need_vertical_update(), edit_scroll(), and edit_redraw().
Also rename the int refresh in do_delete() and do_backspace()
to do_refresh so as not to conflict with refresh(). (DLR)
+ - Add some comments better explaining what is disabled in
+ restricted mode and why. (DLR)
- files.c:
add_open_file()
- Rearrange the NANO_SMALL #ifdef so that the code to set the
i = do_yesno(FALSE, _("File exists, OVERWRITE ?"));
if (i == 0 || i == -1)
continue;
+ /* If we're using restricted mode, we aren't allowed to
+ * change the name of a file once it has one because that
+ * would allow reading from or writing to files not
+ * specified on the command line. In this case, don't
+ * bother showing the "Different Name" prompt. */
} else if (!ISSET(RESTRICTED) && filename[0] != '\0'
#ifndef NANO_SMALL
&& (exiting || !ISSET(MARK_ISSET))
}
#ifndef NANO_SMALL
- /* Here's where we allow the selected text to be written to
- * a separate file. */
+ /* Here's where we allow the selected text to be written to a
+ * separate file. If we're using restricted mode, this is
+ * disabled since it allows reading from or writing to files not
+ * specified on the command line. */
if (!ISSET(RESTRICTED) && !exiting && ISSET(MARK_ISSET))
i = write_marked(answer, FALSE, append);
else
toggle_init_one(TOGGLE_NOHELP_KEY, toggle_nohelp_msg, NO_HELP);
#ifdef ENABLE_MULTIBUFFER
+ /* If we're using restricted mode, the multibuffer toggle is
+ * disabled. It's useless since inserting files is disabled. */
if (!ISSET(RESTRICTED))
toggle_init_one(TOGGLE_MULTIBUFFER_KEY, toggle_multibuffer_msg, MULTIBUFFER);
#endif
toggle_init_one(TOGGLE_WRAP_KEY, toggle_wrap_msg, NO_WRAP);
#endif
toggle_init_one(TOGGLE_CUTTOEND_KEY, toggle_cuttoend_msg, CUT_TO_END);
+ /* If we're using restricted mode, the suspend toggle is disabled.
+ * It's useless since suspending is disabled. */
if (!ISSET(RESTRICTED))
toggle_init_one(TOGGLE_SUSPEND_KEY, toggle_suspend_msg, SUSPEND);
#ifndef DISABLE_MOUSE
toggle_init_one(TOGGLE_MOUSE_KEY, toggle_mouse_msg, USE_MOUSE);
#endif
+ /* If we're using restricted mode, the no-conversion, DOS format,
+ * Mac format, and backup toggles are disabled. The first, second,
+ * and third are useless since inserting files is disabled, and the
+ * fourth is useless since backups are disabled. */
if (!ISSET(RESTRICTED)) {
toggle_init_one(TOGGLE_NOCONVERT_KEY, toggle_noconvert_msg, NO_CONVERT);
toggle_init_one(TOGGLE_DOS_KEY, toggle_dos_msg, DOS_FILE);
#endif
);
- /* this is so we can view multiple files */
+ /* We allow inserting files in view mode if multibuffers are
+ * available, so that we can view multiple files. */
+ /* If we're using restricted mode, inserting files is disabled since
+ * it allows reading from or writing to files not specified on the
+ * command line. */
/* Translators: try to keep this string under 10 characters long */
sc_init_one(&main_list, NANO_INSERTFILE_KEY, _("Read File"),
IFHELP(nano_insert_msg, NANO_NO_KEY), NANO_INSERTFILE_FKEY,
IFHELP(nano_cursorpos_msg, NANO_NO_KEY), NANO_CURSORPOS_FKEY,
NANO_NO_KEY, VIEW, do_cursorpos_void);
+ /* If we're using restricted mode, spell checking is disabled
+ * because it allows reading from or writing to files not specified
+ * on the command line. */
/* Translators: try to keep this string under 10 characters long */
sc_init_one(&main_list, NANO_SPELL_KEY, _("To Spell"),
IFHELP(nano_spell_msg, NANO_NO_KEY), NANO_SPELL_FKEY,
);
#ifndef DISABLE_BROWSER
+ /* If we're using restricted mode, the file browser is disabled.
+ * It's useless since inserting files is disabled. */
/* Translators: try to keep this string under 16 characters long */
if (!ISSET(RESTRICTED))
sc_init_one(&writefile_list, NANO_TOFILES_KEY, _("To Files"),
#endif
#ifndef NANO_SMALL
+ /* If we're using restricted mode, the DOS format, Mac format,
+ * append, prepend, and backup toggles are disabled. The first and
+ * second are useless since inserting files is disabled, the third
+ * and fourth are disabled because they allow writing to files not
+ * specified on the command line, and the fifth is useless since
+ * backups are disabled. */
/* Translators: try to keep this string under 16 characters long */
if (!ISSET(RESTRICTED))
sc_init_one(&writefile_list, NANO_NO_KEY, _("DOS Format"),
NANO_NO_KEY, VIEW, 0);
#ifndef DISABLE_BROWSER
+ /* If we're using restricted mode, the file browser is disabled.
