diff --git a/include/sway/config.h b/include/sway/config.h index 85605ce4..b3fd6668 100644 --- a/include/sway/config.h +++ b/include/sway/config.h @@ -401,61 +401,6 @@ enum command_context { CONTEXT_ALL = 0xFFFFFFFF, }; -struct command_policy { - char *command; - uint32_t context; -}; - -enum secure_feature { - FEATURE_LOCK = 1 << 0, - FEATURE_PANEL = 1 << 1, - FEATURE_BACKGROUND = 1 << 2, - FEATURE_SCREENSHOT = 1 << 3, - FEATURE_FULLSCREEN = 1 << 4, - FEATURE_KEYBOARD = 1 << 5, - FEATURE_MOUSE = 1 << 6, -}; - -struct feature_policy { - char *program; - uint32_t features; -}; - -enum ipc_feature { - IPC_FEATURE_COMMAND = 1 << 0, - IPC_FEATURE_GET_WORKSPACES = 1 << 1, - IPC_FEATURE_GET_OUTPUTS = 1 << 2, - IPC_FEATURE_GET_TREE = 1 << 3, - IPC_FEATURE_GET_MARKS = 1 << 4, - IPC_FEATURE_GET_BAR_CONFIG = 1 << 5, - IPC_FEATURE_GET_VERSION = 1 << 6, - IPC_FEATURE_GET_INPUTS = 1 << 7, - IPC_FEATURE_EVENT_WORKSPACE = 1 << 8, - IPC_FEATURE_EVENT_OUTPUT = 1 << 9, - IPC_FEATURE_EVENT_MODE = 1 << 10, - IPC_FEATURE_EVENT_WINDOW = 1 << 11, - IPC_FEATURE_EVENT_BINDING = 1 << 12, - IPC_FEATURE_EVENT_INPUT = 1 << 13, - IPC_FEATURE_GET_SEATS = 1 << 14, - - IPC_FEATURE_ALL_COMMANDS = IPC_FEATURE_COMMAND | - IPC_FEATURE_GET_WORKSPACES | IPC_FEATURE_GET_OUTPUTS | - IPC_FEATURE_GET_TREE | IPC_FEATURE_GET_MARKS | - IPC_FEATURE_GET_BAR_CONFIG | IPC_FEATURE_GET_VERSION | - IPC_FEATURE_GET_INPUTS | IPC_FEATURE_GET_SEATS, - IPC_FEATURE_ALL_EVENTS = IPC_FEATURE_EVENT_WORKSPACE | - IPC_FEATURE_EVENT_OUTPUT | IPC_FEATURE_EVENT_MODE | - IPC_FEATURE_EVENT_WINDOW | IPC_FEATURE_EVENT_BINDING | - IPC_FEATURE_EVENT_INPUT, - - IPC_FEATURE_ALL = IPC_FEATURE_ALL_COMMANDS | IPC_FEATURE_ALL_EVENTS, -}; - -struct ipc_policy { - char *program; - uint32_t features; -}; - enum focus_follows_mouse_mode { FOLLOWS_NO, FOLLOWS_YES, @@ -584,11 +529,6 @@ struct sway_config { int32_t floating_minimum_width; int32_t floating_minimum_height; - // Security - list_t *command_policies; - list_t *feature_policies; - list_t *ipc_policies; - // The keysym to keycode translation struct xkb_state *keysym_translation_state; diff --git a/include/sway/security.h b/include/sway/security.h deleted file mode 100644 index 0edffdfa..00000000 --- a/include/sway/security.h +++ /dev/null @@ -1,18 +0,0 @@ -#ifndef _SWAY_SECURITY_H -#define _SWAY_SECURITY_H -#include -#include "sway/config.h" - -uint32_t get_feature_policy_mask(pid_t pid); -uint32_t get_ipc_policy_mask(pid_t pid); -uint32_t get_command_policy_mask(const char *cmd); - -struct feature_policy *get_feature_policy(const char *name); - -const char *command_policy_str(enum command_context context); - -struct feature_policy *alloc_feature_policy(const char *program); -struct ipc_policy *alloc_ipc_policy(const char *program); -struct command_policy *alloc_command_policy(const char *command); - -#endif diff --git a/sway/commands.c b/sway/commands.c index afe05b26..f20a8baa 100644 --- a/sway/commands.c +++ b/sway/commands.c @@ -9,7 +9,6 @@ #include "sway/commands.h" #include "sway/config.h" #include "sway/criteria.h" -#include "sway/security.h" #include "sway/input/input-manager.h" #include "sway/input/seat.h" #include "sway/tree/view.h" @@ -489,28 +488,6 @@ struct cmd_results *config_commands_command(char *exec) { context |= context_names[j].context; } - struct command_policy *policy = NULL; - for (int i = 0; i < config->command_policies->length; ++i) { - struct command_policy *p = config->command_policies->items[i]; - if (strcmp(p->command, cmd) == 0) { - policy = p; - break; - } - } - if (!policy) { - policy = alloc_command_policy(cmd); - if (!sway_assert(policy, "Unable to allocate security policy")) { - results = cmd_results_new(CMD_INVALID, - "Unable to allocate memory"); - goto cleanup; - } - list_add(config->command_policies, policy); - } - policy->context = context; - - sway_log(SWAY_INFO, "Set command policy for %s to %d", - policy->command, policy->context); - results = cmd_results_new(CMD_SUCCESS, NULL); cleanup: diff --git a/sway/config.c b/sway/config.c index fe811d27..bcf8d56f 100644 --- a/sway/config.c +++ b/sway/config.c @@ -154,9 +154,6 @@ void free_config(struct sway_config *config) { list_free(config->no_focus); list_free(config->active_bar_modifiers); list_free_items_and_destroy(config->config_chain); - list_free(config->command_policies); - list_free(config->feature_policies); - list_free(config->ipc_policies); free(config->floating_scroll_up_cmd); free(config->floating_scroll_down_cmd); free(config->floating_scroll_left_cmd); @@ -327,11 +324,6 @@ static void config_defaults(struct sway_config *config) { color_to_rgba(config->border_colors.background, 0xFFFFFFFF); - // Security - if (!(config->command_policies = create_list())) goto cleanup; - if (!(config->feature_policies = create_list())) goto cleanup; - if (!(config->ipc_policies = create_list())) goto cleanup; - // The keysym to keycode translation struct xkb_rule_names rules = {0}; config->keysym_translation_state = diff --git a/sway/ipc-server.c b/sway/ipc-server.c index 5e1cca89..bd9f40bc 100644 --- a/sway/ipc-server.c +++ b/sway/ipc-server.c @@ -47,7 +47,6 @@ struct ipc_client { struct wl_event_source *writable_event_source; struct sway_server *server; int fd; - uint32_t security_policy; enum ipc_command_type subscribed_events; size_t write_buffer_len; size_t write_buffer_size; diff --git a/sway/meson.build b/sway/meson.build index d71846a4..0db45836 100644 --- a/sway/meson.build +++ b/sway/meson.build @@ -6,7 +6,6 @@ sway_sources = files( 'ipc-json.c', 'ipc-server.c', 'main.c', - 'security.c', 'server.c', 'swaynag.c', 'xdg_decoration.c', diff --git a/sway/security.c b/sway/security.c deleted file mode 100644 index 6a00229e..00000000 --- a/sway/security.c +++ /dev/null @@ -1,18 +0,0 @@ -#define _POSIX_C_SOURCE 200809L -#include -#include -#include "sway/security.h" - -struct command_policy *alloc_command_policy(const char *command) { - struct command_policy *policy = malloc(sizeof(struct command_policy)); - if (!policy) { - return NULL; - } - policy->command = strdup(command); - if (!policy->command) { - free(policy); - return NULL; - } - policy->context = 0; - return policy; -}