Andrew Morgan's Blog

It's a blog

GSoC Weekly Progress Report #2

June 14, 2017 — Andrew Morgan

The work this week consisted of finishing off the context menus within Nautilus and Dolphin. I'm happy to report that they've both been finished off and accompanied by some icons from GNOME's Adwaita icon set.

They actually work now too :)

Some screenshots below:

Icons appear in menu items now in Nautilus Icons appear in menu items now in Nautilus

We also have a checkmark icon to indicate to the user that a folder is marked as untrusted We also have a checkmark icon to indicate to the user that a folder is marked as untrusted

The popup menu now includes the name of the file that is being marked as well as the file type The popup menu now includes the name of the file that is being marked as well as the file type

Handy icons now show up on untrusted files! Handy icons now show up on untrusted files!

Extended File Attribute Troubles

As discovered earlier in the week, applied Extended File Attributes can get lost after some programs (i.e vim) edit them. This is due to the editor's nature of updating the file by first destroying it, then recreating it later from their temporarily modified buffer. This method is efficient, but unfortunately any file attributes that may be attached to the file that the editor doesn't know about will be lost after the original file is deleted.

You may think that this is a total show-stopper for Extended File Attributes all together, but they actually still work in our use case, as the goal is to prevent local modification of marked files, while sending them to a separate VM for editing.

Because of this, the only program we have to make aware of our special Extended File Attribute is the program that handles the transfer between the two VMs. In our case, this program is qvm-open-in-(d)vm. By simply reading the Extended File Attributes upon sending the file, and reapplying them once it gets the file back, we retain our mark, regardless of what happens to the file in the destination VM.

Denying Local Read Permissions on Untrusted Files

To prevent this mark otherwise being accidentally destroyed on the originating VM, we can simply deny all users permission to read or write from it (through a chmod 0). Props to my mentor Marek for the suggestion.

This has the one hiccup of which we can no longer read a file's Extended File Attributes, however our code can simply 'unlock' the file before processing it by chmod'ing the file back to 0644 before processing, and 'locking' it again afterwards.

Conclusion

Now that the GUI is all finished, it's time to work on making the File Managers (Nautilus and Dolphin) aware of untrusted files. While it's easy enough to check for untrusted files on a right-click basis, we also need to check their status on a single or double left-click (i.e when a file is opened).

Originally I planned to patch the File Managers to allow for running code on a left-click, however after creating the Nautilus extension, it seems to already do this by default. Coupled with the fact that files are no longer locally editable and thus cannot be opened automatically, we may not actually need to patch Nautilus at all!

Dolphin may still require a patch, but I'll be looking for ways to possibly get away with not needing to while working on the Nautilus version first.

As always, the code is available here.

Any and all feedback is appreciated, see you in a week!

Tags: gsoc-2017, progress-report