Commit f236deb7 authored by Micah Morton's avatar Micah Morton Committed by Commit Bot

Mount filesystems with 'nosymfollow' flag if enabled

This change causes the cros-disks mount operation to be called with the
'nosymfollow' mount option if the FsNosymfollow Chrome flag is enabled.

R=stevenjb@chromium.org

Bug: 867807
Change-Id: I394a8c536b77146a0f2fe15c5fafda985f9a44a4
Reviewed-on: https://chromium-review.googlesource.com/c/1344933Reviewed-by: default avatarToni Baržić <tbarzic@chromium.org>
Reviewed-by: default avatarSteven Bennetts <stevenjb@chromium.org>
Commit-Queue: Micah Morton <mortonm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#610913}
parent 3953a3f0
......@@ -4346,7 +4346,7 @@ const FeatureEntry kFeatureEntries[] = {
FEATURE_VALUE_TYPE(features::kShillSandboxing)},
{"enable-fs-nosymfollow", flag_descriptions::kFsNosymfollowName,
flag_descriptions::kFsNosymfollowDescription, kOsCrOS,
FEATURE_VALUE_TYPE(features::kFsNosymfollow)},
FEATURE_VALUE_TYPE(chromeos::features::kFsNosymfollow)},
{"enable-arc-unified-audio-focus",
flag_descriptions::kEnableArcUnifiedAudioFocusName,
flag_descriptions::kEnableArcUnifiedAudioFocusDescription, kOsCrOS,
......
......@@ -49,14 +49,6 @@ void ChromeFeaturesServiceProvider::Start(
weak_ptr_factory_.GetWeakPtr()),
base::BindRepeating(&ChromeFeaturesServiceProvider::OnExported,
weak_ptr_factory_.GetWeakPtr()));
exported_object->ExportMethod(
kChromeFeaturesServiceInterface,
kChromeFeaturesServiceIsFsNosymfollowEnabledMethod,
base::BindRepeating(
&ChromeFeaturesServiceProvider::IsFsNosymfollowEnabled,
weak_ptr_factory_.GetWeakPtr()),
base::BindRepeating(&ChromeFeaturesServiceProvider::OnExported,
weak_ptr_factory_.GetWeakPtr()));
}
void ChromeFeaturesServiceProvider::OnExported(
......@@ -115,14 +107,4 @@ void ChromeFeaturesServiceProvider::IsShillSandboxingEnabled(
response_sender.Run(std::move(response));
}
void ChromeFeaturesServiceProvider::IsFsNosymfollowEnabled(
dbus::MethodCall* method_call,
dbus::ExportedObject::ResponseSender response_sender) {
std::unique_ptr<dbus::Response> response =
dbus::Response::FromMethodCall(method_call);
dbus::MessageWriter writer(response.get());
writer.AppendBool(base::FeatureList::IsEnabled(features::kFsNosymfollow));
response_sender.Run(std::move(response));
}
} // namespace chromeos
......@@ -51,9 +51,6 @@ class ChromeFeaturesServiceProvider
void IsShillSandboxingEnabled(
dbus::MethodCall* method_call,
dbus::ExportedObject::ResponseSender response_sender);
void IsFsNosymfollowEnabled(
dbus::MethodCall* method_call,
dbus::ExportedObject::ResponseSender response_sender);
// Keep this last so that all weak pointers will be invalidated at the
// beginning of destruction.
......
......@@ -652,9 +652,6 @@ const base::Feature kUsbguard{"USBGuard", base::FEATURE_DISABLED_BY_DEFAULT};
const base::Feature kShillSandboxing{"ShillSandboxing",
base::FEATURE_ENABLED_BY_DEFAULT};
// Enable restriction of symlink traversal on user-supplied filesystems.
const base::Feature kFsNosymfollow{"FsNosymfollow",
base::FEATURE_DISABLED_BY_DEFAULT};
#endif // defined(OS_CHROMEOS)
// Enable showing a tab-modal dialog while a Web Authentication API request is
......
......@@ -434,8 +434,6 @@ extern const base::Feature kMachineLearningService;
COMPONENT_EXPORT(CHROME_FEATURES) extern const base::Feature kUsbguard;
COMPONENT_EXPORT(CHROME_FEATURES) extern const base::Feature kShillSandboxing;
COMPONENT_EXPORT(CHROME_FEATURES) extern const base::Feature kFsNosymfollow;
#endif // defined(OS_CHROMEOS)
COMPONENT_EXPORT(CHROME_FEATURES)
......
......@@ -55,6 +55,10 @@ const base::Feature kEnableUnifiedMultiDeviceSettings{
const base::Feature kEnableUnifiedMultiDeviceSetup{
"EnableUnifiedMultiDeviceSetup", base::FEATURE_ENABLED_BY_DEFAULT};
// Enable restriction of symlink traversal on user-supplied filesystems.
const base::Feature kFsNosymfollow{"FsNosymfollow",
base::FEATURE_DISABLED_BY_DEFAULT};
// TODO(https://crbug.com/837156): Add this feature to chrome://flags.
// If enabled, allows the qualified IME extension to connect to IME service.
const base::Feature kImeServiceConnectable{"ImeServiceConnectable",
......
......@@ -26,6 +26,7 @@ CHROMEOS_EXPORT extern const base::Feature kDriveFs;
CHROMEOS_EXPORT extern const base::Feature kMyFilesVolume;
CHROMEOS_EXPORT extern const base::Feature kEnableUnifiedMultiDeviceSettings;
CHROMEOS_EXPORT extern const base::Feature kEnableUnifiedMultiDeviceSetup;
CHROMEOS_EXPORT extern const base::Feature kFsNosymfollow;
CHROMEOS_EXPORT extern const base::Feature kImeServiceConnectable;
CHROMEOS_EXPORT extern const base::Feature kInstantTethering;
CHROMEOS_EXPORT extern const base::Feature kMultiDeviceApi;
......
......@@ -25,6 +25,7 @@
#include "base/task_runner_util.h"
#include "base/time/time.h"
#include "base/values.h"
#include "chromeos/chromeos_features.h"
#include "chromeos/dbus/fake_cros_disks_client.h"
#include "dbus/bus.h"
#include "dbus/message.h"
......@@ -170,6 +171,8 @@ class CrosDisksClientImpl : public CrosDisksClient {
writer.AppendString(source_format);
std::vector<std::string> options =
ComposeMountOptions(mount_options, mount_label, access_mode, remount);
if (base::FeatureList::IsEnabled(chromeos::features::kFsNosymfollow))
options.push_back("nosymfollow");
writer.AppendArrayOfStrings(options);
proxy_->CallMethod(&method_call, dbus::ObjectProxy::TIMEOUT_USE_DEFAULT,
base::BindOnce(&CrosDisksClientImpl::OnMount,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment