fedir/ICFS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
130 Commits 9 Branches 0 Tags
Commit Graph

65 Commits

Author SHA1 Message Date
fedir
b550c93884
Fixed arbitrary permission order 2025-05-20 11:07:28 +02:00
fedir
a7e5d7d92d
Fixed undefined order of permissions 2025-05-20 10:50:58 +02:00
fedir
8e1c325f98
Added mutex to permissions checks to avoid inconsistent permission checking 2025-05-20 09:59:18 +02:00
fedir
754a26884c
Changed realpath to readlink 
/proc/pid/exe already seems to be a link to the absolute path to the
executable. This fixes bugs related to containerised applications.
 2025-05-20 09:57:59 +02:00
fedir
2f82ab63ac
Fixed undefined permission check errors 2025-05-20 09:24:07 +02:00
fedir
90d94c7615
Fixed SQL injection 
Fixed an emabarassignly obvious SQL injection bug by throwing
`sqlite3_exec` away.
 2025-05-19 21:18:19 +02:00
fedir
e4dbc5becc
Fixed wrong pid bug 
The issue was that the thread ID wasn't factored in. A presumption was,
that FUSE already returned the PID, not TID. The issue was fixed by
implementing a function that translates the TID to PID.
 2025-05-14 20:37:32 +02:00
fedir
c8f19fe30d
Fixed invalid pi bug 2025-05-13 17:59:32 +02:00
fedir
4febeb7a82
Added a logfile 2025-05-13 17:59:00 +02:00
fedir
c7ec5819c6
Fixed typos 2025-05-08 10:16:02 +02:00
fedir
31f6cc6ab8
Added missing license headers 2025-05-07 16:06:19 +02:00
fedir
d4a2cb3749
Fixed garbage collector being inactive 2025-05-07 15:55:47 +02:00
fedir
bd4cedf996
Added garbage collection to the temporary permission table. 2025-05-07 15:43:34 +02:00
fedir
801a7cdb39
Added temp permission globbing 2025-05-06 12:17:50 +02:00
fedir
22b091f017
Fixed empty filename bug. 2025-05-06 12:17:26 +02:00
fedir
fd2144a1f9
Added a filename check 2025-05-05 18:59:57 +02:00
fedir
420f34a7f3
Added folder globbing for permanent permissions 2025-05-05 18:53:05 +02:00
fedir
4539df9842
Fixed wrong fallback filename bug 2025-05-04 17:39:39 +02:00
fedir
e32ce5add5
Renamed all zenity mentions to dialogue 2025-05-04 17:25:47 +02:00
fedir
c4ae40c7bd
Finished the new dialogue functionality 2025-05-04 17:09:28 +02:00
fedir
ecedbbb4ce
Added DENY_TEMP access type 2025-05-04 17:05:44 +02:00
fedir
10d2988761
Added a version check for the icfs-dialogue 2025-05-04 17:05:07 +02:00
fedir
a2eeb81fed
Updated gitignore 2025-05-03 12:09:10 +02:00
fedir
3a89449c32
Added gitignore to the dialogue 2025-05-03 12:05:11 +02:00
fedir
ac1d7c1535
Renamed zenity-clone to icfs-dialogue and improved makefile 2025-05-03 12:03:54 +02:00
fedir
d367d6ffe7
Adapted the ui-socket to the new dialogue 2025-05-03 10:31:42 +02:00
fedir
82f66a1df3
Fixed inverted responses 2025-05-03 10:30:13 +02:00
fedir
8cb7721e39
Updated ui-socket to use the new dialogue 2025-05-01 20:55:05 +02:00
fedir
fe84daecfe
Removed const where it was simply wrong. 2025-05-01 20:54:39 +02:00
fedir
683da15953
Updated the cc.h version 2025-05-01 20:52:32 +02:00
fedir
5452c3d1d7
Added filename translation to the ui-socker 2025-05-01 16:17:50 +02:00
fedir
ed441b3c5f
Absolved fuse operations of responsibility for filename translation 2025-05-01 16:17:11 +02:00
fedir
48342b0d5f
Updated sourcefs header 2025-05-01 16:16:24 +02:00
fedir
31b70b6069
Added mountpoint functions to sourcefs 2025-05-01 16:16:09 +02:00
fedir
07cb76f425
Updated the dialogue 2025-05-01 16:15:00 +02:00
fedir
747077f365
Update Makefile for the zenity clone 2025-05-01 16:13:31 +02:00
fedir
ccb449ae57
Added a new dialogue 2025-04-28 10:11:50 +02:00
fedir
c4ef955ff1
Added a cleaner way of allocating the zenity command. 2025-04-15 19:02:36 +02:00
fedir
3157940c0b
add a missing header 2025-04-15 18:58:18 +02:00
fedir
92378c1cde
add exerimental deny flag in the tables 
For now, perm table does not set the thrid parameter to anything useful
 2025-04-15 18:57:57 +02:00
BritishTeapot
55fb5c54c6
Improved code readability 2025-04-14 16:46:06 +02:00
BritishTeapot
402a5d109f
Fixed incorrect executable path problem. 
Previously, process name was grabbed from `/proc/pid/cmdline`. This was
revealed to be faulty, since the path to the executable might be
relative, and thus would change the result depending on how the program
was called. Also, it made executable renaming a viable bypass of the
entire access control.

I still don't fully undestand how I managed to not think of this before
:)
 2025-04-12 18:44:20 +02:00
BritishTeapot
16b8d77fb9 Improved code readability and added database file argument. 2025-04-07 19:38:33 +02:00
BritishTeapot
aea6e94ad7 Fixed incorrect database creation flags 2025-04-02 18:56:31 +02:00
BritishTeapot
52fcb4d4e3 Fixed an arbitrary return value in temp permissions init 2025-04-02 18:49:14 +02:00
BritishTeapot
07e4ce3eb4 Added missing license headers 2025-04-01 19:56:10 +02:00
BritishTeapot
4c8092378b Added database protection with setuid. 
Added the initial support for the database protection with the setuid
mechanism. In the beginning the program creates(or opens) the database
as a special user, and then switches to the real uid and functions
normally.
 2025-04-01 19:34:15 +02:00
BritishTeapot
40ca81d744 Updated header function description for interactive_access 2025-03-31 14:36:26 +02:00
BritishTeapot
d4e86c8620 Reorgised the code 2025-03-31 14:33:43 +02:00
BritishTeapot
845c264989 Removed unnecessary include 2025-03-31 13:32:10 +02:00