+ * It's useless since inserting files is disabled. */
if (!ISSET(RESTRICTED))
sc_init_one(&insertfile_list, NANO_TOFILES_KEY, _("To Files"),
IFHELP(nano_tofiles_msg, NANO_NO_KEY), NANO_NO_KEY,
#endif
#ifndef NANO_SMALL
+ /* If we're using restricted mode, command execution is disabled.
+ * It's useless since inserting files is disabled. */
/* Translators: try to keep this string under 22 characters long */
if (!ISSET(RESTRICTED))
sc_init_one(&insertfile_list, NANO_EXTCMD_KEY, _("Execute Command"),
NANO_NO_KEY, NOVIEW, 0);
#ifdef ENABLE_MULTIBUFFER
+ /* If we're using restricted mode, the multibuffer toggle is
+ * disabled. It's useless since inserting files is disabled. */
/* Translators: try to keep this string under 22 characters long */
if (!ISSET(RESTRICTED))
sc_init_one(&insertfile_list, NANO_NO_KEY, _("New Buffer"),
char *ret;
int i = -1;
- /* No emergency files in restricted mode! */
+ /* If we're using restricted mode, don't write any emergency backup
+ * files, since that would allow reading from or writing to files
+ * not specified on the command line. */
if (ISSET(RESTRICTED))
return;
}
}
- /* If filename starts with 'r', we use restricted mode. */
+ /* If the executable filename starts with 'r', we use restricted
+ * mode. */
if (*(tail(argv[0])) == 'r')
SET(RESTRICTED);
- /* If we're using restricted mode, disable suspending, backup files,
- * and reading rcfiles. */
+ /* If we're using restricted mode, disable suspending, backups, and
+ * reading rcfiles, since they all would allow reading from or
+ * writing to files not specified on the command line. */
if (ISSET(RESTRICTED)) {
UNSET(SUSPEND);
UNSET(BACKUP_FILE);
#ifndef NANO_SMALL
/* Set up the backup directory (unless we're using restricted mode,
- * in which case backups are disabled). This entails making sure it
- * exists and is a directory, so that backup files will be saved
- * there. */
+ * in which case backups are disabled, since they would allow
+ * reading from or writing to files not specified on the command
+ * line). This entails making sure it exists and is a directory, so
+ * that backup files will be saved there. */
if (!ISSET(RESTRICTED))
init_backup_dir();
#endif
#ifndef DISABLE_SPELLER
/* If we don't have an alternative spell checker after reading the
- * command line and/or rcfile, check $SPELL for one, as Pico
+ * command line and/or rcfile(s), check $SPELL for one, as Pico
* does (unless we're using restricted mode, in which case spell
- * checking is disabled). */
+ * checking is disabled, since it would allow reading from or
+ * writing to files not specified on the command line). */
if (!ISSET(RESTRICTED) && alt_speller == NULL) {
char *spellenv = getenv("SPELL");
if (spellenv != NULL)
input */
wrefresh(edit);
+ /* If we're using restricted mode, we aren't allowed to change the
+ * name of a file once it has one because that would allow writing
+ * to files not specified on the command line. In this case,
+ * disable all keys that would change the text if the filename isn't
+ * blank and we're at the "Write File" prompt. */
while ((kbinput = get_kbinput(bottomwin, &meta_key)) != NANO_ENTER_KEY) {
for (t = s; t != NULL; t = t->next) {
#ifdef DEBUG
x++;
break;
case NANO_DELETE_KEY:
+ /* If we're using restricted mode, the filename isn't blank,
+ * and we're at the "Write File" prompt, disable Delete. */
if (!ISSET(RESTRICTED) || filename[0] == '\0' || s != writefile_list) {
if (x < xend) {
charmove(answer + x, answer + x + 1, xend - x);
break;
case NANO_CUT_KEY:
case NANO_UNCUT_KEY:
+ /* If we're using restricted mode, the filename isn't blank,
+ * and we're at the "Write File" prompt, disable Cut and
+ * UnCut. */
if (!ISSET(RESTRICTED) || filename[0] == '\0' || s != writefile_list) {
null_at(&answer, 0);
xend = 0;
}
break;
case NANO_BACKSPACE_KEY:
+ /* If we're using restricted mode, the filename isn't blank,
+ * and we're at the "Write File" prompt, disable
+ * Backspace. */
if (!ISSET(RESTRICTED) || filename[0] == '\0' || s != writefile_list) {
if (x > 0) {
charmove(answer + x - 1, answer + x, xend - x + 1);
return kbinput;
}
+ /* If we're using restricted mode, the filename isn't blank,
+ * and we're at the "Write File" prompt, act as though the
+ * unhandled character we got is a control character and
+ * throw it away. */
if (is_cntrl_char(kbinput) || (ISSET(RESTRICTED) && filename[0] != '\0' && s == writefile_list))
break;
answer = charealloc(answer, xend + 2);
projects / nano.git / commitdiff