Porovnat revize
5 Commity
c30e09d44d
...
f5eb36e7bb
Autor | SHA1 | Datum | |
---|---|---|---|
f5eb36e7bb | |||
c891b36339 | |||
d17e596563 | |||
761471f243 | |||
9ac0ad0ccd |
13
Makefile
13
Makefile
@ -14,6 +14,7 @@ SOURCES+=$(wildcard handlers/*.cpp)
|
|||||||
SOURCES+=$(wildcard database/*.cpp)
|
SOURCES+=$(wildcard database/*.cpp)
|
||||||
SOURCES+=$(wildcard cache/*.cpp)
|
SOURCES+=$(wildcard cache/*.cpp)
|
||||||
SOURCES+=$(wildcard sandbox/*.cpp)
|
SOURCES+=$(wildcard sandbox/*.cpp)
|
||||||
|
SOURCES+=$(wildcard dynamic/*.cpp)
|
||||||
|
|
||||||
HEADERS=$(wildcard *.h)
|
HEADERS=$(wildcard *.h)
|
||||||
HEADERS+=$(wildcard gateway/*.h)
|
HEADERS+=$(wildcard gateway/*.h)
|
||||||
@ -21,7 +22,7 @@ HEADERS+=$(wildcard handlers/*.h)
|
|||||||
HEADERS+=$(wildcard database/*.h)
|
HEADERS+=$(wildcard database/*.h)
|
||||||
HEADERS+=$(wildcard cache/*.h)
|
HEADERS+=$(wildcard cache/*.h)
|
||||||
HEADERS+=$(wildcard sandbox/*.h)
|
HEADERS+=$(wildcard sandbox/*.h)
|
||||||
|
HEADERS+=$(wildcard dynamic/*.h)
|
||||||
|
|
||||||
OBJECTS=$(patsubst %.cpp, %.o, $(SOURCES))
|
OBJECTS=$(patsubst %.cpp, %.o, $(SOURCES))
|
||||||
WIKIOBJECTS=$(filter-out test.o, $(OBJECTS))
|
WIKIOBJECTS=$(filter-out test.o, $(OBJECTS))
|
||||||
@ -48,8 +49,12 @@ profile: LDFLAGS+= -pg
|
|||||||
release: qswiki
|
release: qswiki
|
||||||
profile: qswiki
|
profile: qswiki
|
||||||
|
|
||||||
qswiki: $(WIKIOBJECTS)
|
|
||||||
$(CXX) $(WIKIOBJECTS) ${LDFLAGS} ${INCLUDEFLAGS} -o qswiki
|
exile.o: submodules/exile.h/exile.c
|
||||||
|
$(CC) -std=c99 -DHAVE_LANDLOCK=0 -c submodules/exile.h/exile.c -o exile.o
|
||||||
|
|
||||||
|
qswiki: $(WIKIOBJECTS) exile.o
|
||||||
|
$(CXX) $(WIKIOBJECTS) exile.o ${LDFLAGS} ${INCLUDEFLAGS} -o qswiki
|
||||||
|
|
||||||
test: $(TESTOBJECTS)
|
test: $(TESTOBJECTS)
|
||||||
$(CXX) $(TESTOBJECTS) ${LDFLAGS} -o test
|
$(CXX) $(TESTOBJECTS) ${LDFLAGS} -o test
|
||||||
@ -63,6 +68,6 @@ gtest: $(GTESTS_TESTDIR)/*.cpp $(GTEST_OBJECTS)
|
|||||||
version.o:version.cpp
|
version.o:version.cpp
|
||||||
$(CXX) ${CXXFLAGS} ${INCLUDEFLAGS} -DGITCOMMIT=\"$(shell git rev-parse --short HEAD)\" -c -o $@ $<
|
$(CXX) ${CXXFLAGS} ${INCLUDEFLAGS} -DGITCOMMIT=\"$(shell git rev-parse --short HEAD)\" -c -o $@ $<
|
||||||
clean:
|
clean:
|
||||||
rm -f $(OBJECTS) $(DEPENDS)
|
rm -f exile.o $(OBJECTS) $(DEPENDS)
|
||||||
|
|
||||||
|
|
||||||
|
@ -12,6 +12,7 @@ std::string DynamicContentPostList::render()
|
|||||||
auto pageDao = this->database->createPageDao();
|
auto pageDao = this->database->createPageDao();
|
||||||
auto revisionDao = this->database->createRevisionDao();
|
auto revisionDao = this->database->createRevisionDao();
|
||||||
QueryOption option;
|
QueryOption option;
|
||||||
|
option.includeInvisible = false;
|
||||||
auto members = categoryDao->fetchMembers(this->catname, option);
|
auto members = categoryDao->fetchMembers(this->catname, option);
|
||||||
std::vector<std::pair<std::string, time_t>> pageList;
|
std::vector<std::pair<std::string, time_t>> pageList;
|
||||||
for(std::string &member : members)
|
for(std::string &member : members)
|
||||||
|
@ -12,18 +12,13 @@
|
|||||||
#include <filesystem>
|
#include <filesystem>
|
||||||
#include <sys/mount.h>
|
#include <sys/mount.h>
|
||||||
#include <sys/capability.h>
|
#include <sys/capability.h>
|
||||||
#define HAVE_LANDLOCK 0
|
#include <exile.hpp>
|
||||||
#include <exile.h>
|
|
||||||
#include "../logger.h"
|
