[fuchsia] Fix read-write directory routes from WebInstanceHost

WebInstanceHost dynamically offers subdirectories of its own
`web_instances` directory capability to its child instances. While some
of these are read-only directories (e.g., `command-line-config`, the
directory holding the file `argv.json`), others are read-write (e.g.,
`cdm_data`, the directory to hold CDM data). WebInstanceHost's
`web_instances` directory, as the source of these subdirectories, must
have the most permissive rights of all offers from it.

Bug: b/265254244, 1280703
Change-Id: I37bb423386a43333a8db38d9557b8a1cbe69e0c8
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4176852
Auto-Submit: Greg Thompson <grt@chromium.org>
Reviewed-by: Wez <wez@chromium.org>
Commit-Queue: Wez <wez@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1093826}

This commit is contained in:

Greg Thompson

2023-01-18 13:18:29 +00:00

committed by

Chromium LUCI CQ

parent 0764fa41a2

commit b67bc8dbfd

1 changed files with 1 additions and 1 deletions

2

fuchsia_web/webinstance_host/web_instance_host.shard.cml

@@ -13,7 +13,7 @@
   capabilities: [
     {
       directory: "web_instances",
       rights: [ "r*" ],
       rights: [ "rw*" ],
       path: "/web_instances",
     },
   ],

[fuchsia] Fix read-write directory routes from WebInstanceHost

2 fuchsia_web/webinstance_host/web_instance_host.shard.cml

2

fuchsia_web/webinstance_host/web_instance_host.shard.cml