some security fixes for fluxbox-remote, and a minor change for the gvim fix
@@ -3,9 +3,10 @@ Changes for 1.0.0:
*07/07/03: * Avoid some problems with tabbed windows and resize increments (Mark) Window.cc WinClient.cc/hh - * Added utility fluxbox-remote, which takes one argument and has fluxbox - execute it just like in the keys file (Mark) - - e.g. fluxbox-remote "CustomMenu ~/.fluxbox/custommenu" + * Added utility fluxbox-remote, which allows script access to most fluxbox + commands; support must be turned on in the init file with + session.screen<N>.allowRemoteActions; the syntax is, e.g., + fluxbox-remote "CustomMenu ~/.fluxbox/custommenu" (Mark) Screen.cc util/fluxbox-remote.cc util/Makefile.am * Update systemtray and KDE dockapps in slit when background changes (Mark) Screen.cc/hh Systemtray.cc Slit.cc FbTk/FbPixmap.cc/hh
@@ -62,7 +62,7 @@
return *s_singleton; } -FbTk::Command *CommandParser::parseLine(const std::string &line) { +FbTk::Command *CommandParser::parseLine(const std::string &line, bool trusted) { // parse arguments and command string command = line;@@ -83,13 +83,14 @@
// we didn't find any matching command in default commands, // so we search in the command creators modules for a // matching command string - return toCommand(command, arguments); + return toCommand(command, arguments, trusted); } -FbTk::Command *CommandParser::toCommand(const std::string &command_str, const std::string &arguments) { +FbTk::Command *CommandParser::toCommand(const std::string &command_str, + const std::string &arguments, bool trusted) { if (m_commandfactorys[command_str] != 0) - return m_commandfactorys[command_str]->stringToCommand(command_str, arguments); + return m_commandfactorys[command_str]->stringToCommand(command_str, arguments, trusted); return 0; }
@@ -41,7 +41,8 @@ public:
CommandFactory(); virtual ~CommandFactory(); virtual FbTk::Command *stringToCommand(const std::string &command, - const std::string &arguments) = 0; + const std::string &arguments, + bool trusted) = 0; protected: void addCommand(const std::string &value); };@@ -52,7 +53,7 @@ public:
typedef std::map<std::string, CommandFactory *> CommandFactoryMap; /// @return parses and returns a command matching the line - FbTk::Command *parseLine(const std::string &line); + FbTk::Command *parseLine(const std::string &line, bool trusted = true); CommandParser();@@ -70,7 +71,7 @@ void removeAssociation(CommandFactory &factory);
/// search for a command in our command factory map FbTk::Command *toCommand(const std::string &command, - const std::string &arguments); + const std::string &arguments, bool trusted); CommandFactoryMap m_commandfactorys; ///< a string to factory map
@@ -173,12 +173,12 @@ addCommand(commands[i]);
} FbTk::Command *FbCommandFactory::stringToCommand(const std::string &command, - const std::string &arguments) { + const std::string &arguments, bool trusted) { using namespace FbCommands; // // WM commands // - if (command == "restart") + if (command == "restart" && trusted) return new RestartFluxboxCmd(arguments); else if (command == "reconfigure" || command == "reconfig") return new ReconfigureFluxboxCmd();@@ -190,11 +190,12 @@ else if (command == "keymode")
return new KeyModeCmd(arguments); else if (command == "saverc") return new SaveResources(); - else if (command == "execcommand" || command == "execute" || command == "exec") + else if (command == "execcommand" || command == "execute" || command == "exec") { + if (!trusted) return 0; return new ExecuteCmd(arguments); // execute command on key screen - else if (command == "exit" || command == "quit") + } else if (command == "exit" || command == "quit") return new ExitFluxboxCmd(); - else if (command == "setenv" || command == "export") { + else if ((command == "setenv" || command == "export") && trusted) { string name = arguments; FbTk::StringUtil::removeFirstWhitespace(name);@@ -216,9 +217,9 @@ return new SetModKeyCmd(modkey);
} else if (command == "commanddialog") // run specified fluxbox command return new CommandDialogCmd(); - else if (command == "bindkey") + else if (command == "bindkey" && trusted) return new BindKeyCmd(arguments); - else if (command == "setresourcevalue") { + else if (command == "setresourcevalue" && trusted) { // we need to parse arguments as: // <remove whitespace here><resname><one whitespace><value> string name = arguments;@@ -517,7 +518,7 @@ cmd.erase(second_pos);
