Resources directory in SecurityPlugin

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Resources directory in SecurityPlugin

Bert Freudenberg
 
When running Etoys inside a web browser, the file sandbox is  
preventing access to all files outside the "Etoys" working directory  
(a.k.a. "untrusted user directory"). That means we cannot open help  
guides or switch languages or access examples or the sources file etc.

Proposed solution: In the SecurityPlugin, allow read-only file to a  
"resource" directory (in addition to read-write access to the  
"untrusted user directory"). The default for this resource directory  
would be the image directory.

I did it for Unix, you can find a diff attached to the Etoys ticket:

http://tracker.squeakland.org/browse/SQ-241

Basically, the writeFlag is now passed down to isAccessiblePathName(),  
and in case it's read-only, it allows access to the resource dir  
(which is configurable but defaulting to the image path).

Any chance to get the same behavior implemented on Mac and Win VMs,  
too? Thanks :)

- Bert -

Reply | Threaded
Open this post in threaded view
|

Re: Resources directory in SecurityPlugin

Bert Freudenberg
 
*bump*

Andreas, John?

- Bert -

On 27.05.2009, at 00:38, Bert Freudenberg wrote:

> When running Etoys inside a web browser, the file sandbox is  
> preventing access to all files outside the "Etoys" working directory  
> (a.k.a. "untrusted user directory"). That means we cannot open help  
> guides or switch languages or access examples or the sources file etc.
>
> Proposed solution: In the SecurityPlugin, allow read-only file to a  
> "resource" directory (in addition to read-write access to the  
> "untrusted user directory"). The default for this resource directory  
> would be the image directory.
>
> I did it for Unix, you can find a diff attached to the Etoys ticket:
>
> http://tracker.squeakland.org/browse/SQ-241
>
> Basically, the writeFlag is now passed down to  
> isAccessiblePathName(), and in case it's read-only, it allows access  
> to the resource dir (which is configurable but defaulting to the  
> image path).
>
> Any chance to get the same behavior implemented on Mac and Win VMs,  
> too? Thanks :)
>
> - Bert -



Reply | Threaded
Open this post in threaded view
|

Re: Re: Resources directory in SecurityPlugin

johnmci
 
Well no doubt I should build a new VM then, also need to include the  
NaN logic now that it has been sorted out.

On 3-Aug-09, at 3:19 PM, Bert Freudenberg wrote:

> *bump*
>
> Andreas, John?
>
> - Bert -
>
> On 27.05.2009, at 00:38, Bert Freudenberg wrote:
>
>> When running Etoys inside a web browser, the file sandbox is  
>> preventing access to all files outside the "Etoys" working  
>> directory (a.k.a. "untrusted user directory"). That means we cannot  
>> open help guides or switch languages or access examples or the  
>> sources file etc.
>>
>> Proposed solution: In the SecurityPlugin, allow read-only file to a  
>> "resource" directory (in addition to read-write access to the  
>> "untrusted user directory"). The default for this resource  
>> directory would be the image directory.
>>
>> I did it for Unix, you can find a diff attached to the Etoys ticket:
>>
>> http://tracker.squeakland.org/browse/SQ-241
>>
>> Basically, the writeFlag is now passed down to  
>> isAccessiblePathName(), and in case it's read-only, it allows  
>> access to the resource dir (which is configurable but defaulting to  
>> the image path).
>>
>> Any chance to get the same behavior implemented on Mac and Win VMs,  
>> too? Thanks :)
>>
>> - Bert -
>
>
>

--
=
=
=
========================================================================
John M. McIntosh <[hidden email]>   Twitter:  
squeaker68882
Corporate Smalltalk Consulting Ltd.  http://www.smalltalkconsulting.com
=
=
=
========================================================================