Hey everyone, another week another progress report. As always, you can find the report with screenshots here: https://blog.amorgan.xyz/gsoc-weekly-progress-report-2.html
Otherwise the text-only version is reproduced below: --- The work this week consisted of finishing off the context menus within Nautilus and Dolphin. I'm happy to report that they've both been finished off and accompanied by some icons from GNOME's Adwaita icon set. They actually work now too :) Some screenshots below: [] Icons appear in menu items now in Nautilus [] We also have a checkmark icon to indicate to the user that a folder is marked as untrusted [] The popup menu now includes the name of the file that is being marked as well as the file type [] Handy icons now show up on untrusted files! # Extended File Attribute Troubles As discovered earlier in the week, applied Extended File Attributes can get lost after some programs (i.e vim) edit them. This is due to the editor's nature of updating the file by first destroying it, then recreating it later from their temporarily modified buffer. This method is efficient, but unfortunately any file attributes that may be attached to the file that the editor doesn't know about will be lost after the original file is deleted. You may think that this is a total show-stopper for Extended File Attributes all together, but they actually still work in our use case, as the goal is to prevent local modification of marked files, while sending them to a separate VM for editing. Because of this, the only program we have to make aware of our special Extended File Attribute is the program that handles the transfer between the two VMs. In our case, this program is qvm-open-in-(d)vm. By simply reading the Extended File Attributes upon sending the file, and reapplying them once it gets the file back, we retain our mark, regardless of what happens to the file in the destination VM. # Denying Local Read Permissions on Untrusted Files To prevent this mark otherwise being accidentally destroyed on the originating VM, we can simply deny all users permission to read or write from it (through a chmod 0). Props to my mentor Marek for the suggestion. This has the one hiccup of which we can no longer read a file's Extended File Attributes, however our code can simply 'unlock' the file before processing it by chmod'ing the file back to 0644 before processing, and 'locking' it again afterwards. # Conclusion Now that the GUI is all finished, it's time to work on making the File Managers (Nautilus and Dolphin) aware of untrusted files. While it's easy enough to check for untrusted files on a right-click basis, we also need to check their status on a single or double left-click (i.e when a file is opened). Originally I planned to patch the File Managers to allow for running code on a left-click, however after creating the Nautilus extension, it seems to already do this by default. Coupled with the fact that files are no longer locally editable and thus cannot be opened automatically, we may not actually need to patch Nautilus at all! Dolphin may still require a patch, but I'll be looking for ways to possibly get away with not needing to while working on the Nautilus version first. Any and all feedback is appreciated, see you all in a week! -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/ohr1kh%241n1%241%40blaine.gmane.org. For more options, visit https://groups.google.com/d/optout.
signature.asc
Description: OpenPGP digital signature
