diff options
Diffstat (limited to 'sway/commands/permit.c')
-rw-r--r-- | sway/commands/permit.c | 108 |
1 files changed, 0 insertions, 108 deletions
diff --git a/sway/commands/permit.c b/sway/commands/permit.c deleted file mode 100644 index 7a5e06f7..00000000 --- a/sway/commands/permit.c +++ /dev/null | |||
@@ -1,108 +0,0 @@ | |||
1 | #define _XOPEN_SOURCE 500 | ||
2 | #include <string.h> | ||
3 | #include "sway/commands.h" | ||
4 | #include "sway/config.h" | ||
5 | #include "sway/security.h" | ||
6 | #include "util.h" | ||
7 | #include "log.h" | ||
8 | |||
9 | static enum secure_feature get_features(int argc, char **argv, | ||
10 | struct cmd_results **error) { | ||
11 | enum secure_feature features = 0; | ||
12 | |||
13 | struct { | ||
14 | char *name; | ||
15 | enum secure_feature feature; | ||
16 | } feature_names[] = { | ||
17 | { "lock", FEATURE_LOCK }, | ||
18 | { "panel", FEATURE_PANEL }, | ||
19 | { "background", FEATURE_BACKGROUND }, | ||
20 | { "screenshot", FEATURE_SCREENSHOT }, | ||
21 | { "fullscreen", FEATURE_FULLSCREEN }, | ||
22 | { "keyboard", FEATURE_KEYBOARD }, | ||
23 | { "mouse", FEATURE_MOUSE }, | ||
24 | }; | ||
25 | |||
26 | for (int i = 1; i < argc; ++i) { | ||
27 | size_t j; | ||
28 | for (j = 0; j < sizeof(feature_names) / sizeof(feature_names[0]); ++j) { | ||
29 | if (strcmp(feature_names[j].name, argv[i]) == 0) { | ||
30 | break; | ||
31 | } | ||
32 | } | ||
33 | if (j == sizeof(feature_names) / sizeof(feature_names[0])) { | ||
34 | *error = cmd_results_new(CMD_INVALID, | ||
35 | "permit", "Invalid feature grant %s", argv[i]); | ||
36 | return 0; | ||
37 | } | ||
38 | features |= feature_names[j].feature; | ||
39 | } | ||
40 | return features; | ||
41 | } | ||
42 | |||
43 | struct cmd_results *cmd_permit(int argc, char **argv) { | ||
44 | struct cmd_results *error = NULL; | ||
45 | if ((error = checkarg(argc, "permit", EXPECTED_MORE_THAN, 1))) { | ||
46 | return error; | ||
47 | } | ||
48 | if ((error = check_security_config())) { | ||
49 | return error; | ||
50 | } | ||
51 | |||
52 | bool assign_perms = true; | ||
53 | char *program = NULL; | ||
54 | |||
55 | if (!strcmp(argv[0], "*")) { | ||
56 | program = strdup(argv[0]); | ||
57 | } else { | ||
58 | program = resolve_path(argv[0]); | ||
59 | } | ||
60 | if (!program) { | ||
61 | sway_assert(program, "Unable to resolve IPC permit target '%s'." | ||
62 | " will issue empty policy", argv[0]); | ||
63 | assign_perms = false; | ||
64 | program = strdup(argv[0]); | ||
65 | } | ||
66 | |||
67 | struct feature_policy *policy = get_feature_policy(program); | ||
68 | if (policy && assign_perms) { | ||
69 | policy->features |= get_features(argc, argv, &error); | ||
70 | sway_log(L_DEBUG, "Permissions granted to %s for features %d", | ||
71 | policy->program, policy->features); | ||
72 | } | ||
73 | |||
74 | free(program); | ||
75 | return cmd_results_new(CMD_SUCCESS, NULL, NULL); | ||
76 | } | ||
77 | |||
78 | struct cmd_results *cmd_reject(int argc, char **argv) { | ||
79 | struct cmd_results *error = NULL; | ||
80 | if ((error = checkarg(argc, "reject", EXPECTED_MORE_THAN, 1))) { | ||
81 | return error; | ||
82 | } | ||
83 | if ((error = check_security_config())) { | ||
84 | return error; | ||
85 | } | ||
86 | |||
87 | char *program = NULL; | ||
88 | if (!strcmp(argv[0], "*")) { | ||
89 | program = strdup(argv[0]); | ||
90 | } else { | ||
91 | program = resolve_path(argv[0]); | ||
92 | } | ||
93 | if (!program) { | ||
94 | // Punt | ||
95 | sway_log(L_INFO, "Unable to resolve IPC reject target '%s'." | ||
96 | " Will use provided path", argv[0]); | ||
97 | program = strdup(argv[0]); | ||
98 | } | ||
99 | |||
100 | struct feature_policy *policy = get_feature_policy(program); | ||
101 | policy->features &= ~get_features(argc, argv, &error); | ||
102 | |||
103 | sway_log(L_DEBUG, "Permissions granted to %s for features %d", | ||
104 | policy->program, policy->features); | ||
105 | |||
106 | free(program); | ||
107 | return cmd_results_new(CMD_SUCCESS, NULL, NULL); | ||
108 | } | ||