Hi,
On 24/01/2014 08:33, David Herrmann wrote:
weston-launch passes privileged FDs back to weston. I don't think we
should allow a user to use their own shell to spawn weston. How can
you guarantee the shell does not point to some random binary of the
user? This way, they can get access to arbitrary input FDs,
circumventing the access-mode restrictions on the device-nodes.
From "man chsh":
“The only restriction placed on the login shell is that the command name
must be listed in /etc/shells, unless the invoker is the superuser, and
then any value may be added.”
So unless root access (= full access anyway) the user cannot use a
random binary but only system approved ones.
Thanks,
--
Quentin “Sardem FF7” Glidic
_______________________________________________
wayland-devel mailing list
[email protected]
http://lists.freedesktop.org/mailman/listinfo/wayland-devel
