Merge Chromium + Blink git repositories
[chromium-blink-merge.git] / sandbox / linux / suid / client / setuid_sandbox_client_unittest.cc
blob2acd8fb5fca26d108aa5c06300863f9566090595
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "sandbox/linux/suid/client/setuid_sandbox_client.h"
7 #include "base/environment.h"
8 #include "base/memory/scoped_ptr.h"
9 #include "base/strings/string_number_conversions.h"
10 #include "sandbox/linux/suid/common/sandbox.h"
11 #include "testing/gtest/include/gtest/gtest.h"
13 namespace sandbox {
15 TEST(SetuidSandboxClient, SandboxedClientAPI) {
16 scoped_ptr<base::Environment> env(base::Environment::Create());
17 EXPECT_TRUE(env != NULL);
19 scoped_ptr<SetuidSandboxClient>
20 sandbox_client(SetuidSandboxClient::Create());
21 EXPECT_TRUE(sandbox_client != NULL);
23 // Set-up a fake environment as if we went through the setuid sandbox.
24 EXPECT_TRUE(env->SetVar(kSandboxEnvironmentApiProvides,
25 base::IntToString(kSUIDSandboxApiNumber)));
26 EXPECT_TRUE(env->SetVar(kSandboxDescriptorEnvironmentVarName, "1"));
27 EXPECT_TRUE(env->SetVar(kSandboxPIDNSEnvironmentVarName, "1"));
28 EXPECT_TRUE(env->UnSetVar(kSandboxNETNSEnvironmentVarName));
30 // Check the API.
31 EXPECT_TRUE(sandbox_client->IsSuidSandboxUpToDate());
32 EXPECT_TRUE(sandbox_client->IsSuidSandboxChild());
33 EXPECT_TRUE(sandbox_client->IsInNewPIDNamespace());
34 EXPECT_FALSE(sandbox_client->IsInNewNETNamespace());
36 // Forge an incorrect API version and check.
37 EXPECT_TRUE(env->SetVar(kSandboxEnvironmentApiProvides,
38 base::IntToString(kSUIDSandboxApiNumber + 1)));
39 EXPECT_FALSE(sandbox_client->IsSuidSandboxUpToDate());
40 // We didn't go through the actual sandboxing mechanism as it is
41 // very hard in a unit test.
42 EXPECT_FALSE(sandbox_client->IsSandboxed());
45 } // namespace sandbox