mirrors/sway
1
0
Fork 0
mirror of https://github.com/swaywm/sway.git synced 2025-11-07 13:29:56 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

Enforce command policies

Browse source
This commit is contained in:
Drew DeVault 2016-12-02 08:17:45 -05:00
parent f23880b1fd
commit 39cf9a82f7
6 changed files with 39 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

12
sway/commands.c
View file

@ -323,7 +323,7 @@ static struct cmd_handler *find_handler(char *line, enum cmd_status block) {
return res;
}
struct cmd_results *handle_command(char *_exec) {
struct cmd_results *handle_command(char *_exec, enum command_context context) {
// Even though this function will process multiple commands we will only
// return the last error, if any (for now). (Since we have access to an
// error string we could e.g. concatonate all errors there.)
@ -397,6 +397,16 @@ struct cmd_results *handle_command(char *_exec) {
free_argv(argc, argv);
goto cleanup;
}
if (!(get_command_policy(argv[0]) & context)) {
if (results) {
free_cmd_results(results);
}
results = cmd_results_new(CMD_INVALID, cmd,
"Permission denied for %s via %s", cmd,
command_policy_str(context));
free_argv(argc, argv);
goto cleanup;
}
struct cmd_results *res = handler->handle(argc-1, argv+1);
if (res->status != CMD_SUCCESS) {
free_argv(argc, argv);