On 12/17/2013 02:38 AM, Giulio Camuffo wrote:
You can't talk to another client directly, you must always pass through the server (unless you use dbus or some other ipc, of course). And you don't need to give the trusted client a key, you just need to tell the server some client is trusted, using the same mechanism weston uses internally to launch trusted clients. That's what the links I posted are doing.
I think I see. So a trusted client can exec another client and make it trusted as well.
Is there any way for the first client to restrict how "trusted" the second client is? What I imagine is a first client that has access to every wayland api. It would like to run the screen saver and only give it screen-saver access.
Also is this api available for untrusted clients? Can a parent client create a surface, then using this api exec another client, and that child client is able to attach buffers to that surface?
What I was trying to propose is a way for one client to choose exactly what objects another client can use. It would give that other client a "key" (using dbus or argv or other ipc, not using wayland). That other client then sends a message to the wayland server with the "key" and receives the actual object.
_______________________________________________ wayland-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/wayland-devel