#include "../logger.h"
|
||||||
#include "../utils.h"
|
#include "../utils.h"
|
||||||
#include "../random.h"
|
#include "../random.h"
|
||||||
|
|
||||||
#include "sandbox-linux.h"
|
#include "sandbox-linux.h"
|
||||||
|
|
||||||
/* TODO: make a whitelist approach. So far we simply blacklist
|
|
||||||
* obvious systemcalls. To whitelist, we need to analyse our
|
|
||||||
* dependencies (http library, sqlite wrapper, sqlite lib etc.) */
|
|
||||||
|
|
||||||
bool SandboxLinux::supported()
|
bool SandboxLinux::supported()
|
||||||
{
|
{
|
||||||
std::fstream stream;
|
std::fstream stream;
|
||||||
@ -54,7 +49,7 @@ bool SandboxLinux::enable(std::vector<std::string> fsPaths)
|
|||||||
}
|
}
|
||||||
for(unsigned int i = 0; i < fsPaths.size(); i++)
|
for(unsigned int i = 0; i < fsPaths.size(); i++)
|
||||||
{
|
{
|
||||||
exile_append_path_policy(policy, EXILE_FS_ALLOW_ALL_READ | EXILE_FS_ALLOW_ALL_WRITE, fsPaths[i].c_str());
|
exile_append_path_policies(policy, EXILE_FS_ALLOW_ALL_READ | EXILE_FS_ALLOW_ALL_WRITE, fsPaths[i].c_str());
|
||||||
}
|
}
|
||||||
policy->drop_caps = 1;
|
policy->drop_caps = 1;
|
||||||
policy->not_dumpable = 1;
|
policy->not_dumpable = 1;
|
||||||
@ -66,7 +61,7 @@ bool SandboxLinux::enable(std::vector<std::string> fsPaths)
|
|||||||
|
|
||||||
if(exile_enable_policy(policy) != 0)
|
if(exile_enable_policy(policy) != 0)
|
||||||
{
|
{
|
||||||
Logger::error() << "Sandbox: Activation of seccomp blacklist failed!";
|
Logger::error() << "Sandbox: Activation of exile failed!";
|
||||||
exile_free_policy(policy);
|
exile_free_policy(policy);
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
@ -1 +1 @@
|
|||||||
Subproject commit 4824c6eaa9043878daaba7b3778338f5bf913f06
|
Subproject commit f2ca26010a2bb6d9e270d6ade2e8789c02ac3b31
|
1
template/quitesimple/dynamic/postlistbegin
Normální soubor
1
template/quitesimple/dynamic/postlistbegin
Normální soubor
@ -0,0 +1 @@
|
|||||||
|
<ul>
|
1
template/quitesimple/dynamic/postlistend
Normální soubor
1
template/quitesimple/dynamic/postlistend
Normální soubor
@ -0,0 +1 @@
|
|||||||
|
</ul>
|
1
template/quitesimple/dynamic/postlistlink
Normální soubor
1
template/quitesimple/dynamic/postlistlink
Normální soubor
@ -0,0 +1 @@
|
|||||||
|
<li>{date}: <a href="{url}">{title}</a></li>
|
7
template/quitesimple/feeds/atomentry
Normální soubor
7
template/quitesimple/feeds/atomentry
Normální soubor
@ -0,0 +1,7 @@
|
|||||||
|
<entry>
|
||||||
|
<title>{qswiki:var:entrytitle}</title>
|
||||||
|
<link href="{qswiki:var:entryurl}"/>
|
||||||
|
<id>{qswiki:var:entryid}</id>
|
||||||
|
<published>{qswiki:var:entrypublished}</published>
|
||||||
|
<content type="html">{qswiki:var:entrycontent}</content>
|
||||||
|
</entry>
|
1
template/quitesimple/feeds/atomfooter
Normální soubor
1
template/quitesimple/feeds/atomfooter
Normální soubor
@ -0,0 +1 @@
|
|||||||
|
</feed>
|
8
template/quitesimple/feeds/atomheader
Normální soubor
8
template/quitesimple/feeds/atomheader
Normální soubor
@ -0,0 +1,8 @@
|
|||||||
|
<?xml version="1.0" encoding="utf-8"?>
|
||||||
|
<feed xmlns="http://www.w3.org/2005/Atom">
|
||||||
|
<author>
|
||||||
|
<name>{qswiki:config:wikiownername}</name>
|
||||||
|
</author>
|
||||||
|
<title>{qswiki:config:wikiname} - {qswiki:var:subtitle}</title>
|
||||||
|
<id>{qswiki:var:atomfeeduniqueid}</id>
|
||||||
|
<updated>{qswiki:var:atomfeedupdate}</updated>
|
Načítá se…
Odkázat v novém úkolu
Zablokovat Uživatele