Please read the (lengthy) discussion at [1]. [1]: https://gitlab.freedesktop.org/wayland/weston/-/issues/206
In particular, the "get_credentials → PID → executable path" lookup is racy. PID re-use allows a malicious process to be recognized as another executable. _______________________________________________ wayland-devel mailing list wayland-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/wayland-devel
