From 715fc2259a81e9f562db4b39a22ba933b4d9c012 Mon Sep 17 00:00:00 2001
From: Syahrial Agni Prasetya <lemniskett@outlook.com>
Date: Sat, 6 Mar 2021 13:09:14 +0700
Subject: [PATCH] Make variables only accessible to user.

---
 archbox.bash | 4 ++--
 archbox.conf | 2 +-
 enter.bash   | 2 +-
 exec.bash    | 2 +-
 uth.bash     | 4 ++++
 5 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/archbox.bash b/archbox.bash
index 14d8ba3..f93a899 100644
--- a/archbox.bash
+++ b/archbox.bash
@@ -12,7 +12,7 @@ asroot(){
 
 storeenv() {
     echo "# This will be sourced when entering Archbox" > /tmp/archbox_env
-    chmod 777 /tmp/archbox_env >/dev/null 2>&1
+    $PRIV $PREFIX/share/archbox/bin/uth chownvar $USER
     [[ ! -z $WAYLAND_DISPLAY ]] && echo "WAYLAND_DISPLAY=$WAYLAND_DISPLAY" >> /tmp/archbox_env
     if [[ ! -z $DISPLAY ]]; then
         hash xhost >/dev/null 2>&1 && xhost +local: > /dev/null 
@@ -84,7 +84,7 @@ case $1 in
         msg "Mounting necessary filesystems..."
         $PREFIX/share/archbox/bin/init start
         cp $PREFIX/share/archbox/chroot_setup.bash $CHROOT/chroot_setup
-        echo $USER > /tmp/archbox_user
+        echo $ARCHBOX_USER > /tmp/archbox_user
         chroot $CHROOT /bin/bash -c "/chroot_setup"
         exit $?
     ;;
diff --git a/archbox.conf b/archbox.conf
index 3021eb5..f95761d 100644
--- a/archbox.conf
+++ b/archbox.conf
@@ -1,4 +1,4 @@
-USER="lemniskett"
+ARCHBOX_USER="lemniskett"
 PRIV="sudo"
 INSTALL_PATH="/var/archlinux"
 CHROOT="$INSTALL_PATH/root.x86_64"
diff --git a/enter.bash b/enter.bash
index 22abf6d..76d04c5 100644
--- a/enter.bash
+++ b/enter.bash
@@ -10,4 +10,4 @@ REQ_ENV+="XDG_RUNTIME_DIR=$XDG_RUNTIME_DIR "
 
 ENV="$REQ_ENV $ENV_VAR"
 COMMAND="$@"
-chroot $CHROOT /sbin/env $ENV /bin/su $USER
\ No newline at end of file
+chroot $CHROOT /sbin/env $ENV /bin/su $ARCHBOX_USER
\ No newline at end of file
diff --git a/exec.bash b/exec.bash
index 02a6941..d182fbd 100644
--- a/exec.bash
+++ b/exec.bash
@@ -10,4 +10,4 @@ REQ_ENV+="XDG_RUNTIME_DIR=$XDG_RUNTIME_DIR "
 
 ENV="$REQ_ENV $ENV_VAR"
 COMMAND="$@"
-chroot $CHROOT /bin/su -c "env $ENV $COMMAND" $USER
\ No newline at end of file
+chroot $CHROOT /bin/su -c "env $ENV $COMMAND" $ARCHBOX_USER
\ No newline at end of file
diff --git a/uth.bash b/uth.bash
index 5bf8ab1..c6a5fa5 100644
--- a/uth.bash
+++ b/uth.bash
@@ -24,4 +24,8 @@ case $1 in
         mount --rbind /run $CHROOT/run
         exit $?
         ;;
+    chownvar)
+        chown $2:$2 /tmp/archbox_env
+        chmod 700 /tmp/archbox_env
+        ;;
 esac
\ No newline at end of file