Rafael Sadowski <rafael@sizeofvoid.org> wrote:
> On Sun Jan 04, 2026 at 10:06:01AM -0700, Theo de Raadt wrote:
> > > alternatively for a port, we can patch to hardcode the path.
> >
> > I don't think that's the way to handle this.
> >
> > It is better to dynamically remember the path, in userland, when the
> > filename open succeeds. Just copy it at that point, in userland.
>
> Welcome to the world of Linux(tm) Wayland.
>
> That was also my case. In KWin, the class "ClientConnection::" uses
> wl_client_get_credentials() to find out what the client's path is (or
> was at the start) in order to restrictions the DBus communications
> from/to this client.
>
> https://wayland.freedesktop.org/docs/html/apc.html:
> wl_client_get_credentials - Return Unix credentials for the client.
>
> void wl_client_get_credentials(const struct wl_client *client, pid_t *pid, uid_t *uid, gid_t *gid)
>
> client
> The display object
> pid
> Returns the process ID
> uid
> Returns the user ID
> gid
> Returns the group ID
>
> This function returns the process ID, the user ID and the group ID
> for the given client. The credentials come from getsockopt() with
> SO_PEERCRED, on the client socket fd. All the pointers can be NULL,
> if the caller is not interested in a particular ID.
>
> Note, process IDs are subject to race conditions and are not a reliable way to identify a client.
>
> Be aware that for clients that a compositor forks and execs and then
> connects using socketpair(), this function will return the
> credentials for the compositor. The credentials for the socketpair
> are set at creation time in the compositor.
>
How about we always return "/bestguess".
No comments:
Post a Comment