New -osirrox mode "banned"

This commit is contained in:
Thomas Schmitt 2009-04-05 14:30:45 +00:00
parent 90e178a14d
commit 3a63d2b10f
4 changed files with 43 additions and 17 deletions

View File

@ -2,7 +2,7 @@
.\" First parameter, NAME, should be all caps
.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection
.\" other parameters are allowed: see man(7), man(1)
.TH XORRISO 1 "Apr 04, 2009"
.TH XORRISO 1 "Apr 05, 2009"
.\" Please adjust this date whenever revising the manpage.
.\"
.\" Some roff macros, for reference:
@ -2514,10 +2514,11 @@ of -overwrite "nondir". I.e. directories cannot be deleted.
Access permissions of files in the ISO image do not restrict restoring.
The directory permissions on disk have to allow rwx.
.TP
\fB\-osirrox\fR "on"|"device_files"|"off"[:option:...]
\fB\-osirrox\fR "on"|"device_files"|"off"|"banned"|[:option:...]
Setting "off" disables disk filesystem manipulations. This is the default
unless the program was started with leafname "osirrox". Elsewise
the capability to restore files can be enabled explicitly by -osirrox "on".
It can be irrevocably disabled by -osirrox "banned".
.br
To enable restoring of special files by "device_files" is potentially
dangerous.

