commit - e1ceb4cf5bba4c7ca1bacb584b20798b84273ee9
commit + d09716535c4c4bc66f0d7c84a98e4cc5a5893b84
blob - 462aef66a6475a582a9572f5d70ec2c86469403f
blob + e5ce3e0abbc76390d98944ce2b337928f83830b1
--- session.c
+++ session.c
char *t;
int flags;
+ if (safe_mode)
+ return;
+
ui_send_fs(IMSG_SESSION_START, 0, NULL, 0);
TAILQ_FOREACH(tab, &tabshead, tabs) {
blob - a77afcdd312bae2d9ae63faf701bd78e6bcd3e19
blob + 3321e7b528831e9b94193625889b449b33b5af06
--- telescope.1
+++ telescope.1
.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.Dd $Mdocdate: August 27 2021$
+.Dd $Mdocdate: September 15 2021$
.Dt TELESCOPE 1
.Os
.Sh NAME
.Sh SYNOPSIS
.Nm
.Bk -words
-.Op Fl Chnv
+.Op Fl ChnSv
.Op Fl c Pa config
.Op Ar URL
.Ek
.It Fl n
Configtest mode.
Only check the configuration file for validity.
+.It Fl S , Fl -safe
+.Dq Safe
+.Pq or Dq sandbox
+mode.
+Prevent
+.Nm
+from writing files to the disk.
.It Fl v , Fl -version
Display version.
.El
blob - 7653cf0d28c70cb202dff74ff97aad34984ee4a9
blob + baf14a1a8dd8bbe8b1b9ff36a544b826d524ea30
--- telescope.c
+++ telescope.c
static struct option longopts[] = {
{"colors", no_argument, NULL, 'c'},
{"help", no_argument, NULL, 'h'},
+ {"safe", no_argument, NULL, 'S'},
{"version", no_argument, NULL, 'v'},
{NULL, 0, NULL, 0},
};
-static const char *opts = "Cc:hnT:v";
+static const char *opts = "Cc:hnST:v";
/*
* Used to know when we're finished loading.
*/
int operating;
+/*
+ * "Safe" (or "sandobox") mode. If enabled, Telescope shouldn't write
+ * anything to the filesystem or execute external programs.
+ */
+int safe_mode;
+
static struct imsgev *iev_fs, *iev_net;
struct tabshead tabshead = TAILQ_HEAD_INITIALIZER(tabshead);
tofu_temp_trust(&certs, tab->uri.host, tab->uri.port,
tab->cert);
- ui_yornp("Save the new certificate?",
- handle_maybe_save_new_cert, tab);
+ if (!safe_mode)
+ ui_yornp("Save the new certificate?",
+ handle_maybe_save_new_cert, tab);
+ else
+ message("Certificate temporarly trusted");
} else {
free(tab->cert);
tab->cert = NULL;
} else {
load_page_from_str(tab,
err_pages[UNKNOWN_TYPE_OR_CSET]);
- ui_yornp("Can't display page, save it?",
- handle_maybe_save_page, tab);
+ if (!safe_mode)
+ ui_yornp("Can't display page, save it?",
+ handle_maybe_save_page, tab);
}
} else if (tab->code < 40) { /* 3x */
tab->redirect_count++;
static void __attribute__((noreturn))
usage(int r)
{
- fprintf(stderr, "USAGE: %s [-hnv] [-c config] [url]\n",
+ fprintf(stderr, "USAGE: %s [-hnSv] [-c config] [url]\n",
getprogname());
fprintf(stderr, "version: " PACKAGE " " VERSION "\n");
exit(r);
break;
case 'h':
usage(0);
+ case 'S':
+ safe_mode = 1;
+ break;
case 'T':
switch (*optarg) {
case 'f':
blob - ffbff0e490391c6f58a3e547e73b66863c2d13eb
blob + ef98398b3626a915b01006ff3723470452943613
--- telescope.h
+++ telescope.h
/* telescope.c */
extern int operating;
+extern int safe_mode;
void gopher_send_search_req(struct tab *, const char *);
void load_url(struct tab *, const char *, const char *, int);