diff options
-rw-r--r-- | sway/main.c | 47 |
1 files changed, 38 insertions, 9 deletions
diff --git a/sway/main.c b/sway/main.c index a6721fba..d396089c 100644 --- a/sway/main.c +++ b/sway/main.c | |||
@@ -12,6 +12,7 @@ | |||
12 | #include "sway/extensions.h" | 12 | #include "sway/extensions.h" |
13 | #include "sway/layout.h" | 13 | #include "sway/layout.h" |
14 | #include "sway/config.h" | 14 | #include "sway/config.h" |
15 | #include "sway/security.h" | ||
15 | #include "sway/handlers.h" | 16 | #include "sway/handlers.h" |
16 | #include "sway/input.h" | 17 | #include "sway/input.h" |
17 | #include "sway/ipc-server.h" | 18 | #include "sway/ipc-server.h" |
@@ -151,17 +152,44 @@ static void security_sanity_check() { | |||
151 | "!! DANGER !! /proc is not available - sway CANNOT enforce security rules!"); | 152 | "!! DANGER !! /proc is not available - sway CANNOT enforce security rules!"); |
152 | } | 153 | } |
153 | if (!stat(SYSCONFDIR "/sway", &s)) { | 154 | if (!stat(SYSCONFDIR "/sway", &s)) { |
154 | if (s.st_uid != 0 || s.st_gid != 0 || s.st_mode != 00755) { | 155 | if (s.st_uid != 0 || s.st_gid != 0 |
156 | || (s.st_mode & S_IWGRP) || (s.st_mode & S_IWOTH)) { | ||
155 | sway_log(L_ERROR, | 157 | sway_log(L_ERROR, |
156 | "!! DANGER !! " SYSCONFDIR "/sway is not secure! It should be owned by root and set to 0755"); | 158 | "!! DANGER !! " SYSCONFDIR "/sway is not secure! It should be owned by root and set to 0755 at the minimum"); |
159 | } | ||
160 | } | ||
161 | struct { | ||
162 | char *command; | ||
163 | enum command_context context; | ||
164 | bool checked; | ||
165 | } expected[] = { | ||
166 | { "reload", CONTEXT_BINDING, false }, | ||
167 | { "restart", CONTEXT_BINDING, false }, | ||
168 | { "permit", CONTEXT_CONFIG, false }, | ||
169 | { "reject", CONTEXT_CONFIG, false }, | ||
170 | { "ipc", CONTEXT_CONFIG, false }, | ||
171 | }; | ||
172 | int expected_len = 5; | ||
173 | for (int i = 0; i < config->command_policies->length; ++i) { | ||
174 | struct command_policy *policy = config->command_policies->items[i]; | ||
175 | for (int j = 0; j < expected_len; ++j) { | ||
176 | if (strcmp(expected[j].command, policy->command) == 0) { | ||
177 | expected[j].checked = true; | ||
178 | if (expected[j].context != policy->context) { | ||
179 | sway_log(L_ERROR, | ||
180 | "!! DANGER !! Command security policy for %s should be set to %s", | ||
181 | expected[j].command, command_policy_str(expected[j].context)); | ||
182 | } | ||
183 | } | ||
184 | } | ||
185 | } | ||
186 | for (int j = 0; j < expected_len; ++j) { | ||
187 | if (!expected[j].checked) { | ||
188 | sway_log(L_ERROR, | ||
189 | "!! DANGER !! Command security policy for %s should be set to %s", | ||
190 | expected[j].command, command_policy_str(expected[j].context)); | ||
157 | } | 191 | } |
158 | } | 192 | } |
159 | // TODO: check that these command policies are set | ||
160 | // reload bindsym | ||
161 | // restart bindsym | ||
162 | // permit config | ||
163 | // reject config | ||
164 | // ipc config | ||
165 | } | 193 | } |
166 | 194 | ||
167 | int main(int argc, char **argv) { | 195 | int main(int argc, char **argv) { |
@@ -278,7 +306,6 @@ int main(int argc, char **argv) { | |||
278 | } | 306 | } |
279 | wlc_log_set_handler(wlc_log_handler); | 307 | wlc_log_set_handler(wlc_log_handler); |
280 | detect_proprietary(); | 308 | detect_proprietary(); |
281 | security_sanity_check(); | ||
282 | 309 | ||
283 | input_devices = create_list(); | 310 | input_devices = create_list(); |
284 | 311 | ||
@@ -321,6 +348,8 @@ int main(int argc, char **argv) { | |||
321 | free(config_path); | 348 | free(config_path); |
322 | } | 349 | } |
323 | 350 | ||
351 | security_sanity_check(); | ||
352 | |||
324 | if (!terminate_request) { | 353 | if (!terminate_request) { |
325 | wlc_run(); | 354 | wlc_run(); |
326 | } | 355 | } |