Please read the (lengthy) discussion at [1].

[1]: https://gitlab.freedesktop.org/wayland/weston/-/issues/206

In particular, the "get_credentials → PID → executable path" lookup is
racy. PID re-use allows a malicious process to be recognized as another
executable.
_______________________________________________
wayland-devel mailing list
wayland-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/wayland-devel

Reply via email to