gui: Begin basic sandboxing
This commit is contained in:
parent
4dede9538c
commit
ebea074fcb
21
gui/main.cpp
21
gui/main.cpp
@ -1,13 +1,34 @@
|
|||||||
#include <QApplication>
|
#include <QApplication>
|
||||||
#include <QSettings>
|
#include <QSettings>
|
||||||
#include <QMessageBox>
|
#include <QMessageBox>
|
||||||
|
#include <QStandardPaths>
|
||||||
#include "mainwindow.h"
|
#include "mainwindow.h"
|
||||||
#include "searchresult.h"
|
#include "searchresult.h"
|
||||||
#include "pdfpreview.h"
|
#include "pdfpreview.h"
|
||||||
#include "../shared/common.h"
|
#include "../shared/common.h"
|
||||||
|
#include "../submodules/qssb.h/qssb.h"
|
||||||
|
|
||||||
int main(int argc, char *argv[])
|
int main(int argc, char *argv[])
|
||||||
{
|
{
|
||||||
|
struct qssb_policy *policy = qssb_init_policy();
|
||||||
|
std::string appDataLocation = QStandardPaths::writableLocation(QStandardPaths::AppLocalDataLocation).toStdString();
|
||||||
|
std::string cacheDataLocation = QStandardPaths::writableLocation(QStandardPaths::CacheLocation).toStdString();
|
||||||
|
|
||||||
|
policy->namespace_options = QSSB_UNSHARE_NETWORK | QSSB_UNSHARE_USER;
|
||||||
|
qssb_append_path_policy(policy, QSSB_FS_ALLOW_READ | QSSB_FS_ALLOW_REMOVE_FILE, "/");
|
||||||
|
qssb_append_path_policy(policy, QSSB_FS_ALLOW_READ | QSSB_FS_ALLOW_REMOVE_FILE | QSSB_FS_ALLOW_WRITE,
|
||||||
|
appDataLocation.c_str());
|
||||||
|
qssb_append_path_policy(policy, QSSB_FS_ALLOW_READ | QSSB_FS_ALLOW_REMOVE_FILE | QSSB_FS_ALLOW_WRITE,
|
||||||
|
cacheDataLocation.c_str());
|
||||||
|
|
||||||
|
int ret = qssb_enable_policy(policy);
|
||||||
|
if(ret != 0)
|
||||||
|
{
|
||||||
|
qDebug() << "Failed to establish sandbox";
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
qssb_free_policy(policy);
|
||||||
|
|
||||||
Common::setupAppInfo();
|
Common::setupAppInfo();
|
||||||
QApplication a(argc, argv);
|
QApplication a(argc, argv);
|
||||||
try
|
try
|
||||||
|
Loading…
Reference in New Issue
Block a user