Changed semantics of --no-perm-on-create flag

src/fuse_operations.c

@@ -468,9 +468,11 @@ static int xmp_create(const char *path, mode_t mode,
 
   // fprintf(stderr, "%s, %d\n", path, ask_access(path, pi));
 
-  if (!interactive_access(path, pi, auto_create_perm)) {
+  if (auto_create_perm != 0) {
-    free(pi.name);
+    if (!interactive_access(path, pi, auto_create_perm)) {
-    return -EACCES;
+      free(pi.name);
+      return -EACCES;
+    }
   }
 
   free(pi.name);

src/gui/icfs_dialogue.c

@@ -143,6 +143,9 @@ int main(int argc, char **argv) {
     fprintf(stdout, "icfs_dialogue 1.0.0");
   }
 
+  // disable accessibility features to prevent attacks
+  g_setenv("NO_AT_BRIDGE", "1", TRUE);
+
   // Create a new application
   AdwApplication *app = adw_application_new("de.umbrasolis.icfs_dialogue",
                                             G_APPLICATION_HANDLES_COMMAND_LINE);

src/main.c

@@ -31,11 +31,12 @@ int main(int argc, char *argv[]) {
   if (argc < 3) {
     fprintf(stderr, "Usage: icfs <FUSE arguments> [target directory] [path to "
                     "the permanent permissions database] <ICFS "
-                    "arguments>\n\t--no-perm-on-create - reqire access "
+                    "arguments>\n\t--no-perm-on-create - do not give any "
-                    "permissions to create new files "
+                    "access permissions on file creation"
-                    "(incompatible with --perm-on-create)\n\t--perm-on-create "
+                    "(incompatible with --temp-on-create)\n\t--perm-on-create "
-                    "- give permanent permissions to files a process creates "
+                    "- automatically give permanent access permission to files "
-                    "automatically (incompatible with --no-perm-on-create)\n");
+                    "a process creates "
+                    "(incompatible with --no-perm-on-create)\n");
     return EXIT_FAILURE;
   }
 
@@ -45,11 +46,12 @@ int main(int argc, char *argv[]) {
        0 == strcmp(argv[argc - 1], "--temp-on-create"))) {
     fprintf(stderr, "Usage: icfs <FUSE arguments> [target directory] [path to "
                     "the permanent permissions database] <ICFS "
-                    "arguments>\n\t--no-perm-on-create - reqire access "
+                    "arguments>\n\t--no-perm-on-create - do not give any "
-                    "permissions to create new files"
+                    "access permissions on file creation"
                     "(incompatible with --temp-on-create)\n\t--perm-on-create "
-                    "- give permanent permissions to files a process creates "
+                    "- automatically give permanent access permission to files "
-                    "automatically (incompatible with --no-perm-on-create)\n");
+                    "a process creates "
+                    "(incompatible with --no-perm-on-create)\n");
     return EXIT_FAILURE;
   }
 

test/test.bash

@@ -59,6 +59,8 @@ fi
 
 #valgrind -s ../build/icfs -o default_permissions ./protected &
 
+echo "[ICFS-TEST]: You may see memory errors from valgrind at this stage. This is normal - memory isn't lost, the libfuse just forked the process."
+
 # WARN: please don't use `>` or `>>` operators. They force **this script** to open the file, **not the program you are trying to run**. This is probably not what you mean when you want to test a specific program's access.
 # WARN: avoid using touch, since it generates errors because setting times is not implemented in icfs **yet**.