security-context-v1: new protocol
This is a variation of the unveil protocol I suggested in the Weston issue about security contexts. This lets sandbox engines such as Flatpak attach a security context to sandboxed clients. The compositor can then restrict which features are made available to that client. The protocol is designed around the assumption that the sandbox engine uses this protocol when setting up the sandboxed application. After this inital setup, the sandbox engine isn't necessarily running anymore. For this reason, a special "close FD" is used to indicate when to stop the security context listener: the sandbox engine can leak the FD into the sandboxed app's process, and the OS will automatically close the FD when the sandboxed app exits. Signed-off-by: Simon Ser <contact@emersion.fr> References: wayland/weston#206
Loading
Please register or sign in to comment