//----------------------------------------------------------------------

// WARNING: This file was generated by config2cpp-nocheck. Do not edit.

//----------------------------------------------------------------------

#include "DefaultSecurity.h"

namespace CONFIG4CPP_NAMESPACE {

DefaultSecurity::DefaultSecurity()

{

m_str << "#-------------------------------------------------";

m_str << "----------------------\n";

m_str << "# Default security checks for Config4*\n";

m_str << "# ------------------------------------\n";

m_str << "#\n";

m_str << "# allow_patterns is a list of wildcarded command l";

m_str << "ines that are allowed\n";

m_str << "# to be executed (if the command resides in a dire";

m_str << "ctory listed in\n";

m_str << "# trusted_directories).\n";

m_str << "#\n";

m_str << "# deny_patterns is a list of wildcarded command li";

m_str << "nes that are\n";

m_str << "# disallowed.\n";

m_str << "#\n";

m_str << "# The wildcarded command-lines can contain \"*\", wh";

m_str << "ich denotes zero or\n";

m_str << "# more characters.\n";

m_str << "#\n";

m_str << "# trusted_directories is a list of directories in ";

m_str << "which the commands\n";

m_str << "# listed in allow_patterns must be found.\n";

m_str << "#-------------------------------------------------";

m_str << "----------------------\n";

m_str << "\n";

m_str << "\n";

m_str << "@if (osType() == \"unix\") {\n";

m_str << "\t#--------\n";

m_str << "\t# Allow only a few commands that might be useful.";

m_str << "\n";

m_str << "\t#--------\n";

m_str << "\tallow_patterns = [\n";

m_str << "\t\t\"curl *\",\n";

m_str << "\t\t\"hostname\",\n";

m_str << "\t\t\"uname\",\n";

m_str << "\t\t\"uname *\",\n";

m_str << "\t\t\"ifconfig\"\n";

m_str << "\t];\n";

m_str << "\n";

m_str << "\t#--------\n";

m_str << "\t# Disallow `...` (nested commands) and piped comm";

m_str << "ands since we\n";

m_str << "\t# have no idea what they might contain.\n";

m_str << "\t#--------\n";

m_str << "\tdeny_patterns = [\"*`*\", \"*|*\", \"*>*\"];\n";

m_str << "\ttrusted_directories = [\"/bin\", \"/usr/bin\", \"/usr/";

m_str << "local/bin\",\n";

m_str << "\t\t\t\t\"/sbin\", \"/usr/sbin\"];\n";

m_str << "} @elseIf (osType() == \"windows\") {\n";

m_str << "\t#--------\n";

m_str << "\t# Cygwin (or some other collection of UNIX-like t";

m_str << "ools) might\n";

m_str << "\t# be installed on a Windows machine so the securi";

m_str << "ty\n";

m_str << "\t# configuration is written accordingly.\n";

m_str << "\t# The main difference from the UNIX settings is t";

m_str << "hat\n";

m_str << "\t# \"deny_patterns\" forbids the use of both UNIX an";

m_str << "d Windows-style\n";

m_str << "\t# environment variables, that is, $NAME and %NAME";

m_str << "%.\n";

m_str << "\t#--------\n";

m_str << "\tallow_patterns = [\n";

m_str << "\t\t\"curl *\",\n";

m_str << "\t\t\"hostname\",\n";

m_str << "\t\t\"uname\",\n";

m_str << "\t\t\"uname *\",\n";

m_str << "\t\t\"ipconfig\"\n";

m_str << "\t];\n";

m_str << "\tdeny_patterns = [\"*`*\", \"*|*\", \"*>*\"];\n";

m_str << "\ttrusted_directories = [getenv(\"SYSTEMROOT\") + \"\\s";

m_str << "ystem32\"];\n";

m_str << "} @else {\n";

m_str << "\t#--------\n";

m_str << "\t# If we don't know what operating system we are r";

m_str << "unning on then\n";

m_str << "\t# don't trust anything.\n";

m_str << "\t#--------\n";

m_str << "\tallow_patterns = [];\n";

m_str << "\tdeny_patterns = [\"*\"];\n";

m_str << "\ttrusted_directories = [];\n";

m_str << "};\n";

m_str << "";

}

DefaultSecurity::~DefaultSecurity()

{

// Nothing to do

}

}; // namespace CONFIG4CPP_NAMESPACE