Redirections and the execute command let the user read and write files
and run programs on the local system.
Restricted mode prevents such access. This is useful when you want to
grant somebody access to just Empire, but not to the host system's
user account that runs the client.
Signed-off-by: Marisa Giancarla <fstltna@me.com>
Signed-off-by: Markus Armbruster <armbru@pond.sub.org>
.SH SYNOPSIS
.B empire
[
-.B \-hkuv
+.B \-hkruv
]
[
.BI \-2 " outfile"
.B \-k
If someone else is connected to your country, kill their connection.
.TP
+.B \-r
+Restricted mode: disable redirections and execute command.
+.TP
.BI \-s " [host:]port"
Specify server \fIhost\fR and \fIport\fR.
.TP
printf("Usage: %s [OPTION]...[COUNTRY [PASSWORD]]\n"
" -2 FILE Append log of session to FILE\n"
" -k Kill connection\n"
+ " -r Restricted mode, no redirections\n"
" -s [HOST:]PORT Specify server HOST and PORT\n"
" -u Use UTF-8\n"
" -h display this help and exit\n"
char *colon;
int sock;
- while ((opt = getopt(argc, argv, "2:ks:uhv")) != EOF) {
+ while ((opt = getopt(argc, argv, "2:krs:uhv")) != EOF) {
switch (opt) {
case '2':
auxfname = optarg;
case 'k':
send_kill = 1;
break;
+ case 'r':
+ restricted = 1;
+ break;
case 's':
port = strdup(optarg);
colon = strrchr(port, ':');
extern int input_fd;
extern int send_eof;
extern FILE *auxfp;
+extern int restricted;
#ifdef HAVE_CURSES_TERMINFO
void getsose(void);
int eight_bit_clean;
FILE *auxfp;
+int restricted;
static FILE *redir_fp;
static int redir_is_pipe;
{
size_t seen = seen_input(arg);
+ if (restricted) {
+ fprintf(stderr, "Can't %s in restricted mode\n", attempt);
+ return 0;
+ }
+
if (executing) {
fprintf(stderr, "Can't %s in a batch file\n", attempt);
return 0;