From a1e43e02a08a0e237c256ef9f750dd3b4bf1197b Mon Sep 17 00:00:00 2001 From: fang Date: Tue, 6 Oct 2020 16:50:49 +0200 Subject: [PATCH] eyre: prevent binding in reserved namespaces Disallows registering bindings (through %connect and %serve) that would capture traffic on paths starting with /~ (Eyre's) or /~_~ (runtime's, as of cc389c5). Note that we don't touch +insert-binding, which is used by Eyre internally to set up bindings in its own namespace. --- pkg/arvo/sys/vane/eyre.hoon | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/pkg/arvo/sys/vane/eyre.hoon b/pkg/arvo/sys/vane/eyre.hoon index a7c29c039a..2519bedb50 100644 --- a/pkg/arvo/sys/vane/eyre.hoon +++ b/pkg/arvo/sys/vane/eyre.hoon @@ -1772,6 +1772,12 @@ |= [=binding =action] ^- [(list move) server-state] =^ success bindings.state + :: prevent binding in reserved namespaces + :: + ?: ?| ?=([%'~' *] path.binding) :: eyre + ?=([%'~_~' *] path.binding) :: runtime + == + [| bindings.state] (insert-binding [binding duct action] bindings.state) :_ state [duct %give %bound success binding]~