commit c5fd8c050f7ddbfe3e5b7abc8f5f6ace3a3c5307 parent 7e69a7076fc8a4eb788e0229b1c99dd0b7b04bb7 Author: Simon Ser <contact@emersion.fr> Date: Thu, 4 Jan 2024 15:01:26 +0100 Mark DRM lease protocol privileged Allowing sandboxed clients to request DRM leases has security implications. Diffstat:
| M | sway/server.c | | | 11 | +++++++++++ |
1 file changed, 11 insertions(+), 0 deletions(-)
diff --git a/sway/server.c b/sway/server.c @@ -77,6 +77,17 @@ static void handle_drm_lease_request(struct wl_listener *listener, void *data) { #endif static bool is_privileged(const struct wl_global *global) { +#if WLR_HAS_DRM_BACKEND + if (server.drm_lease_manager != NULL) { + struct wlr_drm_lease_device_v1 *drm_lease_dev; + wl_list_for_each(drm_lease_dev, &server.drm_lease_manager->devices, link) { + if (drm_lease_dev->global == global) { + return true; + } + } + } +#endif + return global == server.output_manager_v1->global || global == server.output_power_manager_v1->global ||