fedir/ICFS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
88 Commits 9 Branches 0 Tags
Commit Graph

88 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
fedir
fe84daecfe
Removed const where it was simply wrong. 2025-05-01 20:54:39 +02:00
fedir
683da15953
Updated the cc.h version 2025-05-01 20:52:32 +02:00
fedir
5452c3d1d7
Added filename translation to the ui-socker 2025-05-01 16:17:50 +02:00
fedir
a1445c5423
Updated Makefile 2025-05-01 16:17:27 +02:00
fedir
ed441b3c5f
Absolved fuse operations of responsibility for filename translation 2025-05-01 16:17:11 +02:00
fedir
48342b0d5f
Updated sourcefs header 2025-05-01 16:16:24 +02:00
fedir
31b70b6069
Added mountpoint functions to sourcefs 2025-05-01 16:16:09 +02:00
fedir
07cb76f425
Updated the dialogue 2025-05-01 16:15:00 +02:00
fedir
747077f365
Update Makefile for the zenity clone 2025-05-01 16:13:31 +02:00
fedir
ccb449ae57
Added a new dialogue 2025-04-28 10:11:50 +02:00
fedir
c4ef955ff1
Added a cleaner way of allocating the zenity command. 2025-04-15 19:02:36 +02:00
fedir
3157940c0b
add a missing header 2025-04-15 18:58:18 +02:00
fedir
92378c1cde
add exerimental deny flag in the tables 
For now, perm table does not set the thrid parameter to anything useful
 2025-04-15 18:57:57 +02:00
BritishTeapot
13fd0db8a8
Added perf artifacts to gitignore 2025-04-14 16:47:40 +02:00
BritishTeapot
55fb5c54c6
Improved code readability 2025-04-14 16:46:06 +02:00
BritishTeapot
402a5d109f
Fixed incorrect executable path problem. 
Previously, process name was grabbed from `/proc/pid/cmdline`. This was
revealed to be faulty, since the path to the executable might be
relative, and thus would change the result depending on how the program
was called. Also, it made executable renaming a viable bypass of the
entire access control.

I still don't fully undestand how I managed to not think of this before
:)
 2025-04-12 18:44:20 +02:00
BritishTeapot
beec6f4a4c Changed tests to use the database file argument 2025-04-07 19:38:56 +02:00
BritishTeapot
16b8d77fb9 Improved code readability and added database file argument. 2025-04-07 19:38:33 +02:00
BritishTeapot
aea6e94ad7 Fixed incorrect database creation flags 2025-04-02 18:56:31 +02:00
BritishTeapot
52fcb4d4e3 Fixed an arbitrary return value in temp permissions init 2025-04-02 18:49:14 +02:00
fedir
badbf2ff98 Merge pull request 'setuid' (#7) from setuid into main 
Reviewed-on: #7
 2025-04-01 19:57:01 +02:00
BritishTeapot
07e4ce3eb4 Added missing license headers 2025-04-01 19:56:10 +02:00
BritishTeapot
cf2b7a280a Added a test for the database protection feature. 2025-04-01 19:52:37 +02:00
BritishTeapot
4c8092378b Added database protection with setuid. 
Added the initial support for the database protection with the setuid
mechanism. In the beginning the program creates(or opens) the database
as a special user, and then switches to the real uid and functions
normally.
 2025-04-01 19:34:15 +02:00
fedir
291ad62897 Merge pull request 'creation_permissions' (#6) from creation_permissions into main 
Reviewed-on: #6
 2025-03-31 14:37:25 +02:00
BritishTeapot
40ca81d744 Updated header function description for interactive_access 2025-03-31 14:36:26 +02:00
BritishTeapot
d4e86c8620 Reorgised the code 2025-03-31 14:33:43 +02:00
BritishTeapot
845c264989 Removed unnecessary include 2025-03-31 13:32:10 +02:00
BritishTeapot
57091bf0ce Made create to grant permissions automatically. 
