isa/mutter
1
0
Fork 0
mirror of https://github.com/brl/mutter.git synced 2024-12-26 04:42:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

xwayland: Always require X11 authentication

Browse Source 
This reverts commit eac227a203.

Currently, Flatpak applications can bypass the X11 permission setting
and access the X server through abstract sockets because X11 authentication
is not enforced for the current user ID.

Fix this by always requiring X11 authentication for Xwayland. This also
means applications without XAUTHORITY set to the file with Mutter's
Xwayland credentials cannot connect to X, including apps launched from
VT or SSH.

Part-of: <https://gitlab.gnome.org/GNOME/mutter/-/merge_requests/2633>
This commit is contained in:
msizanoen1 2022-09-19 22:29:12 +07:00 committed by Marge Bot
parent 184055b2bb
commit b61b0478f7
1 changed files with 0 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
src/wayland/meta-xwayland.c
View File

@ -734,23 +734,6 @@ prepare_auth_file (MetaXWaylandManager *manager,
return TRUE; return TRUE;
} }
static void
add_local_user_to_xhost (Display *xdisplay)
{
XHostAddress host_entry;
XServerInterpretedAddress siaddr;
siaddr.type = (char *) "localuser";
siaddr.typelength = strlen (siaddr.type);
siaddr.value = (char *) g_get_user_name();
siaddr.valuelength = strlen (siaddr.value);
host_entry.family = FamilyServerInterpreted;
host_entry.address = (char *) &siaddr;
XAddHost (xdisplay, &host_entry);
}
static void static void
on_init_x11_cb (MetaDisplay *display, on_init_x11_cb (MetaDisplay *display,
GAsyncResult *result, GAsyncResult *result,
@ -1135,8 +1118,6 @@ meta_xwayland_setup_xdisplay (MetaXWaylandManager *manager,
#endif #endif
XFixesSetClientDisconnectMode (xdisplay, XFixesClientDisconnectFlagTerminate); XFixesSetClientDisconnectMode (xdisplay, XFixesClientDisconnectFlagTerminate);
add_local_user_to_xhost (xdisplay);
} }
static void static void