Switch to exile.h

This commit is contained in:
Albert S. 2021-12-26 18:21:48 +01:00
parent b1f3e95622
commit 88ee2383f7
6 changed files with 19 additions and 21 deletions

6
.gitmodules vendored
View File

@ -1,3 +1,3 @@
[submodule "submodules/qssb.h"]
path = submodules/qssb.h
url = https://gitea.quitesimple.org/crtxcr/qssb.h
[submodule "submodules/exile.h"]
path = submodules/exile.h
url = https://gitea.quitesimple.org/crtxcr/exile.h

View File

@ -8,7 +8,7 @@
#include "nothingprocessor.h"
#include "odtprocessor.h"
#include "odsprocessor.h"
#include "../submodules/qssb.h/qssb.h"
#include "../submodules/exile.h/exile.h"
#include "logger.h"
static DefaultTextProcessor *defaultTextProcessor = new DefaultTextProcessor();
@ -26,26 +26,26 @@ static QMap<QString, Processor *> processors{
void SandboxedProcessor::enableSandbox(QString readablePath)
{
struct qssb_policy *policy = qssb_init_policy();
struct exile_policy *policy = exile_init_policy();
policy->namespace_options = QSSB_UNSHARE_NETWORK | QSSB_UNSHARE_USER;
policy->namespace_options = EXILE_UNSHARE_NETWORK | EXILE_UNSHARE_USER;
if(!readablePath.isEmpty())
{
std::string readablePathLocation = readablePath.toStdString();
qssb_append_path_policy(policy, QSSB_FS_ALLOW_READ, readablePathLocation.c_str());
exile_append_path_policy(policy, EXILE_FS_ALLOW_ALL_READ, readablePathLocation.c_str());
}
else
{
policy->no_fs = 1;
}
int ret = qssb_enable_policy(policy);
int ret = exile_enable_policy(policy);
if(ret != 0)
{
qDebug() << "Failed to establish sandbox: " << ret;
exit(EXIT_FAILURE);
}
qssb_free_policy(policy);
exile_free_policy(policy);
}
void SandboxedProcessor::printResults(const QVector<PageData> &pageData)

View File

@ -8,7 +8,7 @@
#include "searchresult.h"
#include "pdfpreview.h"
#include "../shared/common.h"
#include "../submodules/qssb.h/qssb.h"
#include "../submodules/exile.h/exile.h"
#include "ipcserver.h"
int main(int argc, char *argv[])
@ -41,25 +41,23 @@ int main(int argc, char *argv[])
QMessageBox::critical(nullptr, "Error", errorMsg);
}
struct qssb_policy *policy = qssb_init_policy();
struct exile_policy *policy = exile_init_policy();
std::string appDataLocation = QStandardPaths::writableLocation(QStandardPaths::AppLocalDataLocation).toStdString();
std::string cacheDataLocation = QStandardPaths::writableLocation(QStandardPaths::CacheLocation).toStdString();
std::string sockPath = socketPath.toStdString();
policy->namespace_options = QSSB_UNSHARE_NETWORK | QSSB_UNSHARE_USER;
policy->namespace_options = EXILE_UNSHARE_NETWORK | EXILE_UNSHARE_USER;
qssb_append_path_policy(policy, QSSB_FS_ALLOW_READ | QSSB_FS_ALLOW_REMOVE_FILE, "/");
qssb_append_path_policy(policy, QSSB_FS_ALLOW_READ | QSSB_FS_ALLOW_REMOVE_FILE | QSSB_FS_ALLOW_WRITE,
appDataLocation.c_str());
qssb_append_path_policy(policy, QSSB_FS_ALLOW_READ | QSSB_FS_ALLOW_REMOVE_FILE | QSSB_FS_ALLOW_WRITE,
cacheDataLocation.c_str());
exile_append_path_policy(policy, EXILE_FS_ALLOW_ALL_READ | EXILE_FS_ALLOW_REMOVE_FILE, "/");
exile_append_path_policy(policy, EXILE_FS_ALLOW_ALL_READ | EXILE_FS_ALLOW_ALL_WRITE, appDataLocation.c_str());
exile_append_path_policy(policy, EXILE_FS_ALLOW_ALL_READ | EXILE_FS_ALLOW_ALL_WRITE, cacheDataLocation.c_str());
int ret = qssb_enable_policy(policy);
int ret = exile_enable_policy(policy);
if(ret != 0)
{
qDebug() << "Failed to establish sandbox";
return 1;
}
qssb_free_policy(policy);
exile_free_policy(policy);
Common::setupAppInfo();
QApplication a(argc, argv);

View File

@ -13,7 +13,7 @@ TEMPLATE = lib
CONFIG += staticlib
CONFIG += c++17
INCLUDEPATH += $$PWD/../sandbox/qssb.h/
INCLUDEPATH += $$PWD/../sandbox/exile.h/
# The following define makes your compiler emit warnings if you use
# any feature of Qt which has been marked as deprecated (the exact warnings

1
submodules/exile.h Submodule

@ -0,0 +1 @@
Subproject commit d742397b522eb91513bab54a3aa992dfb7121462

@ -1 +0,0 @@
Subproject commit 692c9b54b7b5fdca6a416d91d3f34d15af185c33