Creating files grants permanent permissions to them now. This makes
sense because if a program creates a new file, then it clearly can't
steal any data. This is particularly useful for programs which open an
obscene amount of auxilary files (e.g. neovim with a huge amount of
plugins).
 2025-03-30 19:48:11 +02:00
BritishTeapot
62f3e5bde9 Added the test permanent permissions table to gitignore 2025-03-30 19:09:02 +02:00
BritishTeapot
608943d685 Added new permanent permissions tests. 2025-03-30 19:07:32 +02:00
BritishTeapot
7e111b16b7 Added permanent permissions 
Finally implemented the permanent permission tables using sqlite3. For
now, performance wasn't a consideration. There are a lot of
optimizations that could be made, like having prepared queries. The code
remains fairly untested.
 2025-03-30 19:06:57 +02:00
BritishTeapot
4ce97555e4 Fixed a testing bug 
The script was correctly opening the `truth` file by piping `echo` to
it, but then it tried to deny another operation on it. But since pipes
are opened by the script process, the permission was given to the
script. And since the permissions are preserved for the entire runtime
of a process, and child processes inherit permissions of their parents,
any command executed later would also have the necessary permissions to
open `truth` (which was the case for the second operation). Now the
second operation is performed on a different file.
 2025-03-24 17:17:33 +01:00
BritishTeapot
da37376fde Added permission checks for chmod, link, rename and chown 
Those clearly need to ask for permissions.
 2025-03-24 17:11:01 +01:00
BritishTeapot
6342de0dd3 Added tests to Makefile 2025-03-24 16:28:56 +01:00
BritishTeapot
2e21ae7b18 Deleted a useless file. 2025-03-18 16:50:53 +01:00
fedir
2d76dc6596 Merge pull request 'Temp_permission_table' (#5) from Temp_permission_table into main 
Reviewed-on: #5
 2025-03-18 15:47:08 +01:00
BritishTeapot
b705228685 Made temporary process table work! 
Temprorary permissions table now works! It needs a better way for
cleaning though.
 2025-03-18 15:45:32 +01:00
BritishTeapot
fe4b8801c0 Moved permission table logic to a separate file 2025-03-18 14:02:42 +01:00
BritishTeapot
e1846440bc Merge branch 'main' into Temp_permission_table 2025-03-18 14:00:57 +01:00
BritishTeapot
47a8845013 Wrote more tests 2025-03-18 13:58:02 +01:00
BritishTeapot
b6ce683364 WIP: Added the initial process table implementation. 
Wrote a basic process table implementation with CC's vectors and hash
maps. So far, it looks like it does not really work.
 2025-03-18 10:07:45 +01:00
BritishTeapot
70e81d64c1 Added the CC (Convenient Containers) library. 
Added the CC library for vectors and hash maps.
 2025-03-18 10:05:12 +01:00
BritishTeapot
67a148c7aa Fixed inverted access control permissions bug. 
Fixed an (admitedly quite silly) bug that caused the access control
descisions to be inverted.
 2025-03-18 10:03:32 +01:00
BritishTeapot
c59123330f Updated .gitignore 2025-03-18 09:55:20 +01:00
fedir
730d6bc27d Merge pull request 'Testing' (#4) from Testing into main 
Reviewed-on: #4
 2025-03-18 09:53:25 +01:00
BritishTeapot
66fd9ed582 Updated .gitignore to exclude test remnants. 2025-03-18 09:49:30 +01:00
BritishTeapot
64abb1ed52 Added test scrpt and a mockup of zenity 2025-03-18 09:48:05 +01:00
BritishTeapot
a65d37f3bc Added testing script 
Added the `test/test.bash` script that simulates user input with zenity.
Depends on `xdotool` (couldn't make `ydotool` to work)
 2025-03-17 11:59:59 +01:00
fedir
3b69fd43e3 Updated README.md with recent build instructions 2025-03-17 11:11:01 +01:00