diff --git a/include/sway/security.h b/include/sway/security.h index d60f264a..0edffdfa 100644 --- a/include/sway/security.h +++ b/include/sway/security.h @@ -7,6 +7,8 @@ uint32_t get_feature_policy_mask(pid_t pid); uint32_t get_ipc_policy_mask(pid_t pid); uint32_t get_command_policy_mask(const char *cmd); +struct feature_policy *get_feature_policy(const char *name); + const char *command_policy_str(enum command_context context); struct feature_policy *alloc_feature_policy(const char *program); diff --git a/sway/commands/permit.c b/sway/commands/permit.c index 4a78ef0d..c55f46d8 100644 --- a/sway/commands/permit.c +++ b/sway/commands/permit.c @@ -38,25 +38,6 @@ static enum secure_feature get_features(int argc, char **argv, return features; } -static struct feature_policy *get_feature_policy(const char *name) { - struct feature_policy *policy = NULL; - for (int i = 0; i < config->feature_policies->length; ++i) { - struct feature_policy *p = config->feature_policies->items[i]; - if (strcmp(p->program, name) == 0) { - policy = p; - break; - } - } - if (!policy) { - policy = alloc_feature_policy(name); - if (!policy) { - sway_abort("Unable to allocate security policy"); - } - list_add(config->feature_policies, policy); - } - return policy; -} - struct cmd_results *cmd_permit(int argc, char **argv) { struct cmd_results *error = NULL; if ((error = checkarg(argc, "permit", EXPECTED_MORE_THAN, 1))) { diff --git a/sway/security.c b/sway/security.c index 5b762b07..96af2b88 100644 --- a/sway/security.c +++ b/sway/security.c @@ -94,6 +94,26 @@ static const char *get_pid_exe(pid_t pid) { return link; } +struct feature_policy *get_feature_policy(const char *name) { + struct feature_policy *policy = NULL; + + for (int i = 0; i < config->feature_policies->length; ++i) { + struct feature_policy *p = config->feature_policies->items[i]; + if (strcmp(p->program, name) == 0) { + policy = p; + break; + } + } + if (!policy) { + policy = alloc_feature_policy(name); + if (!policy) { + sway_abort("Unable to allocate security policy"); + } + list_add(config->feature_policies, policy); + } + return policy; +} + uint32_t get_feature_policy_mask(pid_t pid) { uint32_t default_policy = 0; const char *link = get_pid_exe(pid);