Gitiles
Code Review Sign In
review.blissroms.org / platform_external_nano / 32e3b88e09030d041119eea1b8e5f932b1d17304^! / . / src / nano.c
commit32e3b88e09030d041119eea1b8e5f932b1d17304[log] [tgz]
authorDavid Lawrence Ramsey <pooka109@gmail.com>Sat May 29 01:20:17 2004 +0000
committerDavid Lawrence Ramsey <pooka109@gmail.com>Sat May 29 01:20:17 2004 +0000
tree8bba116f9e0b6301d1100ea70e4f3ee63840d000
parentdd7cc7230e1dc2201ccfd9249360a18a5c9c21fd [diff] [blame]
add some comments better explaining what is disabled in restricted mode
and why


git-svn-id: svn://svn.savannah.gnu.org/nano/trunk/nano@1778 35c25a1d-7b9e-4130-9fde-d3aeb78583b8

diff --git a/src/nano.c b/src/nano.c
index 3109bac..0d87251 100644
--- a/src/nano.c
+++ b/src/nano.c

@@ -155,7 +155,9 @@
     char *ret;
     int i = -1;
 
-    /* No emergency files in restricted mode! */
+    /* If we're using restricted mode, don't write any emergency backup
+     * files, since that would allow reading from or writing to files
+     * not specified on the command line. */
     if (ISSET(RESTRICTED))
 	return;
 
@@ -3270,12 +3272,14 @@
 	}
     }
 
-    /* If filename starts with 'r', we use restricted mode. */
+    /* If the executable filename starts with 'r', we use restricted
+     * mode. */
     if (*(tail(argv[0])) == 'r')
 	SET(RESTRICTED);
 
-    /* If we're using restricted mode, disable suspending, backup files,
-     * and reading rcfiles. */
+    /* If we're using restricted mode, disable suspending, backups, and
+     * reading rcfiles, since they all would allow reading from or
+     * writing to files not specified on the command line. */
     if (ISSET(RESTRICTED)) {
 	UNSET(SUSPEND);
 	UNSET(BACKUP_FILE);
@@ -3368,9 +3372,10 @@
 
 #ifndef NANO_SMALL
     /* Set up the backup directory (unless we're using restricted mode,
-     * in which case backups are disabled).  This entails making sure it
-     * exists and is a directory, so that backup files will be saved
-     * there. */
+     * in which case backups are disabled, since they would allow
+     * reading from or writing to files not specified on the command
+     * line).  This entails making sure it exists and is a directory, so
+     * that backup files will be saved there. */
     if (!ISSET(RESTRICTED))
 	init_backup_dir();
 #endif
@@ -3392,9 +3397,10 @@
 
 #ifndef DISABLE_SPELLER
     /* If we don't have an alternative spell checker after reading the
-     * command line and/or rcfile, check $SPELL for one, as Pico
+     * command line and/or rcfile(s), check $SPELL for one, as Pico
      * does (unless we're using restricted mode, in which case spell
-     * checking is disabled). */
+     * checking is disabled, since it would allow reading from or
+     * writing to files not specified on the command line). */
     if (!ISSET(RESTRICTED) && alt_speller == NULL) {
 	char *spellenv = getenv("SPELL");
 	if (spellenv != NULL)