[PATCH weston] launcher: don't exit when user is not root
Pekka Paalanen
ppaalanen at gmail.com
Mon Oct 30 15:02:09 UTC 2017
On Mon, 30 Oct 2017 15:20:42 +0100
Emre Ucan <eucan at de.adit-jv.com> wrote:
> weston does not need to be root.
> It requires adjusting ownership on the given tty device.
>
> If weston does not have proper rights, it will get
> an error at startup anyway.
>
> Signed-off-by: Emre Ucan <eucan at de.adit-jv.com>
> ---
> libweston/launcher-direct.c | 3 ---
> 1 file changed, 3 deletions(-)
>
> diff --git a/libweston/launcher-direct.c b/libweston/launcher-direct.c
> index a5d3ee5..b05d214 100644
> --- a/libweston/launcher-direct.c
> +++ b/libweston/launcher-direct.c
> @@ -276,9 +276,6 @@ launcher_direct_connect(struct weston_launcher **out, struct weston_compositor *
> {
> struct launcher_direct *launcher;
>
> - if (geteuid() != 0)
> - return -EINVAL;
> -
> launcher = zalloc(sizeof(*launcher));
> if (launcher == NULL)
> return -ENOMEM;
NAK, for the reasons explained in
https://lists.freedesktop.org/archives/wayland-devel/2017-October/035582.html
To summarize, it's not only tty permissions but DRM and input devices
as well. If you set all these so that weston can actually run without
root using the direct launcher, then quite likely you have opened some
security holes.
The direct launcher is specifically meant for running weston as root.
Running as root is only for debugging and development, never for
production.
Thanks,
pq
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.freedesktop.org/archives/wayland-devel/attachments/20171030/dc82947f/attachment.sig>
More information about the wayland-devel
mailing list