Mac: block ability to stat arbitrary files in the Sandbox.
This change removes the ability to stat any file on disk and instead only allows stating files to which we have read access.
The complication with removing the ability to stat an arbitrary path is that without extra work you get into a situation where you can stat a leaf directory, but not it's parent. e.g. stat("/foo/bar") succeeds while stat("/foo") fails with errno == EPERM.
The only place we currently run into this is the utility process where the file system is off limits except for one directory.
This causes problems in 2 places:
1) DirectoryExists() works it's way from / down to the leaf directory stating each directory as it goes.
2) The extension installation code calls realpath() which fails if it can't stat parent directories.
The fix for the above is to explictly allow stating parent directories. We achieve this in the sandbox code by adding a function which generates the appropriate sandbox syntax.
This CL also contains unit tests for the above functionality and re-enables it [bug 56765, the underlying issue appears to be unrelated to the test and previously fixed].
BUG=42989, 56765
TEST=Chrome should continue to render web pages correctly, installing extensions and themes should continue to work on OS X.
Review URL: http://codereview.chromium.org/4044002
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@63884 0039d316-1c4b-4281-b951-d872f2087c98
5 files changed
