) {
+  DCHECK(cmd_line);
+  std::string sandbox_binary(GetSandboxBinaryPath().value());
+  struct stat st;
+  if (sandbox_binary.empty() || stat(sandbox_binary.c_str(), &st) != 0) {
+    LOG(FATAL) << "The SUID sandbox helper binary is missing: "
+               << sandbox_binary << " Aborting now. See "
+                                    "https://code.google.com/p/chromium/wiki/"
+                                    "LinuxSUIDSandboxDevelopment.";
+  }
+
+  if (access(sandbox_binary.c_str(), X_OK) != 0 || (st.st_uid != 0) ||
+      ((st.st_mode & S_ISUID) == 0) || ((st.st_mode & S_IXOTH)) == 0) {
+    LOG(FATAL) << "The SUID sandbox helper binary was found, but is not "
+                  "configured correctly. Rather than run without sandboxing "
+                  "I'm aborting now. You need to make sure that "
+               << sandbox_binary << " is owned by root and has mode 4755.";
+
+  } else {
+    cmd_line->PrependWrapper(sandbox_binary);
+  }
+}
+
 void SetuidSandboxClient::SetupLaunchEnvironment() {
   SaveSUIDUnsafeEnvironmentVariables(env_);
   SetSandboxAPIEnvironmentVariable(env_);
diff --git a/sandbox/linux/suid/client/setuid_sandbox_client.h b/sandbox/linux/suid/client/setuid_sandbox_client.h
index 0f6db7a..20a9905 100644
--- a/sandbox/linux/suid/client/setuid_sandbox_client.h
+++ b/sandbox/linux/suid/client/setuid_sandbox_client.h
@@ -7,9 +7,13 @@
 
 #include "base/basictypes.h"
 #include "base/callback_forward.h"
+#include "base/files/file_path.h"
 #include "sandbox/linux/sandbox_export.h"
 
-namespace base { class Environment; }
+namespace base {
+class CommandLine;
+class Environment;
+}
 
 namespace sandbox {
 
@@ -49,6 +53,14 @@ class SANDBOX_EXPORT SetuidSandboxClient {
   // Are we done and fully sandboxed ?
   bool IsSandboxed() const;
 
+  bool IsDisabledViaEnvironment();
+  // Get the sandbox binary path. This method knows about the
+  // CHROME_DEVEL_SANDBOX environment variable used for user-managed builds. If
+  // the sandbox binary cannot be found, it will return an empty FilePath.
+  base::FilePath GetSandboxBinaryPath();
+  // Modify |cmd_line| to launch via the setuid sandbox. Crash if the setuid
+  // sandbox binary cannot be found.
+  void PrependWrapper(base::CommandLine* cmd_line);
   // Set-up the environment. This should be done prior to launching the setuid
   // helper.
   void SetupLaunchEnvironment();
diff --git a/sandbox/linux/suid/client/setuid_sandbox_client_unittest.cc b/sandbox/linux/suid/client/setuid_sandbox_client_unittest.cc
index a2cc7e8..d4f7dfe 100644
--- a/sandbox/linux/suid/client/setuid_sandbox_client_unittest.cc
+++ b/sandbox/linux/suid/client/setuid_sandbox_client_unittest.cc
@@ -89,5 +89,13 @@ TEST(SetuidSandboxClient, SandboxedClientAPI) {
   EXPECT_FALSE(sandbox_client->IsSandboxed());
 }
 
+// This test doesn't accomplish much, but will make sure that analysis tools
+// will run this codepath.
+TEST(SetuidSandboxClient, GetSandboxBinaryPath) {
+  scoped_ptr<SetuidSandboxClient> setuid_sandbox_client(
+      SetuidSandboxClient::Create());
+  ignore_result(setuid_sandbox_client->GetSandboxBinaryPath());
+}
+
 }  // namespace sandbox