BSDs and wl_client_get_credentials
Simon Ser
contact at emersion.fr
Mon Jan 21 12:33:20 UTC 2019
On Monday, January 21, 2019 12:35 PM, Simon McVittie <smcv at collabora.com> wrote:
> Note that deriving information from the pid is easy to defeat if you have
> access to a mechanism like setuid or filesystem capabilities, which
> escalates capabilities while preserving the pid.
> See <https://bugs.freedesktop.org/show_bug.cgi?id=83499>.
Hmm, I see.
> It can also be defeated by pid reuse, although that's a harder attack.
Ah, I see. So the idea is:
1. Open a connection from PID x
2. Fork, make PID x exit
3. Make another binary use PID x
Indeed, it now seems like using this for security is a very bad idea. Let's
just forget about this, then. Thanks for the explanation!
More information about the wayland-devel
mailing list