-
Notifications
You must be signed in to change notification settings - Fork 553
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Wayland security context support #5883
Comments
FWIW, the Flatpak impl: flatpak/flatpak#4920 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
security-context is a wayland protocol that can be used by clients to create a new wayland socket. The same compositor instance will listen for connections on this sockets, but clients that connect to it cannot perform privileged operations.
Describe the solution you'd like
Firejail should use this protocol to further sandbox clients and prevent them from screenscrapping, creating transparent fullscreen overlays and permanent keyboard hijacking, other attacks. All these attack rely on "priviledged" protocols and are unavailable on sockets created via
security-context
.Describe alternatives you've considered
So far there hasn't been a way to do this. This protocol was introduced in wayland-protocols 1.32 which was released yesterday.
sway already has a patch with a working server implementations. I expect other wlroots compositors to follow suit.
Additional context
Shameless plug: I wrote a tiny cli client that creates a new socket at given path: https://git.sr.ht/~whynothugo/way-secure
This could be called on the host to create a socket inside the sandbox's
$XDG_RUNTIME_DIR
.The text was updated successfully, but these errors were encountered: