aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorOmar Polo <op@omarpolo.com>2021-09-15 11:33:10 +0200
committerOmar Polo <op@omarpolo.com>2021-09-15 11:33:10 +0200
commitd09716535c4c4bc66f0d7c84a98e4cc5a5893b84 (patch)
tree43dabb5690972a438fcca9d23063f47c2436fc08
parente1ceb4cf5bba4c7ca1bacb584b20798b84273ee9 (diff)
downloadtelescope-d09716535c4c4bc66f0d7c84a98e4cc5a5893b84.tar.gz
telescope-d09716535c4c4bc66f0d7c84a98e4cc5a5893b84.tar.bz2
add a safe/sandbox mode
When enabled with the -S (or --safe) flag, prevent telescope from writing files to the disk.
-rw-r--r--session.c3
-rw-r--r--telescope.111
-rw-r--r--telescope.c26
-rw-r--r--telescope.h1
4 files changed, 33 insertions, 8 deletions
diff --git a/session.c b/session.c
index 462aef6..e5ce3e0 100644
--- a/session.c
+++ b/session.c
@@ -121,6 +121,9 @@ save_session(void)
char *t;
int flags;
+ if (safe_mode)
+ return;
+
ui_send_fs(IMSG_SESSION_START, 0, NULL, 0);
TAILQ_FOREACH(tab, &tabshead, tabs) {
diff --git a/telescope.1 b/telescope.1
index a77afcd..3321e7b 100644
--- a/telescope.1
+++ b/telescope.1
@@ -11,7 +11,7 @@
.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.Dd $Mdocdate: August 27 2021$
+.Dd $Mdocdate: September 15 2021$
.Dt TELESCOPE 1
.Os
.Sh NAME
@@ -20,7 +20,7 @@
.Sh SYNOPSIS
.Nm
.Bk -words
-.Op Fl Chnv
+.Op Fl ChnSv
.Op Fl c Pa config
.Op Ar URL
.Ek
@@ -46,6 +46,13 @@ Display version and usage.
.It Fl n
Configtest mode.
Only check the configuration file for validity.
+.It Fl S , Fl -safe
+.Dq Safe
+.Pq or Dq sandbox
+mode.
+Prevent
+.Nm
+from writing files to the disk.
.It Fl v , Fl -version
Display version.
.El
diff --git a/telescope.c b/telescope.c
index 7653cf0..baf14a1 100644
--- a/telescope.c
+++ b/telescope.c
@@ -37,17 +37,24 @@
static struct option longopts[] = {
{"colors", no_argument, NULL, 'c'},
{"help", no_argument, NULL, 'h'},
+ {"safe", no_argument, NULL, 'S'},
{"version", no_argument, NULL, 'v'},
{NULL, 0, NULL, 0},
};
-static const char *opts = "Cc:hnT:v";
+static const char *opts = "Cc:hnST:v";
/*
* Used to know when we're finished loading.
*/
int operating;
+/*
+ * "Safe" (or "sandobox") mode. If enabled, Telescope shouldn't write
+ * anything to the filesystem or execute external programs.
+ */
+int safe_mode;
+
static struct imsgev *iev_fs, *iev_net;
struct tabshead tabshead = TAILQ_HEAD_INITIALIZER(tabshead);
@@ -268,8 +275,11 @@ handle_check_cert_user_choice(int accept, struct tab *tab)
tofu_temp_trust(&certs, tab->uri.host, tab->uri.port,
tab->cert);
- ui_yornp("Save the new certificate?",
- handle_maybe_save_new_cert, tab);
+ if (!safe_mode)
+ ui_yornp("Save the new certificate?",
+ handle_maybe_save_new_cert, tab);
+ else
+ message("Certificate temporarly trusted");
} else {
free(tab->cert);
tab->cert = NULL;
@@ -383,8 +393,9 @@ handle_imsg_got_meta(struct imsg *imsg, size_t datalen)
} else {
load_page_from_str(tab,
err_pages[UNKNOWN_TYPE_OR_CSET]);
- ui_yornp("Can't display page, save it?",
- handle_maybe_save_page, tab);
+ if (!safe_mode)
+ ui_yornp("Can't display page, save it?",
+ handle_maybe_save_page, tab);
}
} else if (tab->code < 40) { /* 3x */
tab->redirect_count++;
@@ -1035,7 +1046,7 @@ ui_send_fs(int type, uint32_t peerid, const void *data, uint16_t datalen)
static void __attribute__((noreturn))
usage(int r)
{
- fprintf(stderr, "USAGE: %s [-hnv] [-c config] [url]\n",
+ fprintf(stderr, "USAGE: %s [-hnSv] [-c config] [url]\n",
getprogname());
fprintf(stderr, "version: " PACKAGE " " VERSION "\n");
exit(r);
@@ -1079,6 +1090,9 @@ main(int argc, char * const *argv)
break;
case 'h':
usage(0);
+ case 'S':
+ safe_mode = 1;
+ break;
case 'T':
switch (*optarg) {
case 'f':
diff --git a/telescope.h b/telescope.h
index ffbff0e..ef98398 100644
--- a/telescope.h
+++ b/telescope.h
@@ -321,6 +321,7 @@ void sandbox_fs_process(void);
/* telescope.c */
extern int operating;
+extern int safe_mode;
void gopher_send_search_req(struct tab *, const char *);
void load_url(struct tab *, const char *, const char *, int);