Draft: race free client identification (!715) · Merge requests · wayland / weston

Sebastian Wick requested to merge swick/weston:peerpidfd into main Oct 25, 2021

Introduces struct weston_client_app_info in the public API. It assumes a model where all clients which are not run in a flatpak sandbox can manipulate all other clients at will.

Clients are grouped into three categories: unknown, host/trusted base, flatpak. Unknown clients have no privileges (happens if the system can't identify clients at all or the original client process already died when the compositor tried to identify it), host/trusted base clients have all privileges and flatpak have either no or compositor defined privileges based on the app id.

The last commit shows how privileged protocols can be exposed to clients not started by the compositor but from the trusted base if the system supports SO_PEERPIDFD.

Marked as Draft because it depends on wayland patches and some kernel patches

kernel: https://github.com/swick/linux/tree/sopeerpidfd

testing: https://github.com/swick/peerpidfd

wayland: wayland!186

Also see: #206 (closed)

Admin message

Draft: race free client identification

Merge request reports