[RFC] Implementing Wayland Security Module

Manuel Bachmann manuel.bachmann at open.eurogiciel.org
Sun Mar 8 22:38:33 PDT 2015

Hi fellow developers,

Some time ago, there has been some discussion on this mailing list about
"libwsm" (alias lib "Wayland Security Module").

Here is the previous thread :

Libwsm has been developed by Martin Peres and Steve Dodier-Lazaro ; it
tries to address the issues about unprivilegied clients wanting access to
privilegies interfaces. For instance,

- a legitimate third-party app wanting to take screenshots and record the
screen at the user's request ;
- a rogue app trying to take screenshots of the users' bank account number ;
- a legitimate app installed as an alternate virtual keyboard (instead of,
say, weston-keyboard)
- a rogue app (virus) trying to permanently switch fullscreen to display
ads and threats.

We know all this was possible with X11 due to protocol flaws. Wayland is a
lot more secure, but there are still legitimate third-party clients wanting
access to these privliegied features (such as the "Pick a color from the
screen" tool of GIMP) !
 Unfortunately, Wayland Compositors have no generic way to validate them.
So, how do we allow GIMP, for instance, to work ? libwsm lives in the
compositor (eventually in a plugin) and is able to takes decisions based on
various configurable policies. Policies can be shared among compositors.

Here's a demo with fullscreen limitation policies :

The current code :

and the video :

(here we try to make "weston-terminal" fullscreen ; first with "allow"
policy -it works-, then with "deny" -it fails with an explanative
notification- and finally with "soft allow" -it works when the user
interacts with the notification to explicitly authorize the app)

Any comments on this ?


*Manuel BACHMANN Tizen Project VANNES-FR*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/wayland-devel/attachments/20150309/c03aa551/attachment.html>

More information about the wayland-devel mailing list