[go: nahoru, domu]
Google Git
Sign in
chromium / chromium / src / 8ec3fbec285daa194f6397b998b4c4bc0c1b2a37^! / . / ipc / ipc_channel.h
commit8ec3fbec285daa194f6397b998b4c4bc0c1b2a37[log] [tgz]
authorwez@chromium.org <wez@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>Wed Apr 06 12:01:44 2011
committerwez@chromium.org <wez@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>Wed Apr 06 12:01:44 2011
tree8e0d6acc844cf4780ae36435f56bbef69d35c043
parentffc44870db7ad9b179b27644c497e813221888e0 [diff] [blame]
Revert 80604 - Revert 80602 - Limit access to named IPC channels with SO_PEERCRED, not file permissions.BUG=TEST=Run Chrome & configure a service, to get the service process to start.  Close Chrome and run a copy as a different user, but from the same user-data-dir.  New Chrome should not be able to communicate with the service process.Review URL: http://codereview.chromium.org/6631002TBR=wez@chromium.orgReview URL: http://codereview.chromium.org/6806006
TBR=wez@chromium.org
Review URL: http://codereview.chromium.org/6806007

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@80606 0039d316-1c4b-4281-b951-d872f2087c98

diff --git a/ipc/ipc_channel.h b/ipc/ipc_channel.h
index 91d9f2b2..1550d49 100644
--- a/ipc/ipc_channel.h
+++ b/ipc/ipc_channel.h

@@ -1,4 +1,4 @@
-// Copyright (c) 2010 The Chromium Authors. All rights reserved.
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
@@ -67,7 +67,10 @@
     MODE_NO_FLAG = 0x0,
     MODE_SERVER_FLAG = 0x1,
     MODE_CLIENT_FLAG = 0x2,
-    MODE_NAMED_FLAG = 0x4
+    MODE_NAMED_FLAG = 0x4,
+#if defined(OS_POSIX)
+    MODE_OPEN_ACCESS_FLAG = 0x8, // Don't restrict access based on client UID.
+#endif
   };
 
   // Some Standard Modes
@@ -82,6 +85,13 @@
     // MODE_NAMED_CLIENT is equivalent to MODE_CLIENT.
     MODE_NAMED_SERVER = MODE_SERVER_FLAG | MODE_NAMED_FLAG,
     MODE_NAMED_CLIENT = MODE_CLIENT_FLAG | MODE_NAMED_FLAG,
+#if defined(OS_POSIX)
+    // An "open" named server accepts connections from ANY client.
+    // The caller must then implement their own access-control based on the
+    // client process' user Id.
+    MODE_OPEN_NAMED_SERVER = MODE_OPEN_ACCESS_FLAG | MODE_SERVER_FLAG |
+                             MODE_NAMED_FLAG
+#endif
   };
 
   enum {
@@ -152,10 +162,14 @@
   // currently connected.
   bool HasAcceptedConnection() const;
 
+  // Returns true if the peer process' effective user id can be determined, in
+  // which case the supplied client_euid is updated with it.
+  bool GetClientEuid(uid_t* client_euid) const;
+
   // Closes any currently connected socket, and returns to a listening state
   // for more connections.
   void ResetToAcceptingConnectionState();
-#endif  // defined(OS_POSIX)
+#endif  // defined(OS_POSIX) && !defined(OS_NACL)
 
  protected:
   // Used in Chrome by the TestSink to provide a dummy channel implementation