View File

@ -91,6 +91,7 @@ or
#include <grp.h>
#include <signal.h>
#include <sys/utsname.h>
#include <sys/select.h>
/* for -charset */
#include <iconv.h>
@ -5876,7 +5877,7 @@ int Xorriso_status(struct XorrisO *xorriso, char *filter, FILE *fp, int flag)
{
int is_default, no_defaults, i, ret, adr_mode, bin_path_in_use= 0, do_single;
char *line, sfe[5 * SfileadrL + 80], mode[80], *form, *treatment;
char *in_pt, *out_pt, *nl_charset, *local_charset;
char *in_pt, *out_pt, *nl_charset, *local_charset, *mode_pt;
static char channel_prefixes[4][4]= {".","R","I","M"};
static char load_names[][20]= {"auto", "session", "track", "lba", "volid"};
static int max_load_mode= 4;
@ -6033,9 +6034,17 @@ int Xorriso_status(struct XorrisO *xorriso, char *filter, FILE *fp, int flag)
is_default= (xorriso->allow_restore==0 && xorriso->do_concat_split==1 &&
xorriso->do_auto_chmod==0);
sprintf(line,"-osirrox %s:%s:%s\n",
xorriso->allow_restore ? xorriso->allow_restore==2 ?
"device_files" : "on" : "off",
mode_pt= "off";
if(xorriso->allow_restore == -1)
mode_pt= "banned";
else if(xorriso->allow_restore == 1)
mode_pt= "on";
else if(xorriso->allow_restore == 2)
mode_pt= "device_files";
if(xorriso->allow_restore == -1)
sprintf(line,"-osirrox %s\n", mode_pt);
else
sprintf(line,"-osirrox %s:%s:%s\n", mode_pt,
xorriso->do_concat_split ? "concat_split_on" : "concat_split_off",
xorriso->do_auto_chmod ? "auto_chmod_on" : "auto_chmod_off"
);
@ -12910,7 +12919,7 @@ int Xorriso_option_cpx(struct XorrisO *xorriso, int argc, char **argv,
is_dir= 1;
strcpy(dest_dir, eff_dest);
}
if(!xorriso->allow_restore) {
if(xorriso->allow_restore <= 0) {
sprintf(xorriso->info_text,
"-cpx: image-to-disk copies are not enabled by option -osirrox");
Xorriso_msgs_submit(xorriso, 0, xorriso->info_text, 0, "FAILURE", 0);
@ -13426,7 +13435,7 @@ int Xorriso_option_extract(struct XorrisO *xorriso, char *iso_path,
int ret;
char eff_origin[SfileadrL], eff_dest[SfileadrL], *ipth;
if(!xorriso->allow_restore) {
if(xorriso->allow_restore <= 0) {
sprintf(xorriso->info_text,
"-extract: image-to-disk copies are not enabled by option -osirrox");
Xorriso_msgs_submit(xorriso, 0, xorriso->info_text, 0, "FAILURE", 0);
@ -14379,10 +14388,13 @@ int Xorriso_option_help(struct XorrisO *xorriso, int flag)
" Performs -compare_r with each disk_path.",
"",
"Restore options which copy file objects from ISO image to disk filesystem:",
" -osirrox \"on\"|\"device_files\"|\"off\":\"concat_split_on\"|\"concat_split_off\"",
" -osirrox \"on\"|\"device_files\"|\"off\"|\"banned\"",
" [:\"concat_split_on\"|\"concat_split_off\"]",
" [:\"auto_chmod__on\"|\"auto_chmod__off\"]",
" By default \"off\" the inverse operation of xorriso from ISO",
" image to disk filesystem is disabled. \"on\" allows xorriso",
" to create, overwrite, delete files in the disk filesystem.",
" \"banned\" is irrevocably \"off\".",
" -extract iso_rr_path disk_path",
" Copy tree under iso_rr_path onto disk address disk_path.",
" This avoids the pitfalls of cp -r addressing rules.",
@ -15102,7 +15114,7 @@ int Xorriso_option_mount(struct XorrisO *xorriso, char *dev, char *adr_mode,
mnt= "-session_string";
else {
mnt= "-mount";
if(!xorriso->allow_restore) {
if(xorriso->allow_restore <= 0) {
sprintf(xorriso->info_text,
"-mount: image-to-disk features are not enabled by option -osirrox");
Xorriso_msgs_submit(xorriso, 0, xorriso->info_text, 0, "FAILURE", 0);
@ -15487,9 +15499,11 @@ ex:;
/* Option -osirrox "on"|"off" */
int Xorriso_option_osirrox(struct XorrisO *xorriso, char *mode, int flag)
{
int l;
int l, allow_restore;
char *npt, *cpt;
allow_restore= xorriso->allow_restore;
npt= cpt= mode;
for(cpt= mode; npt!=NULL; cpt= npt+1) {
npt= strchr(cpt,':');
@ -15500,11 +15514,13 @@ int Xorriso_option_osirrox(struct XorrisO *xorriso, char *mode, int flag)
if(l==0 && mode[0]!=0)
goto unknown_mode;
if(strncmp(cpt, "off", l)==0)
xorriso->allow_restore= 0;
allow_restore= 0;
else if(strncmp(cpt, "banned", l)==0)
allow_restore= -1;
else if(strncmp(cpt, "device_files", l)==0)
xorriso->allow_restore= 2;
allow_restore= 2;
else if(strncmp(cpt, "on", l)==0 || mode[0]==0)
xorriso->allow_restore= 1;
allow_restore= 1;
else if(strncmp(cpt, "concat_split_on", l)==0)
xorriso->do_concat_split= 1;
else if(strncmp(cpt, "concat_split_off", l)==0)
@ -15520,9 +15536,17 @@ unknown_mode:;
return(0);
}
}
if(allow_restore > 0 && xorriso->allow_restore == -1) {
sprintf(xorriso->info_text,
"-osirrox: was already permanently disabled by setting 'banned'");
Xorriso_msgs_submit(xorriso, 0, xorriso->info_text, 0, "FAILURE", 0);
return(0);
}
if(xorriso->allow_restore != -1)
xorriso->allow_restore= allow_restore;
sprintf(xorriso->info_text,
"Copying of file objects from ISO image to disk filesystem is: %s\n",
xorriso->allow_restore ? "Enabled" : "Disabled");
xorriso->allow_restore > 0 ? "Enabled" : "Disabled");
Xorriso_info(xorriso, 0);
return(1);
}

View File

@ -237,7 +237,8 @@ struct XorrisO { /* the global context of xorriso */
/* XORRISO options */
int allow_graft_points;
int allow_restore; /* 0= disallowed, 1=allowed, 2=device files allowed */
int allow_restore; /* -1=permanently disallowed
0=disallowed, 1=allowed, 2=device files allowed */
int do_concat_split; /* 1= restore complete split file directories as
regular files
*/

View File

@ -1 +1 @@
#define Xorriso_timestamP "2009.04.05.131536"
#define Xorriso_timestamP "2009.04.05.143043"