aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--sway/commands/ipc.c10
-rw-r--r--sway/commands/permit.c39
2 files changed, 45 insertions, 4 deletions
diff --git a/sway/commands/ipc.c b/sway/commands/ipc.c
index 8a7b849..f0b3035 100644
--- a/sway/commands/ipc.c
+++ b/sway/commands/ipc.c
@@ -1,3 +1,4 @@
+#define _XOPEN_SOURCE 500
#include <stdio.h>
#include <string.h>
#include "sway/security.h"
@@ -18,8 +19,14 @@ struct cmd_results *cmd_ipc(int argc, char **argv) {
return error;
}
- const char *program = argv[0];
+ char *program = NULL;
+ if (!strcmp(argv[0], "*")) {
+ program = strdup(argv[0]);
+ } else if (!(program = resolve_path(argv[0]))) {
+ return cmd_results_new(
+ CMD_INVALID, "ipc", "Unable to resolve IPC Policy target.");
+ }
if (config->reading && strcmp("{", argv[1]) != 0) {
return cmd_results_new(CMD_INVALID, "ipc",
"Expected '{' at start of IPC config definition.");
@@ -32,6 +39,7 @@ struct cmd_results *cmd_ipc(int argc, char **argv) {
current_policy = alloc_ipc_policy(program);
list_add(config->ipc_policies, current_policy);
+ free(program);
return cmd_results_new(CMD_BLOCK_IPC, NULL, NULL);
}
diff --git a/sway/commands/permit.c b/sway/commands/permit.c
index c55f46d..66fa4e2 100644
--- a/sway/commands/permit.c
+++ b/sway/commands/permit.c
@@ -1,7 +1,9 @@
+#define _XOPEN_SOURCE 500
#include <string.h>
#include "sway/commands.h"
#include "sway/config.h"
#include "sway/security.h"
+#include "util.h"
#include "log.h"
static enum secure_feature get_features(int argc, char **argv,
@@ -47,12 +49,29 @@ struct cmd_results *cmd_permit(int argc, char **argv) {
return error;
}
- struct feature_policy *policy = get_feature_policy(argv[0]);
- policy->features |= get_features(argc, argv, &error);
+ bool assign_perms = true;
+ char *program = NULL;
+ if (!strcmp(argv[0], "*")) {
+ program = strdup(argv[0]);
+ } else {
+ program = resolve_path(argv[0]);
+ }
+ if (!program) {
+ sway_assert(program, "Unable to resolve IPC permit target '%s'."
+ " will issue empty policy", argv[0]);
+ assign_perms = false;
+ program = strdup(argv[0]);
+ }
+
+ struct feature_policy *policy = get_feature_policy(program);
+ if (assign_perms) {
+ policy->features |= get_features(argc, argv, &error);
+ }
sway_log(L_DEBUG, "Permissions granted to %s for features %d",
policy->program, policy->features);
+ free(program);
return cmd_results_new(CMD_SUCCESS, NULL, NULL);
}
@@ -65,11 +84,25 @@ struct cmd_results *cmd_reject(int argc, char **argv) {
return error;
}
- struct feature_policy *policy = get_feature_policy(argv[0]);
+ char *program = NULL;
+ if (!strcmp(argv[0], "*")) {
+ program = strdup(argv[0]);
+ } else {
+ program = resolve_path(argv[0]);
+ }
+ if (!program) {
+ // Punt
+ sway_log(L_INFO, "Unable to resolve IPC reject target '%s'."
+ " Will use provided path", argv[0]);
+ program = strdup(argv[0]);
+ }
+
+ struct feature_policy *policy = get_feature_policy(program);
policy->features &= ~get_features(argc, argv, &error);
sway_log(L_DEBUG, "Permissions granted to %s for features %d",
policy->program, policy->features);
+ free(program);
return cmd_results_new(CMD_SUCCESS, NULL, NULL);
}