D22571: Allow blacklisting some wayland interfaces
Fabian Vogt
noreply at phabricator.kde.org
Mon Oct 28 16:03:22 GMT 2019
fvogt added inline comments.
INLINE COMMENTS
> apol wrote in wayland_server.cpp:223
> No, what you wrote isn't what we are doing. We are going through /prog/pid/root/...
> I don't really see how it would be faked for a remote process reliably.
> No, what you wrote isn't what we are doing. We are going through /prog/pid/root/...
Exactly that is the issue. Let me demonstrate:
` docker run --rm -it opensuse/tumbleweed /usr/bin/cat`
Now `client->executablePath()` is /usr/bin/cat and you compare `/proc/$(pidof cat)/root/usr/bin/cat` against `/proc/$(pidof cat)/exe`.
That's always identical:
> diff -s /proc/$(pidof cat)/exe /proc/$(pidof cat)/root/usr/bin/cat
Files /proc/21994/exe and /proc/21994/root/usr/bin/cat are identical
> diff -s /proc/$(pidof cat)/exe /usr/bin/cat
Binary files /proc/21994/exe and /usr/bin/cat differ
> I don't really see how it would be faked for a remote process reliably.
Ignoring the issue above that the executable itself does not need to be faked, here are two ways:
- By just not faking it: `LD_PRELOAD=pwn.so /usr/bin/plasmashell`
- By changing the executable file between establishing the wayland connection and requesting interfaces
REPOSITORY
R108 KWin
REVISION DETAIL
https://phabricator.kde.org/D22571
To: apol, #plasma, #kwin, davidedmundson
Cc: fvogt, zzag, broulik, graesslin, davidedmundson, kwin, LeGast00n, The-Feren-OS-Dev, sbergeron, jraleigh, fbampaloukas, GB_2, mkulinski, ragreen, jackyalcine, iodelay, crozbo, bwowk, ZrenBot, ngraham, alexeymin, himcesjf, lesliezhai, ali-mohamed, hardening, romangg, jensreuterberg, abetts, sebas, apol, ahiemstra, mart
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kwin/attachments/20191028/2b3518ee/attachment-0001.html>
More information about the kwin
mailing list