Skip to content

xwayland: Restrict `_XWAYLAND_ALLOW_COMMITS` to the X11 window/compositing manager

Olivier Fourdan requested to merge ofourdan/xserver:restrict-allow-commits-to-wm-only into master

This is something that was asked by @pq in the original patch submission when adding support for _XWAYLAND_ALLOW_COMMITS back in 2016.

https://lists.freedesktop.org/archives/xorg-devel/2016-December/051959.html

I expect the property to be written only from the XWM. Should I verify that somehow? Can I even identify the XWM here?

At the time, we didn't keep track of the X11 window manager client, so adding that check was a bit involved.

Since then, we identify the X11 window manager client id in Xwayland, so we can easily implement that feature.

So we can now restrict access to the _XWAYLAND_ALLOW_COMMITS property to read-only, except for the X11 window manager and the Xserver itself.

/cc @pq

Merge request reports