Skip to content
Commit 6fa69be6 authored by Daseul Lee's avatar Daseul Lee Committed by Chromium LUCI CQ
Browse files

[FSA] Check the blocklist when getting a file handle with symbolic link. 

When getting a file handle from a directory handle via `GetFile()` or `GetEntries()`, the file handle may be a symlink file that could potentially point to a blocklisted path, if the said file is created after a permission is granted to the parent directory. While this cannot happen via web API, but can only be done on a local machine directly, additional checks against symlink destination can help reduce security risks. Currently, this check is only done on non-Windows only as we are lacking Windows file util for reading a symlink path.

In addition, this change also updates the way FileSystemAccessDirectoryEntriesListener is passed; instead of a raw pointer, refcounted pointer is used, wrapped by a struct that supports `base::RefCountedDeleteOnSequence` for deleting it on the right sequence.

Bug: 1378484
Change-Id: I28ebd38b11665b9c93b829a3bfbea5b208991222
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4005144


Reviewed-by: default avatarAustin Sullivan <asully@chromium.org>
Reviewed-by: default avatarMarijn Kruisselbrink <mek@chromium.org>
Commit-Queue: Daseul Lee <dslee@chromium.org>
Reviewed-by: default avatarAvi Drissman <avi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1072312}
parent 949693fb
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment