CrOS FilesApp: Comments and test to disallow sharing DriveFS .Trash with crostini

Bug: 878324 Change-Id: I2eaec453ff0555b6a77c8dd650a705f8be2d89bd Reviewed-on: https://chromium-review.googlesource.com/c/1300818Reviewed-by: Timothy Loh <timloh@chromium.org> Reviewed-by: Sam McNally <sammc@chromium.org> Commit-Queue: Joel Hockey <joelhockey@chromium.org> Cr-Commit-Position: refs/heads/master@{#603000}

CrOS FilesApp: Comments and test to disallow sharing DriveFS .Trash with crostini
Bug: 878324 Change-Id: I2eaec453ff0555b6a77c8dd650a705f8be2d89bd Reviewed-on: https://chromium-review.googlesource.com/c/1300818Reviewed-by: Timothy Loh <timloh@chromium.org> Reviewed-by: Sam McNally <sammc@chromium.org> Commit-Queue: Joel Hockey <joelhockey@chromium.org> Cr-Commit-Position: refs/heads/master@{#603000}
abe18aa1 · Joel Hockey · Commit Bot · a0a13d82 · abe18aa1 · abe18aa1
Commit abe18aa1 authored Oct 26, 2018 by Joel Hockey Committed by Commit Bot Oct 26, 2018
2 changed files
--- a/chrome/browser/chromeos/crostini/crostini_share_path.cc
+++ b/chrome/browser/chromeos/crostini/crostini_share_path.cc
@@ -75,11 +75,12 @@ void CallSeneschalSharePath(
             base::FilePath("/media/fuse")
                 .AppendRelativePath(drivefs_mount_point_path,
                                     &drivefs_mount_name)) {
-    // Allow subdirs of DriveFS.
+    // Allow subdirs of DriveFS except .Trash.
    request.set_drivefs_mount_name(drivefs_mount_name.value());
    base::FilePath root("root");
    base::FilePath team_drives("team_drives");
    base::FilePath computers("Computers");
+    base::FilePath trash(".Trash");  // Not to be shared!
    if (root == drivefs_path ||
        root.AppendRelativePath(drivefs_path, &relative_path)) {
      // My Drive and subdirs.
@@ -98,6 +99,11 @@ void CallSeneschalSharePath(
      allowed_path = true;
      request.set_storage_location(
          vm_tools::seneschal::SharePathRequest::DRIVEFS_COMPUTERS);
+    } else if (trash == drivefs_path || trash.IsParent(drivefs_path)) {
+      // Note: Do not expose .Trash which would allow linux apps to make
+      // permanent deletes from Drive.  This branch is not especially required,
+      // but is included to make it explicit that .Trash should not be shared.
+      allowed_path = false;
    }
  } else if (base::FilePath("/media/removable")
                 .AppendRelativePath(path, &relative_path)) {

--- a/chrome/browser/chromeos/crostini/crostini_share_path_unittest.cc
+++ b/chrome/browser/chromeos/crostini/crostini_share_path_unittest.cc
@@ -271,6 +271,16 @@ TEST_F(CrostiniSharePathTest, SuccessDriveFsComputers) {
  run_loop()->Run();
 }

+TEST_F(CrostiniSharePathTest, FailDriveFsTrash) {
+  SharePath(
+      profile(), "vm-running", drivefs_.Append(".Trash").Append("in-the-trash"),
+      false,
+      base::BindOnce(&CrostiniSharePathTest::SharePathCallback,
+                     base::Unretained(this), false, false, nullptr, "", false,
+                     "Path is not allowed", run_loop()->QuitClosure()));
+  run_loop()->Run();
+}
+
 TEST_F(CrostiniSharePathTest, SuccessRemovable) {
  SharePath(profile(), "vm-running", base::FilePath("/media/removable/MyUSB"),
            false,