6 posts
Posted 02 May 2017 - 08:37 AM
SECURE FILE SYSTEM
Hello everyone this is my first post on the forum. I made an api which implements file system permissions on computercraft. I call it sfs and it is a wrapper for the fs api.
How It Works
Spoiler
Each file and directory can has 5 access values associated with it. These are: owner, owner read, owner write, other read, and other write. The two owner flags controll the owners access to the file, and the two other flags control all other users access to the file. Read access controls if a user can see the contents of a file or directory, and also controlls if a file can be ran. Write access controls if a user can modify the contents of a file, and if the user can create and remove files in a directoy.To give each file permissions, sfs introduces .sfs files. These files contain tables which store the Access values for other files. If a directory contains a .sfs file, that .sfs file contains the permission values for the other files and sub-direstories in that directory. For example, /a/.sfs controlls permisions for everything in the /a directory (including the .sfs file). The /.sfs file will also controll the permisions of the / directory.
A user table will need to be supplied to sfs.It represents a single user and can contain anything as long as it has a userName field. Only the userName field is used and other fields are ignored. An example of a user table would be
{ ["UserName"] = "steve" }
The root user ( a user with userName of "root") has full access to all files and directories.
Also, .sfs files are automatically updated when the filesystem changes.
Using sfs
Spoiler
The sfs api has a start function which will apply the api to your computer. The computer will need to be rebooted to get access to the original fs api. Once you call the start function it will remove itself (only if the api is saved as "sfs"). This is to prevent users from bypassing security by calling the start function with a new user table. It is highly recommended that you also block access to the sfs api file, so that users cannot load a different user table.This api comes with the setter functions setOwner (for root user only) , setOwnerWrite, setOwnerRead, setOtherWrite, and setOtherRead. The start function must be called before you can use these functions.
A login is not provided with sfs; this allows for others to create login programs.
An example startup program is shown below:
os.loadAPI("/sfs")
-- disable termination
local tempPullEvent = os.pullEvent
os.pullEvent = os.pullEventRaw– Login prompt (for a single user)
while true do
print("Welcome to secure software inc.")
term.write("Username: ")
local name = read()
term.write("Password: ")
local pass = read("*")
if name == "steve" and
pass == "1234" then
break
end
end
–Enable termination
os.pullEvent = tempPullEvent
sfs.start()
– Exit to default shell with sfs in place
Download using command: pastebin get ziaDN7Ex sfs
Source at: https://pastebin.com/ziaDN7Ex
Please post on this thread if you find any bugs, and let my know your thoughts on my program :D/> !