Skip to content

Commit 4fb633a

Browse files
yixinsharkyixinshark
committed
fix: add command whitelist validation for notification actions
Add safeCommands whitelist in dconfig with default safe commands Validate commands against whitelist before execution Log: add command whitelist validation for notification actions
1 parent 638bb1b commit 4fb633a

File tree

2 files changed

+19
-0
lines changed

2 files changed

+19
-0
lines changed

panels/notification/server/configs/org.deepin.dde.shell.notification.json

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -155,6 +155,17 @@
155155
"description[zh_CN]": "通知自动清理的天数,超过此天数的通知将被自动删除",
156156
"permissions": "readwrite",
157157
"visibility": "public"
158+
},
159+
"safeCommands": {
160+
"value": ["xdg-open","dbus-send","qdbus","deepin-defender","dde-control-center","downloader","dde-file-manager","dde-dconfig","/usr/lib/deepin-daemon/dde-bluetooth-dialog","/usr/bin/dde-hints-dialog","/usr/bin/deepin-devicemanager"],
161+
"serial": 0,
162+
"flags": [],
163+
"name": "safe commands",
164+
"name[zh_CN]": "安全指令",
165+
"description": "safe commands",
166+
"description[zh_CN]": "通知扩展的x-deepin-action-携带的指令白名单",
167+
"permissions": "readonly",
168+
"visibility": "private"
158169
}
159170
}
160171
}

panels/notification/server/notificationmanager.cpp

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -532,6 +532,14 @@ void NotificationManager::doActionInvoked(const NotifyEntity &entity, const QStr
532532
if (!args.isEmpty()) {
533533
QString cmd = args.takeFirst(); // 命令
534534

535+
QScopedPointer<DConfig> config(DConfig::create("org.deepin.dde.shell", "org.deepin.dde.shell.notification"));
536+
QStringList safeCommands = config->value("safeCommands").toStringList();
537+
538+
if (!safeCommands.contains(cmd)) {
539+
qWarning(notifyLog) << "The command is not allowed to be executed:" << cmd << safeCommands;
540+
return;
541+
}
542+
535543
QProcess pro;
536544
pro.setProgram(cmd);
537545
pro.setArguments(args);

0 commit comments

Comments
 (0)