Handle IPC security targets which are symlinks

swaywm · Apr 14, 2017 · 46c7f6b · 46c7f6b
1 parent 8cfd2d4
commit 46c7f6b
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 4 deletions.
diff --git a/sway/commands/permit.c b/sway/commands/permit.c
@@ -2,6 +2,7 @@
 #include "sway/commands.h"
 #include "sway/config.h"
 #include "sway/security.h"
+#include "util.h"
 #include "log.h"
 
 static enum secure_feature get_features(int argc, char **argv,
@@ -40,20 +41,22 @@ static enum secure_feature get_features(int argc, char **argv,
 
 static struct feature_policy *get_policy(const char *name) {
 	struct feature_policy *policy = NULL;
+	char* rname = resolve_path(name);
 	for (int i = 0; i < config->feature_policies->length; ++i) {
 		struct feature_policy *p = config->feature_policies->items[i];
-		if (strcmp(p->program, name) == 0) {
+		if (strcmp(p->program, rname) == 0) {
 			policy = p;
 			break;
 		}
 	}
 	if (!policy) {
-		policy = alloc_feature_policy(name);
+		policy = alloc_feature_policy(rname);
 		if (!policy) {
 			sway_abort("Unable to allocate security policy");
 		}
 		list_add(config->feature_policies, policy);
 	}
+	free(rname);
 	return policy;
 }
 

diff --git a/sway/security.c b/sway/security.c
@@ -4,10 +4,15 @@
 #include <stdio.h>
 #include "sway/config.h"
 #include "sway/security.h"
+#include "util.h"
 #include "log.h"
 
 struct feature_policy *alloc_feature_policy(const char *program) {
 	uint32_t default_policy = 0;
+	char* rname = resolve_path(program);
+	if(!rname) {
+		return NULL;
+	}
 	for (int i = 0; i < config->feature_policies->length; ++i) {
 		struct feature_policy *policy = config->feature_policies->items[i];
 		if (strcmp(policy->program, "*") == 0) {
@@ -20,17 +25,23 @@ struct feature_policy *alloc_feature_policy(const char *program) {
 	if (!policy) {
 		return NULL;
 	}
-	policy->program = strdup(program);
+	policy->program = strdup(rname);
 	if (!policy->program) {
+		free(rname);
 		free(policy);
 		return NULL;
 	}
 	policy->features = default_policy;
+	free(rname);
 	return policy;
 }
 
 struct ipc_policy *alloc_ipc_policy(const char *program) {
 	uint32_t default_policy = 0;
+	char* rname = resolve_path(program);
+	if (!rname) {
+		return NULL;
+	}
 	for (int i = 0; i < config->ipc_policies->length; ++i) {
 		struct ipc_policy *policy = config->ipc_policies->items[i];
 		if (strcmp(policy->program, "*") == 0) {
@@ -43,12 +54,14 @@ struct ipc_policy *alloc_ipc_policy(const char *program) {
 	if (!policy) {
 		return NULL;
 	}
-	policy->program = strdup(program);
+	policy->program = strdup(rname);
 	if (!policy->program) {
+		free(rname);
 		free(policy);
 		return NULL;
 	}
 	policy->features = default_policy;
+	free(rname);
 	return policy;
 }