'From Squeak3.1alpha of 4 February 2001 [latest update: #3573] on 12 February 2001 at 3:46:47 pm'!
"Change Set:		DefaultDir-ar
Date:			12 February 2001
Author:			Andreas Raab

Makes the system start up in the untrusted user directory if the appropriate preference is set."
Preferences addPreference: #startInUntrustedDirectory category: #security default: false balloonHelp:'When true, the default directory is set to the untrusted user directory on startup'.!


!FileDirectory class methodsFor: 'name utilities' stamp: 'ar 2/12/2001 15:45'!
startUp
	"Establish the platform-specific FileDirectory subclass. Do any platform-specific startup."
	self setDefaultDirectoryFrom: Smalltalk imageName.
	Preferences startInUntrustedDirectory 
		ifTrue:[	self setDefaultDirectory: SecurityManager default untrustedUserDirectory.
				"Make sure we have a place to go to"
				DefaultDirectory assureExistance].
	Smalltalk openSourceFiles.
! !

!FileDirectory class methodsFor: 'system start up' stamp: 'ar 2/12/2001 15:39'!
setDefaultDirectory: directoryName
	"Initialize the default directory to the directory supplied. This method is called when the image starts up."
	| dirName |
	DirectoryClass _ self activeDirectoryClass.
	dirName _ directoryName.
	[dirName endsWith: self slash] whileTrue:[
		dirName _ dirName copyFrom: 1 to: dirName size - self slash size.
	].
	DefaultDirectory _ self on: dirName.! !


!SecurityManager methodsFor: 'security operations' stamp: 'ar 2/12/2001 15:41'!
enterRestrictedMode
	"Some insecure contents was encountered. Close all doors and proceed."
	self isInRestrictedMode ifTrue:[^true].
	Preferences securityChecksEnabled ifFalse:[^true]. "it's been your choice..."
	Preferences warnAboutInsecureContent ifTrue:[
		(PopUpMenu confirm:
'You are about to load some insecure content.
If you continue, access to files as well as
some other capabilities will be limited.'
			trueChoice:'Load it anyways'
			falseChoice:'Do not load it') ifFalse:[
				"user doesn't really want it"
				^false.
			].
	].
	"here goes the actual restriction"
	self flushSecurityKeys.
	self disableFileAccess.
	self disableImageWrite.
	"self disableSocketAccess."
	FileDirectory setDefaultDirectory: self untrustedUserDirectory.
	^true
! !