mirror/flatpak
1
0
Fork 0
mirror of https://github.com/flatpak/flatpak.git synced 2026-05-24 08:51:27 -04:00
Code Issues Packages Projects Releases Wiki Activity

flatpak: Add a way to revoke privileges for exported documents

Browse Source 
This adds --forbid-read, --forbid-write, --forbid-delete and
--forbid-grant-permissons options to flatpaks document-export
command, to let it revoke permissions on exported documents.
This commit is contained in:
Matthias Clasen
2016-06-10 15:57:45 -04:00
parent 528b1f8e29
commit 8281e614ce
2 changed files with 84 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
app/flatpak-builtins-document-export.c
View File

@@ -37,21 +37,31 @@
#include "flatpak-run.h"
static gboolean opt_unique = FALSE;
static gboolean opt_allow_write = FALSE;
static gboolean opt_allow_delete = FALSE;
static gboolean opt_transient = FALSE;
static gboolean opt_noexist = FALSE;
static gboolean opt_allow_read = TRUE;
static gboolean opt_forbid_read = FALSE;
static gboolean opt_allow_write = FALSE;
static gboolean opt_forbid_write = FALSE;
static gboolean opt_allow_delete = FALSE;
static gboolean opt_forbid_delete = FALSE;
static gboolean opt_allow_grant_permissions = FALSE;
static gboolean opt_forbid_grant_permissions = FALSE;
static char **opt_apps = NULL;
static GOptionEntry options[] = {
{ "unique", 'u', 0, G_OPTION_ARG_NONE, &opt_unique, "Create a unique document reference", NULL },
{ "transient", 't', 0, G_OPTION_ARG_NONE, &opt_transient, "Make the document transient for the current session", NULL },
{ "noexist", 'n', 0, G_OPTION_ARG_NONE, &opt_noexist, "Don't require the file to exist already", NULL },
{ "allow-read", 'r', 0, G_OPTION_ARG_NONE, &opt_allow_read, "Give the app read permissions", NULL },
{ "allow-write", 'w', 0, G_OPTION_ARG_NONE, &opt_allow_write, "Give the app write permissions", NULL },
{ "allow-delete", 'd', 0, G_OPTION_ARG_NONE, &opt_allow_delete, "Give the app permissions to delete the document id", NULL },
{ "allow-grant-permission", 'd', 0, G_OPTION_ARG_NONE, &opt_allow_grant_permissions, "Give the app permissions to grant furthern permissions", NULL },
{ "app", 'a', 0, G_OPTION_ARG_STRING_ARRAY, &opt_apps, "Add permissions for this app", NULL },
{ "allow-delete", 'd', 0, G_OPTION_ARG_NONE, &opt_allow_delete, "Give the app delete permissions", NULL },
{ "allow-grant-permission", 'g', 0, G_OPTION_ARG_NONE, &opt_allow_grant_permissions, "Give the app permissions to grant further permissions", NULL },
{ "forbid-read", 0, 0, G_OPTION_ARG_NONE, &opt_forbid_read, "Revoke read permissions of the app", NULL },
{ "forbid-write", 0, 0, G_OPTION_ARG_NONE, &opt_forbid_write, "Revoke write permissions of the app", NULL },
{ "forbid-delete", 0, 0, G_OPTION_ARG_NONE, &opt_forbid_delete, "Revoke delete permissions of the app", NULL },
{ "forbid-grant-permission", 0, 0, G_OPTION_ARG_NONE, &opt_forbid_grant_permissions, "Revoke the permission to grant further permissions", NULL },
{ "app", 'a', 0, G_OPTION_ARG_STRING_ARRAY, &opt_apps, "Add permissions for this app", "APPID" },
{ NULL }
};
@@ -64,6 +74,7 @@ flatpak_builtin_document_export (int argc, char **argv,
g_autoptr(GVariant) reply = NULL;
g_autoptr(GDBusConnection) session_bus = NULL;
g_autoptr(GPtrArray) permissions = NULL;
g_autoptr(GPtrArray) revocations = NULL;
const char *file;
g_autofree char *mountpoint = NULL;
g_autofree char *basename = NULL;
@@ -157,8 +168,8 @@ flatpak_builtin_document_export (int argc, char **argv,
g_variant_get (reply, "(&s)", &doc_id);
permissions = g_ptr_array_new ();
g_ptr_array_add (permissions, "read");
if (opt_allow_read)
g_ptr_array_add (permissions, "read");
if (opt_allow_write)
g_ptr_array_add (permissions, "write");
if (opt_allow_delete)
@@ -167,6 +178,17 @@ flatpak_builtin_document_export (int argc, char **argv,
g_ptr_array_add (permissions, "grant-permissions");
g_ptr_array_add (permissions, NULL);
revocations = g_ptr_array_new ();
if (opt_forbid_read)
g_ptr_array_add (revocations, "read");
if (opt_forbid_write)
g_ptr_array_add (revocations, "write");
if (opt_forbid_delete)
g_ptr_array_add (revocations, "delete");
if (opt_forbid_grant_permissions)
g_ptr_array_add (revocations, "grant-permissions");
g_ptr_array_add (revocations, NULL);
for (i = 0; opt_apps != NULL && opt_apps[i] != NULL; i++)
{
if (!xdp_dbus_documents_call_grant_permissions_sync (documents,
@@ -177,6 +199,13 @@ flatpak_builtin_document_export (int argc, char **argv,
error))
return FALSE;
if (!xdp_dbus_documents_call_revoke_permissions_sync (documents,
doc_id,
opt_apps[i],
(const char **) revocations->pdata,
NULL,
error))
return FALSE;
}
doc_path = g_build_filename (mountpoint, doc_id, basename, NULL);

53
doc/flatpak-document-export.xml
View File

@@ -47,8 +47,8 @@
<para>
This command also lets you modify the per-application
permissions of the documents, granting access to the
file on a per-application basis.
permissions of the documents, granting or revoking access
to the file on a per-application basis.
</para>
</refsect1>
@@ -91,6 +91,24 @@
<listitem><para>
Grant read access to the specified application.
This option can be used multiple times.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--allow-read</option></term>
<listitem><para>
Grant read access to the applications specified with --app.
This defaults to TRUE.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--forbid-read</option></term>
<listitem><para>
Revoke read access for the applications specified with --app.
</para></listitem>
</varlistentry>
@@ -98,7 +116,15 @@
<term><option>--allow-write</option></term>
<listitem><para>
Also grant write access to the applications specified with --app.
Grant write access to the applications specified with --app.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--forbid-write</option></term>
<listitem><para>
Revoke write access for the applications specified with --app.
</para></listitem>
</varlistentry>
@@ -106,7 +132,15 @@
<term><option>--allow-delete</option></term>
<listitem><para>
Also grant the ability to delete a document id to the applications specified with --app.
Grant the ability to delete a document id to the applications specified with --app.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--forbid-delete</option></term>
<listitem><para>
Remove the ability to delete a document id from the applications specified with --app.
</para></listitem>
</varlistentry>
@@ -114,7 +148,15 @@
<term><option>--allow-grant-permission</option></term>
<listitem><para>
Also grant the ability further grant permissions to the applications specified with --app.
Grant the ability to grant further permissions to the applications specified with --app.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--forbid-grant-permission</option></term>
<listitem><para>
Revoke the ability to grant further permissions for the applications specified with --app.
</para></listitem>
</varlistentry>
@@ -160,3 +202,4 @@
</refsect1>
</refentry>