diff options
author | Kartik K. Agaram <vc@akkartik.com> | 2022-03-03 22:28:01 -0800 |
---|---|---|
committer | Kartik K. Agaram <vc@akkartik.com> | 2022-03-03 22:28:01 -0800 |
commit | 2cfdad33811472603e97127155ea77ef748bc49c (patch) | |
tree | cb190f83da87cf17f68a53a09923e4f43373324e /src/teliva.c | |
parent | 9722f44a94d0cbaee883e796dd3b74a52c63f8fb (diff) | |
download | teliva-2cfdad33811472603e97127155ea77ef748bc49c.tar.gz |
simplify permissions model for file operations
We don't care to distinguish modes like "rw" or "a+". An app is permitted to perform either just reads or both reads and writes.
Diffstat (limited to 'src/teliva.c')
-rw-r--r-- | src/teliva.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/teliva.c b/src/teliva.c index e739f4f..90da6f1 100644 --- a/src/teliva.c +++ b/src/teliva.c @@ -1313,7 +1313,7 @@ int file_operation_permitted(const char* caller, const char* filename, const cha lua_getglobal(trustedL, "file_operation_permitted"); lua_pushstring(trustedL, caller); lua_pushstring(trustedL, filename); - lua_pushstring(trustedL, mode); + lua_pushboolean(trustedL, strncmp(mode, "r", /*strlen("r") + 1 for NULL*/ 2) != 0); if (lua_pcall(trustedL, 3 /*args*/, 1 /*result*/, /*errfunc*/0)) { /* TODO: error handling. Or should we use errfunc above? */ } @@ -1403,7 +1403,7 @@ static void render_permissions_screen() { attrset(A_NORMAL); mvaddstr(7, 5, "File operations"); - mvaddstr(7, 30, "function file_operation_permitted(caller, filename, mode)"); + mvaddstr(7, 30, "function file_operation_permitted(caller, filename, is_write)"); int y = render_wrapped_text(8, 32, COLS-5, file_operations_predicate_body); mvaddstr(y, 30, "end"); y++; @@ -1488,7 +1488,7 @@ int validate_file_operations_predicate() { static int load_file_operations_predicate(const char* body) { char buffer[1024] = {0}; - strcpy(buffer, "function file_operation_permitted(caller, filename, mode)\n"); + strcpy(buffer, "function file_operation_permitted(caller, filename, is_write)\n"); strncat(buffer, body, 1020); if (buffer[strlen(buffer)-1] != '\n') strncat(buffer, "\n", 1020); |