Set mobileconfig to dangerous on Mac

.mobileconfig files gives powerful controls over both system settings and Chrome settings on MacOS, with a fairly straightforward installation process. So mark them as dangerous for the platform. Bug: 931775 Change-Id: I05bbecf0ffafd8d13ae25c472fb2fa47e5deb7ef Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1509134 Auto-Submit: Daniel Rubery <drubery@chromium.org> Reviewed-by: Varun Khaneja <vakh@chromium.org> Commit-Queue: Varun Khaneja <vakh@chromium.org> Cr-Commit-Position: refs/heads/master@{#638832}
qweri0p · Mar 8, 2019 · 14327ea · 14327ea
1 parent a8778e8
commit 14327ea
Show file tree

Hide file tree

Showing 3 changed files with 51 additions and 38 deletions.
diff --git a/chrome/browser/resources/safe_browsing/download_file_types.asciipb b/chrome/browser/resources/safe_browsing/download_file_types.asciipb
@@ -8,7 +8,7 @@
 ##
 ## Top level settings
 ##
-version_id: 31
+version_id: 32
 sampled_ping_probability: 0.01
 max_archived_binaries_to_report: 10
 default_file_type {
@@ -2825,6 +2825,16 @@ file_types {
   }
   inspection_type: DMG
 }
+file_types {
+  extension: "mobileconfig"
+  uma_value: 356
+  ping_setting: FULL_PING
+  platform_settings {
+    platform: PLATFORM_MAC
+    danger_level: ALLOW_ON_USER_GESTURE
+    auto_open_hint: DISALLOW_AUTO_OPEN
+  }
+}
 file_types {
   extension: "ndif"
   uma_value: 258

