Summary of the security discussions around Wayland and privileged clients

Martin Peres martin.peres at
Thu Feb 20 10:56:08 PST 2014

Le 20/02/2014 18:42, Thiago Macieira a écrit :
> Unless you meant that the WAYLAND_SOCKET variable can contain a file descriptor
> number. Is that the case? In that case, how should the privileged process
> clear the environment to allow child processes to be launched?
Yes, it takes an FD as a parameter 

The environment must be cleared automatically by the kernel because 
weston must be very careful about opening resources with O_CLOEXEC.

More information about the wayland-devel mailing list