diff options
author | Drew DeVault <sir@cmpwn.com> | 2017-02-21 05:18:42 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-02-21 05:18:42 -0500 |
commit | f68d2fb33c433d13def0921db561eb23d400683c (patch) | |
tree | cd8ec8565a63cd5b047e45b001debed16d6a2bdd /sway/commands/permit.c | |
parent | Merge pull request #1075 from zandrmartin/floating-positioning (diff) | |
parent | Update 00-defaults.in (diff) | |
download | sway-f68d2fb33c433d13def0921db561eb23d400683c.tar.gz sway-f68d2fb33c433d13def0921db561eb23d400683c.tar.zst sway-f68d2fb33c433d13def0921db561eb23d400683c.zip |
Revise IPC security configuration
Diffstat (limited to 'sway/commands/permit.c')
-rw-r--r-- | sway/commands/permit.c | 21 |
1 files changed, 4 insertions, 17 deletions
diff --git a/sway/commands/permit.c b/sway/commands/permit.c index 1b2a30bf..e2bec2e2 100644 --- a/sway/commands/permit.c +++ b/sway/commands/permit.c | |||
@@ -19,7 +19,6 @@ static enum secure_feature get_features(int argc, char **argv, | |||
19 | { "fullscreen", FEATURE_FULLSCREEN }, | 19 | { "fullscreen", FEATURE_FULLSCREEN }, |
20 | { "keyboard", FEATURE_KEYBOARD }, | 20 | { "keyboard", FEATURE_KEYBOARD }, |
21 | { "mouse", FEATURE_MOUSE }, | 21 | { "mouse", FEATURE_MOUSE }, |
22 | { "ipc", FEATURE_IPC }, | ||
23 | }; | 22 | }; |
24 | 23 | ||
25 | for (int i = 1; i < argc; ++i) { | 24 | for (int i = 1; i < argc; ++i) { |
@@ -63,19 +62,13 @@ struct cmd_results *cmd_permit(int argc, char **argv) { | |||
63 | if ((error = checkarg(argc, "permit", EXPECTED_MORE_THAN, 1))) { | 62 | if ((error = checkarg(argc, "permit", EXPECTED_MORE_THAN, 1))) { |
64 | return error; | 63 | return error; |
65 | } | 64 | } |
66 | 65 | if ((error = check_security_config())) { | |
67 | if (!current_config_path || strcmp(SYSCONFDIR "/sway/security", current_config_path) != 0) { | 66 | return error; |
68 | return cmd_results_new(CMD_INVALID, "permit", | ||
69 | "This command is only permitted to run from " SYSCONFDIR "/sway/security"); | ||
70 | } | 67 | } |
71 | 68 | ||
72 | struct feature_policy *policy = get_policy(argv[0]); | 69 | struct feature_policy *policy = get_policy(argv[0]); |
73 | policy->features |= get_features(argc, argv, &error); | 70 | policy->features |= get_features(argc, argv, &error); |
74 | 71 | ||
75 | if (error) { | ||
76 | return error; | ||
77 | } | ||
78 | |||
79 | sway_log(L_DEBUG, "Permissions granted to %s for features %d", | 72 | sway_log(L_DEBUG, "Permissions granted to %s for features %d", |
80 | policy->program, policy->features); | 73 | policy->program, policy->features); |
81 | 74 | ||
@@ -87,19 +80,13 @@ struct cmd_results *cmd_reject(int argc, char **argv) { | |||
87 | if ((error = checkarg(argc, "reject", EXPECTED_MORE_THAN, 1))) { | 80 | if ((error = checkarg(argc, "reject", EXPECTED_MORE_THAN, 1))) { |
88 | return error; | 81 | return error; |
89 | } | 82 | } |
90 | 83 | if ((error = check_security_config())) { | |
91 | if (!current_config_path || strcmp(SYSCONFDIR "/sway/security", current_config_path) != 0) { | 84 | return error; |
92 | return cmd_results_new(CMD_INVALID, "permit", | ||
93 | "This command is only permitted to run from " SYSCONFDIR "/sway/security"); | ||
94 | } | 85 | } |
95 | 86 | ||
96 | struct feature_policy *policy = get_policy(argv[0]); | 87 | struct feature_policy *policy = get_policy(argv[0]); |
97 | policy->features &= ~get_features(argc, argv, &error); | 88 | policy->features &= ~get_features(argc, argv, &error); |
98 | 89 | ||
99 | if (error) { | ||
100 | return error; | ||
101 | } | ||
102 | |||
103 | sway_log(L_DEBUG, "Permissions granted to %s for features %d", | 90 | sway_log(L_DEBUG, "Permissions granted to %s for features %d", |
104 | policy->program, policy->features); | 91 | policy->program, policy->features); |
105 | 92 | ||