Commit 4e1d9bc7 authored by marius vlad's avatar marius vlad

libweston: Allow taking screenshots when debug protocol is enabled

Screenshots of the outputs can only be taken by having a keyboard
plug-ed in, as to avoid potential malicious intent. On the other hand,
this is problematic as there are cases where a keyboard cannot
be used as a input device. A particular use-case is that for
multiple devices it can be cumbersome to connect a keyboard such
that using ssh can be much easier and can be further automated.

This patch allows taking screenshots without the need of having a
keyboard connected when debug protocol is enabled.

Add also a few words about the fact that this is a serious issue
and can lead to silently leaking the output contents.
Signed-off-by: marius vlad's avatarMarius Vlad <marius.vlad0@gmail.com>
parent d9bcc0b1
...@@ -32,6 +32,7 @@ ...@@ -32,6 +32,7 @@
#include "weston.h" #include "weston.h"
#include "weston-screenshooter-server-protocol.h" #include "weston-screenshooter-server-protocol.h"
#include "shared/helpers.h" #include "shared/helpers.h"
#include "weston-debug.h"
struct screenshooter { struct screenshooter {
struct weston_compositor *ec; struct weston_compositor *ec;
...@@ -88,13 +89,20 @@ bind_shooter(struct wl_client *client, ...@@ -88,13 +89,20 @@ bind_shooter(struct wl_client *client,
{ {
struct screenshooter *shooter = data; struct screenshooter *shooter = data;
struct wl_resource *resource; struct wl_resource *resource;
bool debug_enabled =
weston_compositor_is_debug_protocol_enabled(shooter->ec);
resource = wl_resource_create(client, resource = wl_resource_create(client,
&weston_screenshooter_interface, 1, id); &weston_screenshooter_interface, 1, id);
if (client != shooter->client) { if (!debug_enabled && !shooter->client) {
wl_resource_post_error(resource, WL_DISPLAY_ERROR_INVALID_OBJECT, wl_resource_post_error(resource, WL_DISPLAY_ERROR_INVALID_OBJECT,
"screenshooter failed: permission denied"); "screenshooter failed: permission denied. "\
"Debug protocol must be enabled");
return;
} else if (!debug_enabled && client != shooter->client) {
wl_resource_post_error(resource, WL_DISPLAY_ERROR_INVALID_OBJECT,
"screenshooter failed: permission denied.");
return; return;
} }
......
...@@ -141,8 +141,11 @@ which any client can use to receive debugging messages from the compositor. ...@@ -141,8 +141,11 @@ which any client can use to receive debugging messages from the compositor.
.B WARNING: .B WARNING:
This is risky for two reasons. First, a client may cause a denial-of-service This is risky for two reasons. First, a client may cause a denial-of-service
blocking the compositor by providing an unsuitable file descriptor, and blocking the compositor by providing an unsuitable file descriptor, and
second, the debug messages may expose sensitive information. This option second, the debug messages may expose sensitive information.
should not be used in production. Additionally this will expose weston-screenshooter interface allowing the user
to take screenshots of the outputs using weston-screenshooter application,
which can lead to silently leaking the output contents. This option should
not be used in production.
.TP .TP
.BR \-\-version .BR \-\-version
Print the program version. Print the program version.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment