[systemd-devel] [ANNOUNCE] systemd v230
Alexander E. Patrakov
patrakov at gmail.com
Sun May 22 08:33:13 UTC 2016
22.05.2016 03:51, Zbigniew Jędrzejewski-Szmek пишет:
> Hi,
>
> systemd v230 has been tagged. Enjoy!
>
> CHANGES WITH 230:
<snip>
> * Framebuffer devices (/dev/fb*) and 3D printers and scanners
> (devices tagged with ID_MAKER_TOOL) are now tagged with
> "uaccess" and are available to logged in users.
Has this been discussed with Wayland developers? Framebuffer device
access can possibly be abused to take screenshots and draw on top of the
compositor in a Wayland-based environment. Impossibility for arbitrary
applications to take screenshots was one of the design goals of Wayland,
and this change breaks it.
So, unless one of Wayland developers confirms that they are OK with it,
please revert it and ask for a CVE.
--
Alexander E. Patrakov
More information about the systemd-devel
mailing list