mirror of
https://github.com/brl/mutter.git
synced 2024-11-25 17:40:40 -05:00
window: Add a note about the trustworthiness of the client PID
Since PIDs are inherently insecure because they are reused after a certain amount of processes was started, it's possible the client PID was spoofed by the client. So make sure users of the meta_window_get_pid() API are aware of those issues and add a note to the documentation that the PID can not be totally trusted. https://gitlab.gnome.org/GNOME/mutter/-/merge_requests/1180
This commit is contained in:
parent
4fac1a4862
commit
b97a6e62a3
@ -7590,6 +7590,9 @@ meta_window_get_transient_for (MetaWindow *window)
|
|||||||
* Returns the pid of the process that created this window, if available
|
* Returns the pid of the process that created this window, if available
|
||||||
* to the windowing system.
|
* to the windowing system.
|
||||||
*
|
*
|
||||||
|
* Note that the value returned by this is vulnerable to spoofing attacks
|
||||||
|
* by the client.
|
||||||
|
*
|
||||||
* Return value: the pid, or 0 if not known.
|
* Return value: the pid, or 0 if not known.
|
||||||
*/
|
*/
|
||||||
pid_t
|
pid_t
|
||||||
|
Loading…
Reference in New Issue
Block a user