TestBrokerPolicy.cpp (3781B)
1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ 2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */ 3 /* This Source Code Form is subject to the terms of the Mozilla Public 4 * License, v. 2.0. If a copy of the MPL was not distributed with this file, 5 * You can obtain one at http://mozilla.org/MPL/2.0/. */ 6 7 #include "gtest/gtest.h" 8 9 #include "broker/SandboxBroker.h" 10 11 namespace mozilla { 12 13 static const int MAY_ACCESS = SandboxBroker::MAY_ACCESS; 14 static const int MAY_READ = SandboxBroker::MAY_READ; 15 static const int MAY_WRITE = SandboxBroker::MAY_WRITE; 16 // static const int MAY_CREATE = SandboxBroker::MAY_CREATE; 17 // static const int RECURSIVE = SandboxBroker::RECURSIVE; 18 static const auto AddAlways = SandboxBroker::Policy::AddAlways; 19 20 TEST(SandboxBrokerPolicyLookup, Simple) 21 { 22 SandboxBroker::Policy p; 23 p.AddPath(MAY_READ, "/dev/urandom", AddAlways); 24 25 EXPECT_NE(0, p.Lookup("/dev/urandom")) << "Added path not found."; 26 EXPECT_EQ(MAY_ACCESS | MAY_READ, p.Lookup("/dev/urandom")) 27 << "Added path found with wrong perms."; 28 EXPECT_EQ(0, p.Lookup("/etc/passwd")) << "Non-added path was found."; 29 } 30 31 TEST(SandboxBrokerPolicyLookup, CopyCtor) 32 { 33 SandboxBroker::Policy psrc; 34 psrc.AddPath(MAY_READ | MAY_WRITE, "/dev/null", AddAlways); 35 SandboxBroker::Policy pdst(psrc); 36 psrc.AddPath(MAY_READ, "/dev/zero", AddAlways); 37 pdst.AddPath(MAY_READ, "/dev/urandom", AddAlways); 38 39 EXPECT_EQ(MAY_ACCESS | MAY_READ | MAY_WRITE, psrc.Lookup("/dev/null")) 40 << "Common path absent in copy source."; 41 EXPECT_EQ(MAY_ACCESS | MAY_READ | MAY_WRITE, pdst.Lookup("/dev/null")) 42 << "Common path absent in copy destination."; 43 44 EXPECT_EQ(MAY_ACCESS | MAY_READ, psrc.Lookup("/dev/zero")) 45 << "Source-only path is absent."; 46 EXPECT_EQ(0, pdst.Lookup("/dev/zero")) 47 << "Source-only path is present in copy destination."; 48 49 EXPECT_EQ(0, psrc.Lookup("/dev/urandom")) 50 << "Destination-only path is present in copy source."; 51 EXPECT_EQ(MAY_ACCESS | MAY_READ, pdst.Lookup("/dev/urandom")) 52 << "Destination-only path is absent."; 53 54 EXPECT_EQ(0, psrc.Lookup("/etc/passwd")) 55 << "Non-added path is present in copy source."; 56 EXPECT_EQ(0, pdst.Lookup("/etc/passwd")) 57 << "Non-added path is present in copy source."; 58 } 59 60 TEST(SandboxBrokerPolicyLookup, Recursive) 61 { 62 SandboxBroker::Policy psrc; 63 psrc.AddPath(MAY_READ | MAY_WRITE, "/dev/null", AddAlways); 64 psrc.AddPath(MAY_READ, "/dev/zero", AddAlways); 65 psrc.AddPath(MAY_READ, "/dev/urandom", AddAlways); 66 67 EXPECT_EQ(MAY_ACCESS | MAY_READ | MAY_WRITE, psrc.Lookup("/dev/null")) 68 << "Basic path is present."; 69 EXPECT_EQ(MAY_ACCESS | MAY_READ, psrc.Lookup("/dev/zero")) 70 << "Basic path has no extra flags"; 71 72 psrc.AddTree(MAY_READ | MAY_WRITE, "/dev/"); 73 74 EXPECT_EQ(MAY_ACCESS | MAY_READ | MAY_WRITE, psrc.Lookup("/dev/random")) 75 << "Permission via recursive dir."; 76 EXPECT_EQ(MAY_ACCESS | MAY_READ | MAY_WRITE, psrc.Lookup("/dev/sd/0")) 77 << "Permission via recursive dir, nested deeper"; 78 EXPECT_EQ(0, psrc.Lookup("/dev/sd/0/")) << "Invalid path format."; 79 EXPECT_EQ(0, psrc.Lookup("/usr/dev/sd")) << "Match must be a prefix."; 80 81 psrc.AddTree(MAY_READ, "/dev/sd/"); 82 EXPECT_EQ(MAY_ACCESS | MAY_READ | MAY_WRITE, psrc.Lookup("/dev/sd/0")) 83 << "Extra permissions from parent path granted."; 84 EXPECT_EQ(0, psrc.Lookup("/dev/..")) << "Refuse attempted subdir escape."; 85 86 psrc.AddTree(MAY_READ, "/tmp"); 87 EXPECT_EQ(MAY_ACCESS | MAY_READ, psrc.Lookup("/tmp/good/a")) 88 << "Check whether dir add with no trailing / was sucessful."; 89 EXPECT_EQ(0, psrc.Lookup("/tmp_good_but_bad")) 90 << "Enforce terminator on directories."; 91 EXPECT_EQ(0, psrc.Lookup("/tmp/.")) 92 << "Do not allow opening a directory handle."; 93 } 94 95 } // namespace mozilla