commit | f04a75acce94425f92dc9d517f92abfabccf1665 | [log] [tgz] |
---|---|---|
author | Devlin Cronin <rdevlin.cronin@chromium.org> | Wed May 16 18:34:21 2018 |
committer | Commit Bot <commit-bot@chromium.org> | Wed May 16 18:34:21 2018 |
tree | 917d3e8b9a23bb5b80ef6998af6158ead1a35416 | |
parent | e5495df1a9e81b3f87bd652929d71feb379a7a8d [diff] |
[Extensions] Properly classify privilege increase for swapping permissions Correct a bug where an extension would be improperly disabled for a privilege increase when it went from a more powerful permission to a less powerful one, if the permission messages were different. Previously, privilege escalation code would look check if there were any warning strings in the new set of permissions that were not in the old set. This failed, because a new warning (not contained in the previous set) might be less powerful. Instead, compare whether *adding* the new permissions to the already-granted permissions results in any new (or different) warnings. Consider it a permissions increase only if there is a difference. Conceptually, this is more accurate, since when an extension is updated, new permissions are added to the list of granted permissions (and any already-granted permissions are not revoked). Update the IsPrivilegeIncrease() arguments to make this slightly more clear by replacing "old_permissions" and "new_permissions" with "granted_permissions" and "requested_permissions", respectively. Add a regression test for the same. TBR=slan@chromium.org Bug: 841938 Change-Id: I41542c6813c1f4a2f0318609bd75b838eef00cb5 Reviewed-on: https://chromium-review.googlesource.com/1054607 Commit-Queue: Devlin <rdevlin.cronin@chromium.org> Reviewed-by: Stephen Lanham <slan@chromium.org> Reviewed-by: Karan Bhatia <karandeepb@chromium.org> Reviewed-by: Marc Treib <treib@chromium.org> Cr-Commit-Position: refs/heads/master@{#559201}
Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.
The project's web site is https://www.chromium.org.
Documentation in the source is rooted in docs/README.md.
Learn how to Get Around the Chromium Source Code Directory Structure .