diff options
-rw-r--r-- | sway/commands/ipc.c | 10 | ||||
-rw-r--r-- | sway/commands/permit.c | 39 |
2 files changed, 45 insertions, 4 deletions
diff --git a/sway/commands/ipc.c b/sway/commands/ipc.c index 8a7b849f..f0b3035a 100644 --- a/sway/commands/ipc.c +++ b/sway/commands/ipc.c | |||
@@ -1,3 +1,4 @@ | |||
1 | #define _XOPEN_SOURCE 500 | ||
1 | #include <stdio.h> | 2 | #include <stdio.h> |
2 | #include <string.h> | 3 | #include <string.h> |
3 | #include "sway/security.h" | 4 | #include "sway/security.h" |
@@ -18,8 +19,14 @@ struct cmd_results *cmd_ipc(int argc, char **argv) { | |||
18 | return error; | 19 | return error; |
19 | } | 20 | } |
20 | 21 | ||
21 | const char *program = argv[0]; | 22 | char *program = NULL; |
22 | 23 | ||
24 | if (!strcmp(argv[0], "*")) { | ||
25 | program = strdup(argv[0]); | ||
26 | } else if (!(program = resolve_path(argv[0]))) { | ||
27 | return cmd_results_new( | ||
28 | CMD_INVALID, "ipc", "Unable to resolve IPC Policy target."); | ||
29 | } | ||
23 | if (config->reading && strcmp("{", argv[1]) != 0) { | 30 | if (config->reading && strcmp("{", argv[1]) != 0) { |
24 | return cmd_results_new(CMD_INVALID, "ipc", | 31 | return cmd_results_new(CMD_INVALID, "ipc", |
25 | "Expected '{' at start of IPC config definition."); | 32 | "Expected '{' at start of IPC config definition."); |
@@ -32,6 +39,7 @@ struct cmd_results *cmd_ipc(int argc, char **argv) { | |||
32 | current_policy = alloc_ipc_policy(program); | 39 | current_policy = alloc_ipc_policy(program); |
33 | list_add(config->ipc_policies, current_policy); | 40 | list_add(config->ipc_policies, current_policy); |
34 | 41 | ||
42 | free(program); | ||
35 | return cmd_results_new(CMD_BLOCK_IPC, NULL, NULL); | 43 | return cmd_results_new(CMD_BLOCK_IPC, NULL, NULL); |
36 | } | 44 | } |
37 | 45 | ||
diff --git a/sway/commands/permit.c b/sway/commands/permit.c index c55f46d8..66fa4e2a 100644 --- a/sway/commands/permit.c +++ b/sway/commands/permit.c | |||
@@ -1,7 +1,9 @@ | |||
1 | #define _XOPEN_SOURCE 500 | ||
1 | #include <string.h> | 2 | #include <string.h> |
2 | #include "sway/commands.h" | 3 | #include "sway/commands.h" |
3 | #include "sway/config.h" | 4 | #include "sway/config.h" |
4 | #include "sway/security.h" | 5 | #include "sway/security.h" |
6 | #include "util.h" | ||
5 | #include "log.h" | 7 | #include "log.h" |
6 | 8 | ||
7 | static enum secure_feature get_features(int argc, char **argv, | 9 | static enum secure_feature get_features(int argc, char **argv, |
@@ -47,12 +49,29 @@ struct cmd_results *cmd_permit(int argc, char **argv) { | |||
47 | return error; | 49 | return error; |
48 | } | 50 | } |
49 | 51 | ||
50 | struct feature_policy *policy = get_feature_policy(argv[0]); | 52 | bool assign_perms = true; |
51 | policy->features |= get_features(argc, argv, &error); | 53 | char *program = NULL; |
52 | 54 | ||
55 | if (!strcmp(argv[0], "*")) { | ||
56 | program = strdup(argv[0]); | ||
57 | } else { | ||
58 | program = resolve_path(argv[0]); | ||
59 | } | ||
60 | if (!program) { | ||
61 | sway_assert(program, "Unable to resolve IPC permit target '%s'." | ||
62 | " will issue empty policy", argv[0]); | ||
63 | assign_perms = false; | ||
64 | program = strdup(argv[0]); | ||
65 | } | ||
66 | |||
67 | struct feature_policy *policy = get_feature_policy(program); | ||
68 | if (assign_perms) { | ||
69 | policy->features |= get_features(argc, argv, &error); | ||
70 | } | ||
53 | sway_log(L_DEBUG, "Permissions granted to %s for features %d", | 71 | sway_log(L_DEBUG, "Permissions granted to %s for features %d", |
54 | policy->program, policy->features); | 72 | policy->program, policy->features); |
55 | 73 | ||
74 | free(program); | ||
56 | return cmd_results_new(CMD_SUCCESS, NULL, NULL); | 75 | return cmd_results_new(CMD_SUCCESS, NULL, NULL); |
57 | } | 76 | } |
58 | 77 | ||
@@ -65,11 +84,25 @@ struct cmd_results *cmd_reject(int argc, char **argv) { | |||
65 | return error; | 84 | return error; |
66 | } | 85 | } |
67 | 86 | ||
68 | struct feature_policy *policy = get_feature_policy(argv[0]); | 87 | char *program = NULL; |
88 | if (!strcmp(argv[0], "*")) { | ||
89 | program = strdup(argv[0]); | ||
90 | } else { | ||
91 | program = resolve_path(argv[0]); | ||
92 | } | ||
93 | if (!program) { | ||
94 | // Punt | ||
95 | sway_log(L_INFO, "Unable to resolve IPC reject target '%s'." | ||
96 | " Will use provided path", argv[0]); | ||
97 | program = strdup(argv[0]); | ||
98 | } | ||
99 | |||
100 | struct feature_policy *policy = get_feature_policy(program); | ||
69 | policy->features &= ~get_features(argc, argv, &error); | 101 | policy->features &= ~get_features(argc, argv, &error); |
70 | 102 | ||
71 | sway_log(L_DEBUG, "Permissions granted to %s for features %d", | 103 | sway_log(L_DEBUG, "Permissions granted to %s for features %d", |
72 | policy->program, policy->features); | 104 | policy->program, policy->features); |
73 | 105 | ||
106 | free(program); | ||
74 | return cmd_results_new(CMD_SUCCESS, NULL, NULL); | 107 | return cmd_results_new(CMD_SUCCESS, NULL, NULL); |
75 | } | 108 | } |