mirror of
https://github.com/swaywm/sway.git
synced 2024-11-26 09:51:29 +00:00
Soften up environment security
So no one gets their feewings hurt
This commit is contained in:
parent
a4e92ad272
commit
c61746a15b
|
@ -39,12 +39,9 @@ you choose to place it in other locations.
|
|||
Environment security
|
||||
--------------------
|
||||
|
||||
LD_PRELOAD is a mechanism designed by GNU for the purpose of ruining the security
|
||||
of your system. One of the many ways LD_PRELOAD kills security is by making
|
||||
Wayland keyloggers possible.
|
||||
|
||||
There are a number of strategies for dealing with this but they all suck a little.
|
||||
In order of most practical to least practical:
|
||||
LD_PRELOAD is a mechanism designed to ruin the security of your system. There are
|
||||
a number of strategies for dealing with this but they all suck a little. In order
|
||||
of most practical to least practical:
|
||||
|
||||
1. Only run important programs via exec. Sway's exec command will ensure that
|
||||
LD_PRELOAD is unset when running programs.
|
||||
|
@ -54,7 +51,7 @@ In order of most practical to least practical:
|
|||
but this is the most effective solution.
|
||||
|
||||
3. Use static linking for important programs. Of course statically linked programs
|
||||
are unaffected by the security dumpster fire that is dynamic linking.
|
||||
are unaffected by the dynamic linking security dumpster fire.
|
||||
|
||||
Note that should you choose method 1, you MUST ensure that sway itself isn't
|
||||
compromised by LD_PRELOAD. It probably isn't, but you can be sure by setting
|
||||
|
|
Loading…
Reference in a new issue