Updated gitignore

.gitignore

@@ -2,13 +2,13 @@ build/*
 .clang-tidy
 .cache
 test/protected/*
-test/.pt.db
-*compile_commands.json
 test/perf*
 test/callgraph*
 test/openers
 test/opener/opener
 test/opener/opener.o
+test/.*
+*compile_commands.json
 src/gui/ui/*
 src/gui/*.o
 src/gui/icfs_dialogue

src/temp_permissions_table.c

@@ -12,7 +12,9 @@
 #include "proc_operations.h"
 #include "process_info.h"
 #include <pthread.h>
+#include <stddef.h>
 #include <stdio.h>
+#include <string.h>
 #include <sys/types.h>
 
 struct temp_process_permissions {
@@ -127,14 +129,23 @@ access_t check_temp_access_noparent(const char *filename, pid_t pid) {
     if (process_creation_time == permission_entry->creation_time) {
       // the process is the same as the one that was granted temporary access
       // to the file
+      size_t filename_len = strlen(filename);
       for_each(&permission_entry->denied_files, denied_file) {
-        if (strncmp(*denied_file, filename, strlen(filename)) == 0) {
+        size_t denied_file_len = strlen(*denied_file);
+        if (strncmp(*denied_file, filename, denied_file_len) == 0 &&
+            ((denied_file_len < filename_len &&
+              (*denied_file)[denied_file_len - 1] == '/') ||
+             (denied_file_len == filename_len))) {
           pthread_mutex_unlock(&temp_permissions_table_lock);
           return DENY;
         }
       }
       for_each(&permission_entry->allowed_files, allowed_file) {
-        if (strncmp(*allowed_file, filename, strlen(filename)) == 0) {
+        size_t allowed_file_len = strlen(*allowed_file);
+        if (strncmp(*allowed_file, filename, allowed_file_len) == 0 &&
+            ((allowed_file_len < filename_len &&
+              (*allowed_file)[allowed_file_len - 1] == '/') ||
+             (allowed_file_len == filename_len))) {
           pthread_mutex_unlock(&temp_permissions_table_lock);
           return ALLOW;
         }

src/ui-socket.c

@@ -125,9 +125,9 @@ struct dialogue_response ask_access(const char *filename,
   fprintf(stderr, "dialogue wrote out %s\n", first(&dialogue_output));
   fprintf(stderr, "dialogue returned %d\n", dialogue_exit_code);
 
-  // if (size(&dialogue_output) == 0) {
+  if (size(&dialogue_output) == 0) {
-  //   push(&dialogue_output, '.');
+    push(&dialogue_output, '/');
-  // }
+  }
 
   assert(strlen(first(&dialogue_output)) == size(&dialogue_output));
 
@@ -225,7 +225,6 @@ int interactive_access(const char *filename, struct process_info proc_info,
   // the user might specify a different file in the dialogue, so we need to
   // check if it is valid
 
-  /*
   while (source_access(response.filename, F_OK)) {
     // if it is invalid, just ask again.
     fprintf(stderr, "Filename returned by zenty wasn't correct: %s\n",
@@ -233,7 +232,7 @@ int interactive_access(const char *filename, struct process_info proc_info,
     free(response.filename);
     response = ask_access(filename, proc_info);
   }
-  */
+
   free(real_path);
 
   real_path = real_filename(response.filename);

test/mock/icfs_dialogue

@@ -1,29 +1,41 @@
 #!/bin/bash
 
-# fake-zenity: script that mocks the behavior of zenity based on the ./.fake-zenity-response file
+# fake-icfs_dialogue: script that mocks the behavior of icfs_dialogue based on the ./.fake-icfs_dialogue-response file
 
-ZENITY_YES=0
+ICFS_DIALOGUE_YES=0
-ZENITY_NO=1
+ICFS_DIALOGUE_NO=1
-ZENITY_PERM=2
+ICFS_DIALOGUE_PERM=2
 
 if [[ $1 == "--set-fake-response" ]]; then
   #someone knows we are fake :)
-  echo "$2" >~/.fake_zenity_response
+  echo "$2" >~/.fake_icfs_dialogue_response
+elif [[ $1 == "--set-fake-response-filename" ]]; then
+  echo "$2" >~/.fake_icfs_dialogue_response_filename
+elif [[ $1 == "--reset-fake-response" ]]; then
+  rm ~/.fake_icfs_dialogue_response ~/.fake_icfs_dialogue_response_filename
 else
-  if [ -f ~/.fake_zenity_response ]; then
+  if [ -f ~/.fake_icfs_dialogue_response ]; then
-    FAKE_ZENITY_RESPONSE=$(cat ~/.fake_zenity_response)
+    FAKE_ICFS_DIALOGUE_RESPONSE=$(cat ~/.fake_icfs_dialogue_response)
 
