From b61b0478f7538db27c35dff48f4581a811458116 Mon Sep 17 00:00:00 2001
From: msizanoen1 <msizanoen@qtmlabs.xyz>
Date: Mon, 19 Sep 2022 22:29:12 +0700
Subject: [PATCH] xwayland: Always require X11 authentication

This reverts commit eac227a203dba4d45398dfb85ec5b4610b5f3be7.

Currently, Flatpak applications can bypass the X11 permission setting
and access the X server through abstract sockets because X11 authentication
is not enforced for the current user ID.

Fix this by always requiring X11 authentication for Xwayland. This also
means applications without XAUTHORITY set to the file with Mutter's
Xwayland credentials cannot connect to X, including apps launched from
VT or SSH.

Part-of: <https://gitlab.gnome.org/GNOME/mutter/-/merge_requests/2633>
---
 src/wayland/meta-xwayland.c | 19 -------------------
 1 file changed, 19 deletions(-)

diff --git a/src/wayland/meta-xwayland.c b/src/wayland/meta-xwayland.c
index b108b3dc6..c9d94b2e3 100644
--- a/src/wayland/meta-xwayland.c
+++ b/src/wayland/meta-xwayland.c
@@ -734,23 +734,6 @@ prepare_auth_file (MetaXWaylandManager  *manager,
   return TRUE;
 }
 
-static void
-add_local_user_to_xhost (Display *xdisplay)
-{
-  XHostAddress host_entry;
-  XServerInterpretedAddress siaddr;
-
-  siaddr.type = (char *) "localuser";
-  siaddr.typelength = strlen (siaddr.type);
-  siaddr.value = (char *) g_get_user_name();
-  siaddr.valuelength = strlen (siaddr.value);
-
-  host_entry.family = FamilyServerInterpreted;
-  host_entry.address = (char *) &siaddr;
-
-  XAddHost (xdisplay, &host_entry);
-}
-
 static void
 on_init_x11_cb (MetaDisplay  *display,
                 GAsyncResult *result,
@@ -1135,8 +1118,6 @@ meta_xwayland_setup_xdisplay (MetaXWaylandManager *manager,
 #endif
 
   XFixesSetClientDisconnectMode (xdisplay, XFixesClientDisconnectFlagTerminate);
-
-  add_local_user_to_xhost (xdisplay);
 }
 
 static void