From 21e1b2bef3d3cda3d10d4dc2aafe5fcac583c2a5 Mon Sep 17 00:00:00 2001 From: Drew DeVault Date: Thu, 1 Dec 2016 21:51:07 -0500 Subject: [PATCH] Add security checks for background, panel, lock --- sway/extensions.c | 25 +++++++++++++++++++++++++ sway/security.c | 4 ++-- 2 files changed, 27 insertions(+), 2 deletions(-) diff --git a/sway/extensions.c b/sway/extensions.c index 60cd8d41c..96c7e60dd 100644 --- a/sway/extensions.c +++ b/sway/extensions.c @@ -7,6 +7,7 @@ #include "sway/layout.h" #include "sway/input_state.h" #include "sway/extensions.h" +#include "sway/security.h" #include "sway/ipc-server.h" #include "log.h" @@ -68,6 +69,12 @@ void lock_surface_destructor(struct wl_resource *resource) { static void set_background(struct wl_client *client, struct wl_resource *resource, struct wl_resource *_output, struct wl_resource *surface) { + pid_t pid; + wl_client_get_credentials(client, &pid, NULL, NULL); + if (!(get_feature_policy(pid) & FEATURE_BACKGROUND)) { + sway_log(L_INFO, "Denying background feature to %d", pid); + return; + } wlc_handle output = wlc_handle_from_wl_output_resource(_output); if (!output) { return; @@ -86,6 +93,12 @@ static void set_background(struct wl_client *client, struct wl_resource *resourc static void set_panel(struct wl_client *client, struct wl_resource *resource, struct wl_resource *_output, struct wl_resource *surface) { + pid_t pid; + wl_client_get_credentials(client, &pid, NULL, NULL); + if (!(get_feature_policy(pid) & FEATURE_PANEL)) { + sway_log(L_INFO, "Denying panel feature to %d", pid); + return; + } wlc_handle output = wlc_handle_from_wl_output_resource(_output); if (!output) { return; @@ -111,6 +124,12 @@ static void desktop_unlock(struct wl_client *client, struct wl_resource *resourc static void set_lock_surface(struct wl_client *client, struct wl_resource *resource, struct wl_resource *_output, struct wl_resource *surface) { + pid_t pid; + wl_client_get_credentials(client, &pid, NULL, NULL); + if (!(get_feature_policy(pid) & FEATURE_LOCK)) { + sway_log(L_INFO, "Denying lock feature to %d", pid); + return; + } swayc_t *output = swayc_by_handle(wlc_handle_from_wl_output_resource(_output)); swayc_t *view = swayc_by_handle(wlc_handle_from_wl_surface_resource(surface)); sway_log(L_DEBUG, "Setting lock surface to %p", view); @@ -155,6 +174,12 @@ static void desktop_ready(struct wl_client *client, struct wl_resource *resource } static void set_panel_position(struct wl_client *client, struct wl_resource *resource, uint32_t position) { + pid_t pid; + wl_client_get_credentials(client, &pid, NULL, NULL); + if (!(get_feature_policy(pid) & FEATURE_PANEL)) { + sway_log(L_INFO, "Denying panel feature to %d", pid); + return; + } struct panel_config *config = find_or_create_panel_config(resource); sway_log(L_DEBUG, "Panel position for wl_resource %p changed %d => %d", resource, config->panel_position, position); config->panel_position = position; diff --git a/sway/security.c b/sway/security.c index 776bd5279..a4cecf16b 100644 --- a/sway/security.c +++ b/sway/security.c @@ -34,7 +34,7 @@ enum secure_feature get_feature_policy(pid_t pid) { for (int i = 0; i < config->feature_policies->length; ++i) { struct feature_policy *policy = config->feature_policies->items[i]; - if (strcmp(policy->program, "*")) { + if (strcmp(policy->program, "*") == 0) { default_policy = policy->features; } if (strcmp(policy->program, link) == 0) { @@ -50,7 +50,7 @@ enum command_context get_command_policy(const char *cmd) { for (int i = 0; i < config->command_policies->length; ++i) { struct command_policy *policy = config->command_policies->items[i]; - if (strcmp(policy->command, "*")) { + if (strcmp(policy->command, "*") == 0) { default_policy = policy->context; } if (strcmp(policy->command, cmd) == 0) {