-    printf "%s" "$4"
+    if [[ -f ~/.fake_icfs_dialogue_response_filename ]]; then
-    if [[ $FAKE_ZENITY_RESPONSE == "yes" ]]; then
+      FAKE_ICFS_DIALOGUE_RESPONSE_FILENAME=$(cat ~/.fake_icfs_dialogue_response_filename)
-      exit "$ZENITY_YES"
+      if [[ $FAKE_ICFS_DIALOGUE_RESPONSE_FILENAME == "" ]]; then
-    elif [[ $FAKE_ZENITY_RESPONSE == "no" ]]; then
+        printf "%s" "$4"
-      exit "$ZENITY_NO"
+      else
-    elif [[ $FAKE_ZENITY_RESPONSE == "yes_perm" ]]; then
+        printf "%s" "$(cat ~/.fake_icfs_dialogue_response_filename)"
-      exit "$((ZENITY_YES | ZENITY_PERM))"
+      fi
-    elif [[ $FAKE_ZENITY_RESPONSE == "no_perm" ]]; then
+    fi
-      exit "$((ZENITY_NO | ZENITY_PERM))"
+
+    if [[ $FAKE_ICFS_DIALOGUE_RESPONSE == "yes" ]]; then
+      exit "$ICFS_DIALOGUE_YES"
+    elif [[ $FAKE_ICFS_DIALOGUE_RESPONSE == "no" ]]; then
+      exit "$ICFS_DIALOGUE_NO"
+    elif [[ $FAKE_ICFS_DIALOGUE_RESPONSE == "yes_perm" ]]; then
+      exit "$((ICFS_DIALOGUE_YES | ICFS_DIALOGUE_PERM))"
+    elif [[ $FAKE_ICFS_DIALOGUE_RESPONSE == "no_perm" ]]; then
+      exit "$((ICFS_DIALOGUE_NO | ICFS_DIALOGUE_PERM))"
     fi
   fi
 fi
 
-exit 255 # TODO: call actual zenity here
+exit 255 # TODO: call actual icfs_dialogue here

test/test.bash

@@ -9,6 +9,13 @@ touch ./protected/do-not-remove ./protected/should-be-removed ./protected/truth
 chmod 777 ./protected/perm777 ./protected/perm000
 echo "Free code, free world." >./protected/motto
 
+mkdir protected/haystack
+for i in {1..10}; do
+  touch "./protected/haystack/hay$i"
+done
+touch ./protected/haystack/needle
+echo "Liberty in every line." >./protected/haystack/needle
+
 rm -rf ./openers
 mkdir openers
 make -C ./opener || (
@@ -151,9 +158,22 @@ openers/symlinked_opener2 ./protected/motto >/dev/null 2>/dev/null &&
   echo "[ICFS-TEST]: openers/symlinked_opener2 can read protected/motto despite access being denied!" ||
   echo "[ICFS-TEST]: OK" # EACCESS
 
+# test permission globbing
+
+icfs_dialogue --set-fake-response yes_perm
+icfs_dialogue --set-fake-response-filename "/"
+grep 'Liberty' ./protected/haystack/needle >/dev/null &&
+  echo "[ICFS-TEST]: OK" ||
+  echo "[ICFS-TEST]: grep cannot read protected/motto despite access being permitted!" # OK
+
+icfs_dialogue --set-fake-response no # this should be ignored
+grep "Liberty" ./protected/haystack/* >/dev/null &&
+  echo "[ICFS-TEST]: OK" ||
+  echo "[ICFS-TEST]: grep cannot read protected/motto despite access being permitted!" # OK
+
 # test database access
 if [[ -r "./.pt.db" || -w "./.pt.db" ]]; then
-  echo "[ICFS-TEST]: permanent permissions is accessible!"
+  echo "[ICFS-TEST]: permanent permissions database is accessible!"
 else
   echo "[ICFS-TEST]: OK"
 fi