drew/acadia
1
0
Fork 0
Code Issues 6 Pull requests Projects Releases Packages Wiki Activity Actions

Add a way to restrict permissions on cap duplication.

Browse source
This commit is contained in:
Drew Galbraith 2023-11-02 22:12:55 -07:00
parent 7dd10a3e53
commit f31652b981
10 changed files with 15 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

3
lib/mammoth/src/endpoint_server.cpp
View file

@ -9,8 +9,7 @@ void EndpointServerThreadBootstrap(void* endpoint_server) {
glcr::ErrorOr<glcr::UniquePtr<EndpointClient>> EndpointServer::CreateClient() {
uint64_t client_cap;
// FIXME: Restrict permissions to send-only here.
RET_ERR(ZCapDuplicate(endpoint_cap_, &client_cap));
RET_ERR(ZCapDuplicate(endpoint_cap_, ~(kZionPerm_Read), &client_cap));
return EndpointClient::AdoptEndpoint(client_cap);
}

3
lib/mammoth/src/port_server.cpp
View file

@ -13,9 +13,8 @@ PortServer PortServer::AdoptCap(z_cap_t cap) { return PortServer(cap); }
PortServer::PortServer(z_cap_t port_cap) : port_cap_(port_cap) {}
glcr::ErrorOr<PortClient> PortServer::CreateClient() {
// FIXME: Restrict permissions.
z_cap_t new_port;
RET_ERR(ZCapDuplicate(port_cap_, &new_port));
RET_ERR(ZCapDuplicate(port_cap_, ~(kZionPerm_Read), &new_port));
return PortClient::AdoptPort(new_port);
}