diff --git a/components/download/internal/common/download_stats.cc b/components/download/internal/common/download_stats.cc
@@ -401,43 +401,44 @@ constexpr const base::FilePath::CharType* kDangerousFileTypes[] = {
     FILE_PATH_LITERAL(".settingcontent-ms"),
     FILE_PATH_LITERAL(".oxt"),  // 317
     FILE_PATH_LITERAL(".pyd"),
-    FILE_PATH_LITERAL(".pyo"),      // 319
-    FILE_PATH_LITERAL(".desktop"),  // 320
-    FILE_PATH_LITERAL(".cpi"),      // 321
-    FILE_PATH_LITERAL(".jpg"),      // 322
-    FILE_PATH_LITERAL(".jpeg"),     // 323
-    FILE_PATH_LITERAL(".mp3"),      // 324
-    FILE_PATH_LITERAL(".mp4"),      // 325
-    FILE_PATH_LITERAL(".png"),      // 326
-    FILE_PATH_LITERAL(".xls"),      // 327
-    FILE_PATH_LITERAL(".doc"),      // 328
-    FILE_PATH_LITERAL(".pptx"),     // 329
-    FILE_PATH_LITERAL(".csv"),      // 330
-    FILE_PATH_LITERAL(".ica"),      // 331
-    FILE_PATH_LITERAL(".ppt"),      // 332
-    FILE_PATH_LITERAL(".gif"),      // 333
-    FILE_PATH_LITERAL(".txt"),      // 334
-    FILE_PATH_LITERAL(".package"),  // 335
-    FILE_PATH_LITERAL(".tif"),      // 336
-    FILE_PATH_LITERAL(".rtf"),      // 337
-    FILE_PATH_LITERAL(".webp"),     // 338
-    FILE_PATH_LITERAL(".mkv"),      // 339
-    FILE_PATH_LITERAL(".wav"),      // 340
-    FILE_PATH_LITERAL(".mov"),      // 341
-    FILE_PATH_LITERAL(".dot"),      // 342
-    FILE_PATH_LITERAL(".dotx"),     // 343
-    FILE_PATH_LITERAL(".xlsb"),     // 344
-    FILE_PATH_LITERAL(".xlt"),      // 345
-    FILE_PATH_LITERAL(".xlm"),      // 346
-    FILE_PATH_LITERAL(".xldm"),     // 347
-    FILE_PATH_LITERAL(".xla"),      // 348
-    FILE_PATH_LITERAL(".xlam"),     // 349
-    FILE_PATH_LITERAL(".xll"),      // 350
-    FILE_PATH_LITERAL(".xlw"),      // 351
-    FILE_PATH_LITERAL(".pot"),      // 352
-    FILE_PATH_LITERAL(".potm"),     // 353
-    FILE_PATH_LITERAL(".ppsm"),     // 354
-    FILE_PATH_LITERAL(".pps"),      // 355
+    FILE_PATH_LITERAL(".pyo"),           // 319
+    FILE_PATH_LITERAL(".desktop"),       // 320
+    FILE_PATH_LITERAL(".cpi"),           // 321
+    FILE_PATH_LITERAL(".jpg"),           // 322
+    FILE_PATH_LITERAL(".jpeg"),          // 323
+    FILE_PATH_LITERAL(".mp3"),           // 324
+    FILE_PATH_LITERAL(".mp4"),           // 325
+    FILE_PATH_LITERAL(".png"),           // 326
+    FILE_PATH_LITERAL(".xls"),           // 327
+    FILE_PATH_LITERAL(".doc"),           // 328
+    FILE_PATH_LITERAL(".pptx"),          // 329
+    FILE_PATH_LITERAL(".csv"),           // 330
+    FILE_PATH_LITERAL(".ica"),           // 331
+    FILE_PATH_LITERAL(".ppt"),           // 332
+    FILE_PATH_LITERAL(".gif"),           // 333
+    FILE_PATH_LITERAL(".txt"),           // 334
+    FILE_PATH_LITERAL(".package"),       // 335
+    FILE_PATH_LITERAL(".tif"),           // 336
+    FILE_PATH_LITERAL(".rtf"),           // 337
+    FILE_PATH_LITERAL(".webp"),          // 338
+    FILE_PATH_LITERAL(".mkv"),           // 339
+    FILE_PATH_LITERAL(".wav"),           // 340
+    FILE_PATH_LITERAL(".mov"),           // 341
+    FILE_PATH_LITERAL(".dot"),           // 342
+    FILE_PATH_LITERAL(".dotx"),          // 343
+    FILE_PATH_LITERAL(".xlsb"),          // 344
+    FILE_PATH_LITERAL(".xlt"),           // 345
+    FILE_PATH_LITERAL(".xlm"),           // 346
+    FILE_PATH_LITERAL(".xldm"),          // 347
+    FILE_PATH_LITERAL(".xla"),           // 348
+    FILE_PATH_LITERAL(".xlam"),          // 349
+    FILE_PATH_LITERAL(".xll"),           // 350
+    FILE_PATH_LITERAL(".xlw"),           // 351
+    FILE_PATH_LITERAL(".pot"),           // 352
+    FILE_PATH_LITERAL(".potm"),          // 353
+    FILE_PATH_LITERAL(".ppsm"),          // 354
+    FILE_PATH_LITERAL(".pps"),           // 355
+    FILE_PATH_LITERAL(".mobileconfig"),  // 356
     // NOTE! When you add a type here, please add the UMA value as a comment.
     // These must all match DownloadItem.DangerousFileType in
     // enums.xml. From 263 onward, they should also match

diff --git a/tools/metrics/histograms/enums.xml b/tools/metrics/histograms/enums.xml
@@ -13141,6 +13141,7 @@ Called by update_net_error_codes.py.-->
   <int value="353" label="potm"/>
   <int value="354" label="ppsm"/>
   <int value="355" label="pps"/>
+  <int value="356" label="mobileconfig"/>
 </enum>
 
 <enum name="DownloadItem.DangerType">
@@ -47880,6 +47881,7 @@ Called by update_net_trust_anchors.py.-->
   <int value="353" label="POTM"/>
   <int value="354" label="PPSM"/>
   <int value="355" label="PPS"/>
+  <int value="356" label="MOBILECONFIG"/>
 </enum>
 
 <enum name="SBClientDownloadIsSignedBinary">