Make sure to call connection_is_allowed on xwayland sessions #2835
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
mariogrip
force-pushed
the
xwayland-session-auth
branch
from
bbd208e
to
7ae41d2
Compare
| @@ -80,6 +84,11 @@ auto mf::XWaylandClientManager::session_for_client(pid_t client_pid) -> std::sha | |||
| } | |||
| else | |||
| { | |||
| if (!session_authorizer->connection_is_allowed({client_pid, getuid(), getgid()})) | |||
There was a problem hiding this comment.
Assuming client_pid is sensible, there ought to be a way to get gid/uid from that. This seems clunky but...
struct stat proc_stat;
stat(std::format("/proc/{}", client_pid).c_str(), &proc_stat);
auto const uid = proc_stat.st_uid;
auto const gid = proc_stat.st_gid;There was a problem hiding this comment.
I was considering the exact same thing, so i'll try to add this.
There was a problem hiding this comment.
Implemented this, but did not use std::format as that require gcc 13++
As xwayland/x11 has no way of telling us gid uid we assume it's the same as mir itself.
mariogrip
force-pushed
the
xwayland-session-auth
branch
from
7ae41d2
to
fb0a05e
Compare
Comment on lines
+92
to
+94
| stat(proc.c_str(), &proc_stat); | ||
| auto const uid = proc_stat.st_uid; | ||
| auto const gid = proc_stat.st_gid; |
There was a problem hiding this comment.
Probably needs some error handling to avoid potentially reading uninitialized data
Comment on lines
+698
to
+701
| if (!local_client_session) { | ||
| rejected = true; | ||
| return; | ||
| } |
There was a problem hiding this comment.
Suggested change
| if (!local_client_session) { | |
| rejected = true; | |
| return; | |
| } | |
| if (!local_client_session) | |
| { | |
| rejected = true; | |
| return; | |
| } |
Comment on lines
+717
to
+721
| if (rejected) { | ||
| scene_surface_close_requested(); | ||
| close(); | ||
| return; | ||
| } |
There was a problem hiding this comment.
Suggested change
| if (rejected) { | |
| scene_surface_close_requested(); | |
| close(); | |
| return; | |
| } | |
| if (rejected) | |
| { | |
| scene_surface_close_requested(); | |
| close(); | |
| return; | |
| } |
|
@mariogrip feel free to resubmit when the build errors, etc are addressed. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
As xwayland/x11 has no way of telling us gid uid so we get this by stat() its proc path
Note i return a nullptr if session is not allowed and then closes the xwayland session, but im not sure if this is the best way of doing this.