} c= FbTk::StringUtil::toLower(cmd); - FbTk::Command* fbcmd= stringToCommand(c,a); + FbTk::Command* fbcmd= stringToCommand(c,a,trusted); if (fbcmd) { FbTk::RefCount<FbTk::Command> rfbcmd(fbcmd); macro->add(rfbcmd);@@ -554,7 +555,7 @@ cmd.erase(second_pos);
} c= FbTk::StringUtil::toLower(cmd); - FbTk::Command* fbcmd= stringToCommand(c,a); + FbTk::Command* fbcmd= stringToCommand(c,a,trusted); if (fbcmd) { FbTk::RefCount<FbTk::Command> rfbcmd(fbcmd); macro->add(rfbcmd);
@@ -27,7 +27,7 @@
class FbCommandFactory: public CommandFactory { public: FbTk::Command *stringToCommand(const std::string &command, - const std::string &arguments); + const std::string &arguments, bool trusted); private: FbCommandFactory();
@@ -326,6 +326,7 @@ scrname+".overlay.capStyle",
altscrname+".overlay.CapStyle"), scroll_action(rm, "", scrname+".windowScrollAction", altscrname+".WindowScrollAction"), scroll_reverse(rm, false, scrname+".windowScrollReverse", altscrname+".WindowScrollReverse"), + allow_remote_actions(rm, false, scrname+".allowRemoteActions", altscrname+".AllowRemoteActions"), max_over_tabs(rm, false, scrname+".tabs.maxOver", altscrname+".Tabs.MaxOver"), default_internal_tabs(rm, true /* TODO: autoconf option? */ , scrname+".tabs.intitlebar", altscrname+".Tabs.InTitlebar") {@@ -785,8 +786,8 @@ }
void BScreen::propertyNotify(Atom atom) { static Atom fbcmd_atom = XInternAtom(FbTk::App::instance()->display(), - "_FLUXBOX_COMMAND", False); - if (atom == fbcmd_atom) { + "_FLUXBOX_ACTION", False); + if (allowRemoteActions() && atom == fbcmd_atom) { Atom xa_ret_type; int ret_format; unsigned long ret_nitems, ret_bytes_after;@@ -803,7 +804,7 @@ True, XA_STRING, &xa_ret_type, &ret_format, &ret_nitems,
&ret_bytes_after, (unsigned char **)&str); } - FbTk::RefCount<FbTk::Command> cmd(CommandParser::instance().parseLine(str)); + FbTk::RefCount<FbTk::Command> cmd(CommandParser::instance().parseLine(str, false)); if (cmd.get()) cmd->execute(); XFree(str);
@@ -149,6 +149,7 @@ inline FollowModel getUserFollowModel() const { return *resource.user_follow_model; }
inline const std::string &getScrollAction() const { return *resource.scroll_action; } inline const bool getScrollReverse() const { return *resource.scroll_reverse; } + inline const bool allowRemoteActions() const { return *resource.allow_remote_actions; } inline const bool getDefaultInternalTabs() const { return *resource.default_internal_tabs; } inline const bool getMaxOverTabs() const { return *resource.max_over_tabs; }@@ -582,6 +583,7 @@ FbTk::Resource<FbTk::GContext::JoinStyle> gc_join_style;
FbTk::Resource<FbTk::GContext::CapStyle> gc_cap_style; FbTk::Resource<std::string> scroll_action; FbTk::Resource<bool> scroll_reverse; + FbTk::Resource<bool> allow_remote_actions; FbTk::Resource<bool> max_over_tabs; FbTk::Resource<bool> default_internal_tabs;
@@ -2564,13 +2564,18 @@
int cx = frame().x(), cy = frame().y(), ignore = 0; unsigned int cw = frame().width(), ch = frame().height(); - // if this is not m_client and m_client has resize_inc, make sure the new - // size would be ok with m_client - if (client != m_client && cr.value_mask & CWWidth && - cr.value_mask & CWHeight && - !m_client->checkSizeHints(cr.width, cr.height)) { - sendConfigureNotify(); - return; + // make sure the new width/height would be ok with all clients, or else they + // could try to resize the window back and forth + if (client != m_client && + cr.value_mask & CWWidth && cr.value_mask & CWHeight) { + ClientList::iterator it = clientList().begin(); + ClientList::iterator it_end = clientList().end(); + for (; it != it_end; ++it) { + if (!m_client->checkSizeHints(cr.width, cr.height)) { + sendConfigureNotify(); + return; + } + } } if (cr.value_mask & CWBorderWidth)
@@ -40,7 +40,7 @@ perror("error, can't open display.");
return EXIT_FAILURE; } - Atom fbcmd_atom = XInternAtom(disp, "_FLUXBOX_COMMAND", False); + Atom fbcmd_atom = XInternAtom(disp, "_FLUXBOX_ACTION", False); Window root = DefaultRootWindow(disp); char *str = argv[1];