commit d09716535c4c4bc66f0d7c84a98e4cc5a5893b84 from: Omar Polo date: Wed Sep 15 09:33:10 2021 UTC add a safe/sandbox mode When enabled with the -S (or --safe) flag, prevent telescope from writing files to the disk. commit - e1ceb4cf5bba4c7ca1bacb584b20798b84273ee9 commit + d09716535c4c4bc66f0d7c84a98e4cc5a5893b84 blob - 462aef66a6475a582a9572f5d70ec2c86469403f blob + e5ce3e0abbc76390d98944ce2b337928f83830b1 --- session.c +++ session.c @@ -121,6 +121,9 @@ save_session(void) char *t; int flags; + if (safe_mode) + return; + ui_send_fs(IMSG_SESSION_START, 0, NULL, 0); TAILQ_FOREACH(tab, &tabshead, tabs) { blob - a77afcdd312bae2d9ae63faf701bd78e6bcd3e19 blob + 3321e7b528831e9b94193625889b449b33b5af06 --- telescope.1 +++ telescope.1 @@ -11,7 +11,7 @@ .\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.Dd $Mdocdate: August 27 2021$ +.Dd $Mdocdate: September 15 2021$ .Dt TELESCOPE 1 .Os .Sh NAME @@ -20,7 +20,7 @@ .Sh SYNOPSIS .Nm .Bk -words -.Op Fl Chnv +.Op Fl ChnSv .Op Fl c Pa config .Op Ar URL .Ek @@ -46,6 +46,13 @@ Display version and usage. .It Fl n Configtest mode. Only check the configuration file for validity. +.It Fl S , Fl -safe +.Dq Safe +.Pq or Dq sandbox +mode. +Prevent +.Nm +from writing files to the disk. .It Fl v , Fl -version Display version. .El blob - 7653cf0d28c70cb202dff74ff97aad34984ee4a9 blob + baf14a1a8dd8bbe8b1b9ff36a544b826d524ea30 --- telescope.c +++ telescope.c @@ -37,17 +37,24 @@ static struct option longopts[] = { {"colors", no_argument, NULL, 'c'}, {"help", no_argument, NULL, 'h'}, + {"safe", no_argument, NULL, 'S'}, {"version", no_argument, NULL, 'v'}, {NULL, 0, NULL, 0}, }; -static const char *opts = "Cc:hnT:v"; +static const char *opts = "Cc:hnST:v"; /* * Used to know when we're finished loading. */ int operating; +/* + * "Safe" (or "sandobox") mode. If enabled, Telescope shouldn't write + * anything to the filesystem or execute external programs. + */ +int safe_mode; + static struct imsgev *iev_fs, *iev_net; struct tabshead tabshead = TAILQ_HEAD_INITIALIZER(tabshead); @@ -268,8 +275,11 @@ handle_check_cert_user_choice(int accept, struct tab * tofu_temp_trust(&certs, tab->uri.host, tab->uri.port, tab->cert); - ui_yornp("Save the new certificate?", - handle_maybe_save_new_cert, tab); + if (!safe_mode) + ui_yornp("Save the new certificate?", + handle_maybe_save_new_cert, tab); + else + message("Certificate temporarly trusted"); } else { free(tab->cert); tab->cert = NULL; @@ -383,8 +393,9 @@ handle_imsg_got_meta(struct imsg *imsg, size_t datalen } else { load_page_from_str(tab, err_pages[UNKNOWN_TYPE_OR_CSET]); - ui_yornp("Can't display page, save it?", - handle_maybe_save_page, tab); + if (!safe_mode) + ui_yornp("Can't display page, save it?", + handle_maybe_save_page, tab); } } else if (tab->code < 40) { /* 3x */ tab->redirect_count++; @@ -1035,7 +1046,7 @@ ui_send_fs(int type, uint32_t peerid, const void *data static void __attribute__((noreturn)) usage(int r) { - fprintf(stderr, "USAGE: %s [-hnv] [-c config] [url]\n", + fprintf(stderr, "USAGE: %s [-hnSv] [-c config] [url]\n", getprogname()); fprintf(stderr, "version: " PACKAGE " " VERSION "\n"); exit(r); @@ -1079,6 +1090,9 @@ main(int argc, char * const *argv) break; case 'h': usage(0); + case 'S': + safe_mode = 1; + break; case 'T': switch (*optarg) { case 'f': blob - ffbff0e490391c6f58a3e547e73b66863c2d13eb blob + ef98398b3626a915b01006ff3723470452943613 --- telescope.h +++ telescope.h @@ -321,6 +321,7 @@ void sandbox_fs_process(void); /* telescope.c */ extern int operating; +extern int safe_mode; void gopher_send_search_req(struct tab *, const char *); void load_url(struct tab *, const char *, const char *, int);