shared/gui: Add LOOQS_DISABLE_SANDBOX env to allow disabling sandboxing

Mainly for devs to check whether a problem is caused by sandboxing.

HACKING.md

@@ -12,6 +12,8 @@ The architecture ensures that the parsing of documents and the preview generatio
 
 Qt code is considered trusted in this model. While one may critize this, it was the only practical solution. looqs uses its serialization mechanism and other classes to communicate between the non-sandboxed GUI process and the sandboxed processes. 
 
+Set the enviornment variable `LOOQS_DISABLE_SANDBOX=1` to disable sandboxing. It's intended for troublehshooting.
+
 ## Database
 The heart is sqlite, with the FTS5 extensions behind the full-text search. I definitly did not
 want to run some heavy Java based solutions. I explored other options like Postgresql, I've discard them due to some limitations back then.

gui/main.cpp

@@ -23,19 +23,23 @@ void enableIpcSandbox()
 		qCritical() << "Failed to init policy for sandbox";
 		exit(EXIT_FAILURE);
 	}
-	policy->namespace_options = EXILE_UNSHARE_NETWORK | EXILE_UNSHARE_USER;
+	policy->namespace_options = EXILE_UNSHARE_USER | EXILE_UNSHARE_MOUNT | EXILE_UNSHARE_NETWORK;
 	policy->no_new_privs = 1;
 	policy->drop_caps = 1;
 	policy->vow_promises =
 		exile_vows_from_str("thread cpath wpath rpath unix stdio prot_exec proc shm fsnotify ioctl error");
+	policy->mount_path_policies_to_chroot = 1;
 
 	QString ipcSocketPath = Common::ipcSocketPath();
 	QFileInfo info{ipcSocketPath};
 	QString ipcSocketPathDir = info.absolutePath();
 	std::string stdIpcSocketPath = ipcSocketPathDir.toStdString();
 
-	exile_append_path_policies(policy, EXILE_FS_ALLOW_ALL_READ, "/");
-	exile_append_path_policies(policy, EXILE_FS_ALLOW_ALL_READ | EXILE_FS_ALLOW_ALL_WRITE, stdIpcSocketPath.c_str());
+	/* ALLOW_EXEC is needed for fallback, not in landlock mode. It does not allow executing anything though here
+	 * due to the vows */
+	exile_append_path_policies(policy, EXILE_FS_ALLOW_ALL_READ | EXILE_FS_ALLOW_EXEC, "/");
+	exile_append_path_policies(policy, EXILE_FS_ALLOW_ALL_READ | EXILE_FS_ALLOW_ALL_WRITE | EXILE_FS_ALLOW_EXEC,
+							   stdIpcSocketPath.c_str());
 	int ret = exile_enable_policy(policy);
 	if(ret != 0)
 	{
@@ -54,14 +58,21 @@ int main(int argc, char *argv[])
 		if(arg == "ipc")
 		{
 			Common::setupAppInfo();
-			enableIpcSandbox();
+			if(Common::noSandboxModeRequested())
+			{
+				qInfo() << "Launching with no sandbox!" << Qt::endl;
+			}
+			else
+			{
+				enableIpcSandbox();
+			}
 			QApplication a(argc, argv);
 
 			IpcServer *ipcserver = new IpcServer();
 			qDebug() << "Launching IPC Server";
 			if(!ipcserver->startSpawner(socketPath))
 			{
-				qCritical() << "Error failed to spawn";
+				qCritical() << "Error failed to spawn" << Qt::endl;
 				return 1;
 			}
 			qDebug() << "Launched IPC Server";

shared/common.cpp

@@ -157,6 +157,16 @@ QString Common::databasePath()
 	return env;
 }
 
+bool Common::noSandboxModeRequested()
+{
+	QString env = getenv("LOOQS_DISABLE_SANDBOX");
+	if(env == "1")
+	{
+		return true;
+	}
+	return false;
+}
+
 QString Common::ipcSocketPath()
 {
 	return "/tmp/.looqs/looqs-ipc-socket";

shared/common.h

@@ -15,6 +15,7 @@ QStringList excludedPaths();
 QStringList mountPaths();
 bool isTextFile(QFileInfo fileInfo);
 bool isMountPath(QString path);
+bool noSandboxModeRequested();
 QString versionText();
 } // namespace Common
 #endif

shared/sandboxedprocessor.cpp

@@ -27,6 +27,11 @@ static QMap<QString, Processor *> processors{
 
 void SandboxedProcessor::enableSandbox(QString readablePath)
 {
+	if(Common::noSandboxModeRequested())
+	{
+		qInfo() << "Sandbox is disabled!" << Qt::endl;
+		return;
+	}
 	struct exile_policy *policy = exile_init_policy();
 	if(policy == NULL)
 	{