BSDs and wl_client_get_credentials

Simon Ser contact at emersion.fr
Mon Jan 21 12:33:20 UTC 2019


On Monday, January 21, 2019 12:35 PM, Simon McVittie <smcv at collabora.com> wrote:
> Note that deriving information from the pid is easy to defeat if you have
> access to a mechanism like setuid or filesystem capabilities, which
> escalates capabilities while preserving the pid.
> See <https://bugs.freedesktop.org/show_bug.cgi?id=83499>.

Hmm, I see.

> It can also be defeated by pid reuse, although that's a harder attack.

Ah, I see. So the idea is:

1. Open a connection from PID x
2. Fork, make PID x exit
3. Make another binary use PID x

Indeed, it now seems like using this for security is a very bad idea. Let's
just forget about this, then. Thanks for the explanation!


More information about the wayland-devel mailing list