*/ void Check_Security(REBCNT sym, REBCNT policy, REBVAL *value) /* ** A helper function that fetches the security flags for ** a given symbol (FILE) and value (path), and then tests ** that they are allowed. ** ***********************************************************************/ { REBYTE *flags; flags = Security_Policy(sym, value); Trap_Security(flags[policy], sym, value); }
*/ void Secure_Port(REBCNT kind, REBREQ *req, REBVAL *name, REBSER *path) /* ** kind: word that represents the type (e.g. 'file) ** req: I/O request ** name: value that holds the original user spec ** path: the local path to compare with ** ***********************************************************************/ { REBYTE *flags; REBVAL val; Val_Init_String(&val, path); flags = Security_Policy(kind, &val); // policy flags // Check policy integer: // Mask is [xxxx wwww rrrr] - each holds the action if (GET_FLAG(req->modes, RFM_READ)) Trap_Security(flags[POL_READ], kind, name); if (GET_FLAG(req->modes, RFM_WRITE)) Trap_Security(flags[POL_WRITE], kind, name); }