[systemd-devel] [ANNOUNCE] systemd v230
michel at daenzer.net
Mon May 23 02:12:05 UTC 2016
On 22.05.2016 18:02, Alexander E. Patrakov wrote:
> 22.05.2016 13:33, Alexander E. Patrakov пишет:
>> 22.05.2016 03:51, Zbigniew Jędrzejewski-Szmek пишет:
>>> systemd v230 has been tagged. Enjoy!
>>> CHANGES WITH 230:
>>> * Framebuffer devices (/dev/fb*) and 3D printers and scanners
>>> (devices tagged with ID_MAKER_TOOL) are now tagged with
>>> "uaccess" and are available to logged in users.
>> Has this been discussed with Wayland developers? Framebuffer device
>> access can possibly be abused to take screenshots and draw on top of the
>> compositor in a Wayland-based environment. Impossibility for arbitrary
>> applications to take screenshots was one of the design goals of Wayland,
>> and this change breaks it.
>> So, unless one of Wayland developers confirms that they are OK with it,
>> please revert it and ask for a CVE.
> Sorry, I have to take this back. Attempting to grab video from /dev/fb0
> here on Intel hardware, both under X and Weston, shows only an image
> from the first virtual console - i.e. not the actual session. Still, I
> would like someone else to confirm that this behaviour is not
> Intel-specific and cannot be circumvented by, say, ioctls on /dev/fb0.
The scenario you describe isn't possible if the Wayland compositor
directly uses the KMS API of /dev/dri/card*, but it may be possible if
the Wayland compositor uses the fbdev API of /dev/fb* instead (e.g. if
weston uses its fbdev backend).
Earthling Michel Dänzer | http://www.amd.com
Libre software enthusiast | Mesa and X developer
More information about the wayland-devel