commando: don't let readonly default read the datastore.

That... would be dumb, since it holds the master secret! Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2025-12-24 00:24:19 +01:00 · 2021-08-03 16:54:11 +09:30
parent 02d6bbbf36
commit a903208121
3 changed files with 26 additions and 1 deletions
--- a/commando/commando.py
+++ b/commando/commando.py
@@ -231,6 +231,8 @@ def add_reader_restrictions(rune: runes.Rune) -> str:
                                                    '|method=summary'))
    # But not getsharesecret!
    rune.add_restriction(runes.Restriction.from_str('method/getsharedsecret'))
+    # And not listdatastore!
+    rune.add_restriction(runes.Restriction.from_str('method/listdatastore'))
    return rune.to_base64()