[PATCH weston] introduces a setting to give permission to any client to do screenshots

Martin Peres martin.peres at free.fr
Fri Dec 13 07:12:18 PST 2013

Le 04/12/2013 17:38, Sebastian Wick a écrit :
> diff --git a/weston.ini.in b/weston.ini.in
> index 5181a9e..bc32567 100644
> --- a/weston.ini.in
> +++ b/weston.ini.in
> @@ -65,3 +65,6 @@ path=@libexecdir@/weston-keyboard
>   #constant_accel_factor = 50
>   #min_accel_factor = 0.16
>   #max_accel_factor = 1.0
> +
> +#[screenshooter]
> +#restrict-access=false
What prevents other applications from modifying this setting to true if 
they want to
spy on applications?

This parameter (or any security-related one) should require root-access 
to be changed.
A solution could be to put security parameters in a separate 
configuration file that
should be owned by root with access rights set to 644 in order to be 
used by weston.

If you have other ways to avoid this problem that do not require 
mandatory access
control, I'm interested in hearing them!

More information about the wayland-devel mailing list