[systemd-devel] [ANNOUNCE] systemd v230

Alexander E. Patrakov patrakov at gmail.com
Sun May 22 09:02:57 UTC 2016


22.05.2016 13:33, Alexander E. Patrakov пишет:
> 22.05.2016 03:51, Zbigniew Jędrzejewski-Szmek пишет:
>> Hi,
>>
>> systemd v230 has been tagged. Enjoy!
>>
>> CHANGES WITH 230:
>
> <snip>
>
>>         * Framebuffer devices (/dev/fb*) and 3D printers and scanners
>>           (devices tagged with ID_MAKER_TOOL) are now tagged with
>>           "uaccess" and are available to logged in users.
>
> Has this been discussed with Wayland developers? Framebuffer device
> access can possibly be abused to take screenshots and draw on top of the
> compositor in a Wayland-based environment. Impossibility for arbitrary
> applications to take screenshots was one of the design goals of Wayland,
> and this change breaks it.
>
> So, unless one of Wayland developers confirms that they are OK with it,
> please revert it and ask for a CVE.
>

Sorry, I have to take this back. Attempting to grab video from /dev/fb0 
here on Intel hardware, both under X and Weston, shows only an image 
from the first virtual console - i.e. not the actual session. Still, I 
would like someone else to confirm that this behaviour is not 
Intel-specific and cannot be circumvented by, say, ioctls on /dev/fb0.

-- 
Alexander E. Patrakov


More information about the systemd-devel mailing list