-
6t8k authored
Effective from Linux 6.3 onward, this creates the memfd without execute permissions and prevents that setting from ever being changed. A run-time fallback is made to not using MFD_NOEXEC_SEAL when a libwayland-cursor compiled on Linux >= 6.3 is run on Linux < 6.3. This is a defense-in-depth security measure and silences a respective kernel warning; see: https://lwn.net/Articles/918106/ This implementation is adopted from dnkl's `foot` terminal emulator. Signed-off-by: 6t8k <6t8k@noreply.codeberg.org>