aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--include/sway/security.h2
-rw-r--r--sway/commands/permit.c19
-rw-r--r--sway/security.c20
3 files changed, 22 insertions, 19 deletions
diff --git a/include/sway/security.h b/include/sway/security.h
index d60f264a..0edffdfa 100644
--- a/include/sway/security.h
+++ b/include/sway/security.h
@@ -7,6 +7,8 @@ uint32_t get_feature_policy_mask(pid_t pid);
uint32_t get_ipc_policy_mask(pid_t pid);
uint32_t get_command_policy_mask(const char *cmd);
+struct feature_policy *get_feature_policy(const char *name);
+
const char *command_policy_str(enum command_context context);
struct feature_policy *alloc_feature_policy(const char *program);
diff --git a/sway/commands/permit.c b/sway/commands/permit.c
index 4a78ef0d..c55f46d8 100644
--- a/sway/commands/permit.c
+++ b/sway/commands/permit.c
@@ -38,25 +38,6 @@ static enum secure_feature get_features(int argc, char **argv,
return features;
}
-static struct feature_policy *get_feature_policy(const char *name) {
- struct feature_policy *policy = NULL;
- for (int i = 0; i < config->feature_policies->length; ++i) {
- struct feature_policy *p = config->feature_policies->items[i];
- if (strcmp(p->program, name) == 0) {
- policy = p;
- break;
- }
- }
- if (!policy) {
- policy = alloc_feature_policy(name);
- if (!policy) {
- sway_abort("Unable to allocate security policy");
- }
- list_add(config->feature_policies, policy);
- }
- return policy;
-}
-
struct cmd_results *cmd_permit(int argc, char **argv) {
struct cmd_results *error = NULL;
if ((error = checkarg(argc, "permit", EXPECTED_MORE_THAN, 1))) {
diff --git a/sway/security.c b/sway/security.c
index 5b762b07..96af2b88 100644
--- a/sway/security.c
+++ b/sway/security.c
@@ -94,6 +94,26 @@ static const char *get_pid_exe(pid_t pid) {
return link;
}
+struct feature_policy *get_feature_policy(const char *name) {
+ struct feature_policy *policy = NULL;
+
+ for (int i = 0; i < config->feature_policies->length; ++i) {
+ struct feature_policy *p = config->feature_policies->items[i];
+ if (strcmp(p->program, name) == 0) {
+ policy = p;
+ break;
+ }
+ }
+ if (!policy) {
+ policy = alloc_feature_policy(name);
+ if (!policy) {
+ sway_abort("Unable to allocate security policy");
+ }
+ list_add(config->feature_policies, policy);
+ }
+ return policy;
+}
+
uint32_t get_feature_policy_mask(pid_t pid) {
uint32_t default_policy = 0;
const char *link = get_pid_exe(pid);