Updated readme

README.md

@@ -26,7 +26,8 @@ Traditional access control mechanisms in operating systems allow the same level
 
 ## Installation
 
-Currently, there is no installer implemented.
+- `make install`
+- Uninstall with `make uninstall`
 
 ## Usage
 
@@ -34,7 +35,7 @@ Currently, there is no installer implemented.
 icfs <FUSE arguments> [target directory] [path to permanent permission database]
 ```
 
-The filesystem will be mounted over the target directory, and ask user permission every time a file in that directory is opened. We highly recommend adding `-o default_permissions` to increase performance and add an additional security layer.
+The filesystem will be mounted over the target directory, and ask user permission every time a file in that directory is opened. We highly recommend adding `-o default_permissions` to increase performance and add an additional security layer. If you have installed icfs along with `/etc/icfs` folder, you can create your permanent permission databases in this folder (you might want to do this, if your home folder does not have the "execute" permission for other users).
 
 ### Development build
 

src/gui/icfs_dialogue.c

@@ -7,9 +7,10 @@
 #include <stdio.h>
 #include <stdlib.h>
 
-#define YES 0
-#define NO 1
+#define YES 1
+#define NO 0
 #define PERM 2
+#define TEMP 0
 
 int exit_code = 0;
 gboolean is_permanent = false;
@@ -20,7 +21,7 @@ static void positive_response(GtkWindow *window) {
   fprintf(stdout, "%s", gtk_entry_buffer_get_text(entry_buffer));
   exit_code = (gtk_check_button_get_active(GTK_CHECK_BUTTON(checkbox)))
                   ? YES | PERM
-                  : YES;
+                  : YES | TEMP;
   gtk_window_close(window);
 }
 
@@ -28,7 +29,7 @@ static void negative_response(GtkWindow *window) {
   fprintf(stdout, "%s", gtk_entry_buffer_get_text(entry_buffer));
   exit_code = (gtk_check_button_get_active(GTK_CHECK_BUTTON(checkbox)))
                   ? NO | PERM
-                  : NO;
+                  : NO | TEMP;
   gtk_window_close(window);
 }
 

src/ui-socket.c

@@ -26,9 +26,10 @@
 #include <sys/un.h>
 #include <unistd.h>
 
-#define DIALOGUE_YES 0
-#define DIALOGUE_NO 1
+#define DIALOGUE_YES 1
+#define DIALOGUE_NO 0
 #define DIALOGUE_PERM 2
+#define DIALOGUE_TEMP 0
 
 pthread_mutex_t access_check_mutex = PTHREAD_MUTEX_INITIALIZER;
 
@@ -146,7 +147,7 @@ struct dialogue_response ask_access(const char *filename,
 
   if (dialogue_exit_code == (DIALOGUE_YES | DIALOGUE_PERM)) {
     response.decision = ALLOW;
-  } else if (dialogue_exit_code == DIALOGUE_YES) {
+  } else if (dialogue_exit_code == DIALOGUE_YES | DIALOGUE_TEMP) {
     response.decision = ALLOW_TEMP;
   } else if (dialogue_exit_code == (DIALOGUE_NO | DIALOGUE_PERM)) {
     response.decision = DENY;

test/mock/icfs_dialogue

@@ -2,9 +2,10 @@
 
 # fake-icfs_dialogue: script that mocks the behavior of icfs_dialogue based on the ./.fake-icfs_dialogue-response file
 
-ICFS_DIALOGUE_YES=0
-ICFS_DIALOGUE_NO=1
+ICFS_DIALOGUE_YES=1
+ICFS_DIALOGUE_NO=0
 ICFS_DIALOGUE_PERM=2
+ICFS_DIALOGUE_TEMP=0
 
 if [[ $1 == "--set-fake-response" ]]; then
   #someone knows we are fake :)
@@ -27,9 +28,9 @@ else
     fi
 
     if [[ $FAKE_ICFS_DIALOGUE_RESPONSE == "yes" ]]; then
-      exit "$ICFS_DIALOGUE_YES"
+      exit "$((ICFS_DIALOGUE_YES | ICFS_DIALOGUE_TEMP))"
     elif [[ $FAKE_ICFS_DIALOGUE_RESPONSE == "no" ]]; then
-      exit "$ICFS_DIALOGUE_NO"
+      exit "$((ICFS_DIALOGUE_NO | ICFS_DIALOGUE_TEMP))"
     elif [[ $FAKE_ICFS_DIALOGUE_RESPONSE == "yes_perm" ]]; then
       exit "$((ICFS_DIALOGUE_YES | ICFS_DIALOGUE_PERM))"
     elif [[ $FAKE_ICFS_DIALOGUE_RESPONSE == "no_perm" ]]; then