Commits

seydar committed 17bfeb5 Draft Merge

merge

  • Participants
  • Parent commits 3087d35, 95e6874

Comments (0)

Files changed (7)

-FUTURE:
-*   set local variables in config, have them appear in shell
-*   getting the menu to NOT have leading quotes
-*   remove/edit history
-    -> important for removing passwords if accidentally typed
-*   improve library usage of executables
-*   interprocess communication
-    -> sharing of variables between chitin processes
-*   remove trailing whitespace from lines somehow. maybe as a final transformation when you hit enter?
-*   `other_ls = method(:ls)` would be cool. note that ls is mapped to a binary and is not actually a method
-*   pass environment to child processes
-*   tab complete ruby/shell things
-*   post_processing for shell commands
-    -> make it asynchronous and use pipes
+o fill in Runnable#verify_permissions
+o write manifest editor
 
-QUIRKS:
-*   menu doesn't erase itself sometimes
-    -> cat and tabcomplete a file that is empty. output is correct but confusing
-*   does not play nice with GDB if it is called within the bash profile file
+Reading manifest files:
+o read its entry from .manifest
+  -> each entry formatted as "<path>\0<bitmask of permissions>\0"
+  -> permissions are done as a bitmask: 0b0110101001
+         this is for, say, network access ^
+o parse the bitmask
+o return a hash of what's going on
 
-FAILURES:
-*   ^C on running ruby programs kills the whole interpreter... womp.
-*   slashes in filenames
-*   `include Math; sin(5)` fails
+Asking user to confirm:
+o display a numbered list to the user of requested permissions
+o display a numbered list of unrequested permissions
+o wait for user input
+  -> "#a" gives permission to the program for this execution
+  -> "#o" takes permission from the program for this execution
+  -> "<enter>" or "y(es)" proceeds
+  -> "q(uit)" quits
 
-Questions:
-*   Why do you have to do @line = '' in Coolline in order to not affect the
-    history? History calls el.dup which creates a new object. It shouldn't
-    matter if I do @line.clear on the original.
-
-RELEASE
-*   failures
-

File lib/chitin/commands/executable.rb

 module Chitin
   class Executable
+    # this is needed to work in tandem with #method_missing.
+    # this will sweep all inherited methods BUT #[] under the rug.
     __sweep__ :[]
 
     include Runnable
   
       [path, *arr.flatten].join ' '
     end
+
+    def name; path; end
   
   end
 end

File lib/chitin/commands/pipe.rb

       result
     end
 
+    # #verify_permissions does not exist at the instance leve for pipes.
+    # we have to rewrite secure_run and secure_raw_run to take accommodate
+    # them.
+    def secure_run
+      parts.each do |part|
+        part[:verify_permissions, part.name]
+        part[:run]
+      end
+      reset
+  
+      self
+    end
+
+    # see comments of #secure_run
+    def secure_raw_run
+      parts[0..-2].each do |part|
+        part[:verify_permissions, part.name]
+        part[:run]
+      end
+
+      parts.last[:verify_permissions, parts.last[:name]]
+      result = parts.last[:raw_run]
+
+      reset
+  
+      result
+    end
+
     def wait
       parts.each {|part| part[:wait] }
   

File lib/chitin/commands/ruby.rb

     def inspect
       "#<StringMethod #{to_s}>"
     end
+
+    def name
+      :ruby
+    end
   end
 end
 

File lib/chitin/commands/runnable.rb

     def raw_run
       run
     end
+
+    def secure_run
+      verify_permissions
+      run
+    end
+
+    def secure_raw_run
+      verify_permissions
+      raw_run
+    end
+
+    def verify_permissions(name=self.name)
+      # find the manifest file
+      manifest = Manifest.find name
+      # ask user to confirm permissions
+      confirmed_perms = manifest.confirm_permissions name
+      # take the requested permissions
+      #   implement the restrictions according to PinkTrace
+      Sandbox.secure confirmed_perms
+    end
+
+    def name; raise "Not Yet Implemented"; end
   end
 end
 

File lib/chitin/manifests/manifest.rb

+require 'openssl'
+
+module Chitin
+  class Manifest
+
+    def self.register(hash)
+      @@password_hash = hash
+    end
+
+    # retrieve the manifest entry for the name
+    def self.find(name)
+      manifest_path = File.expand_path '.chitin_manifest'
+      manifest      = File.read manifest_path
+      manifest_hmac = manifest_data[0..511]
+      manifest_data = manifest_data[512..-1]
+
+      # verify the authenticity of the file
+      computed_hmac = OpenSSL::HMAC.hexdigest('sha256',
+                                              @@password_hash,
+                                              manifest_data)
+
+      unless computed_hmac == manifest_hmac
+        puts "MANIFEST FILE HAS BEEN TAMPERED WITH"
+        return {}
+      end
+
+      @@data ||= {}
+      @@data[manifest_path] ||= YAML.load manifest_data
+      @@data[manifest_path][name]
+    end
+
+    def initialize
+    end
+  end
+end
+

File lib/chitin/session.rb

         res = [res] unless Array === res
   
         res.each do |res|
-          res[:run]
+          res[:secure_run]
           res[:wait] unless res[:bg]
         end
   
       else # else it's a standard ruby type (or a pipe returning as such)
   
         if Pipe === res || StringMethod === res
-          val = res[:raw_run]
+          val = res[:secure_raw_run]
         else
           val = res
         end