fedir/ICFS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
ICFS/src/ui-socket.c

152 lines
3.9 KiB
C
Raw Blame History

/*
ICFS: Interactively Controlled File System
Copyright (C) 2024-2025 Fedir Kovalov
This program can be distributed under the terms of the GNU GPLv2.
See the file LICENSE.
*/
#include <stddef.h>
#include <sys/types.h>
#include <time.h>
#define _GNU_SOURCE
#include "perm_permissions_table.h"
#include "temp_permissions_table.h"
#include "ui-socket.h"
#include <errno.h>
#include <pthread.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/socket.h>
#include <sys/un.h>
#include <unistd.h>
int init_ui_socket(const char *perm_permissions_db_filename) {
char line[256];
FILE *fp;
if (init_temp_permissions_table()) {
fprintf(stderr, "Could not initialize temporary permissions table.\n");
return 1;
}
if (init_perm_permissions_table(perm_permissions_db_filename)) {
fprintf(stderr, "Could not initialize permanent permissions table.\n");
return 1;
}
// Test if Zenity is installed (get version)
fp = popen("zenity --version", "r");
if (fp == NULL) {
perror("Pipe returned an error");
return 1;
}
while (fgets(line, sizeof(line), fp))
printf("%s", line);
pclose(fp);
return 0;
}
void destroy_ui_socket() {
destroy_temp_permissions_table();
destroy_perm_permissions_table();
}
/**
* Asks the user if the process should be allowed to access the file using the
* GUI
*
* @param filename: The file that the process is trying to access
* @param pi: The process information
* @return: 0 if access is denied, 1 if access is allowed, 2 if access is
* allowed for the runtime of the process
*/
int ask_access(const char *filename, struct process_info pi) {
FILE *fp;
size_t command_len =
139 + sizeof(pid_t) * 8 + strlen(pi.name) + strlen(filename);
char *command = (char *)malloc(command_len);
snprintf(command, command_len,
"zenity --question --extra-button \"Allow this time\" --title "
"\"Allow Access?\" --text \"Allow process "
"<tt>%s</tt> with PID <tt>%d</tt> to access <tt>%s</tt>\"",
pi.name, pi.PID, filename);
// Zenity Question Message Popup
fp = popen(command, "r");
free(command);
if (fp == NULL) {
perror("Pipe returned a error");
return -1;
}
// if the user clicks the "Allow this time" button, `zenity` will only
// write it to `stdout`, but the exit code will still be `1`. So, we need
// to manually check the output.
char buffer[1024];
while (fgets(buffer, sizeof(buffer), fp)) {
printf("%s", buffer);
if (strcmp(buffer, "Allow this time\n") == 0) {
pclose(fp);
return 2;
}
}
int zenity_exit_code = WEXITSTATUS(pclose(fp));
fprintf(stderr, "zenity returned %d\n", zenity_exit_code);
// zenity returns 1 on "No" >:(
if (zenity_exit_code == 0) {
return 1;
}
return 0;
}
/**
* Check access according to:
* 1. temp permission table
* 2. permanent permission table
* 3. user descision
*
* @param filename: The file that the process is trying to access
* @pram pi: The process information
* @param opts: options (GRANT_TEMP, GRANT_PERM)
* @return: 0 if access is denied, 1 if access is allowed
*/
int interactive_access(const char *filename, struct process_info pi, int opts) {
if (check_temp_access(filename, pi) || check_perm_access(filename, pi)) {
// access was already granted before
return 1;
}
// if noth GRANT_TEMP and GRANT_PERM are selected, then only permanent
// permissions are granted
if (opts & GRANT_PERM) {
give_perm_access(filename, pi);
return 1;
}
if (opts & GRANT_TEMP) {
give_temp_access(filename, pi);
return 1;
}
int user_response = ask_access(filename, pi);
if (user_response == 1) {
// user said "yes"
give_perm_access(filename, pi);
return 1;
} else if (user_response == 2) {
// user said "yes, but only this time"
give_temp_access(filename, pi);
return 1;
}
// otherwise "no"
return 0;
}
Reference in New Issue View Git Blame Copy Permalink