Brave reading /etc/chromium/policies

[rillian]

Description

On Fedora linux systems, brave loads policy settings from /etc/chromium/policies/managed which is populated by the fedora-chromium-config package, installed by default on Fedora Workstation targets to support the project's gssapi sign-on system.

This results in a 'Your browser is managed by your organization' warning at the top of the settings page, which may be alarming for private users.

Steps to Reproduce

1. Install Fedora Workstation 35 (linux distro) on a vm
2. Add brave-browser-beta package feed
3. sudo dnf install brave-browser-beta
4. Launch brave, visit the settings page

Actual result:

"Your browser is managed by your organization" appears at the top of brave://settings.

Expected result:

Since this makes tracking easier, I would expect brave to not load this chrome/chromium-specific configuration data.

Reproduces how often:

Only tried on my current laptop, which is a pretty recent install. Removing the fedora-chromium-config package also removes the warning from within brave.

Brave version (brave://version info)

Brave 1.32.76 Chromium: 95.0.4638.54 (Official Build) beta (64-bit)
Revision d31a821ec901f68d0d34ccdbaea45b4c86ce543e-refs/branch-heads/4638@{#871}
OS Linux

Version/Channel Information:

• Can you reproduce this issue with the current release?
• Can you reproduce this issue with the beta channel? Yes
• Can you reproduce this issue with the nightly channel?

[rillian]

brave/brave-core#7277 was supposed to fix this, but it seems the override isn't working. My system doesn't have an /etc/brave tree.

[rillian]

Further testing:

• If there's an /etc/brave/policies/managed/00_gssapi.json present at startup, Brave will load that policy.
• If there's no /etc/brave present at startup, Brave will load policy from /etc/chromium instead.
• It never acts on files in /etc/opt/chrome.
• It remembers the policy directory which was preset at startup and watches it for changes, so restarting the browser is necessary to test this.

Previously I thought it was reading from /etc/opt/chrome but this is not the case. Brave only responds to /etc/chromium. Fedora installs the same policy under both paths so it applies to both their own and upstream product builds. I've updated the description with the correction.

[rillian]

I think the problem is that the override fails if the directory doesn't exist.

We call PathService::Override with /etc/brave/policies:

  base::PathService::Override(
        chrome::DIR_POLICY_FILES,
        base::FilePath(FILE_PATH_LITERAL("/etc/brave/policies")));

Which calls PathService::OverrideAndCreateIfNeeded with create=true. That returns early if the directory doesn't exist and couldn't be created:

    if (!PathExists(file_path) && !CreateDirectory(file_path))
      return false;

and the override is never inserted into the map, so subsequent calls use the original path. Since an ordinary user can't create a new /etc/brave directory, the override works if a policy is already installed there, but if not the creation attempt will always fail and the browser continues to use the /etc/chromium default.

[stephendonner]

Verified PASSED using

Brave	1.33.65 Chromium: 96.0.4664.35 (Official Build) nightly (64-bit)
Revision	8df3babf8da8faa8aacb78f4848ef66a93b4944b-refs/branch-heads/4664@{#680}
OS	Linux

on Fedora 35 Workstation

1.33.65	1.32.91

Confirmed there's no longer the Your browser is managed by your organization message at the top of brave://settings

Reproduced the issue using

Brave	1.32.91 Chromium: 95.0.4638.69 (Official Build) beta (64-bit)
Revision	6a1600ed572fedecd573b6c2b90a22fe6392a410-refs/branch-heads/4638@{#984}
OS	Linux