mirrors/sway

Fork 0

mirror of https://github.com/swaywm/sway.git synced 2024-11-05 16:03:11 +00:00

Commit graph

Author	SHA1	Message	Date
Drew DeVault	c89e00a97e	Fix swaylock w/shadow on glibc, improve security Today I learned that GNU flaunts the POSIX standard in yet another creative way. Additionally, this adds some security improvements, namely: - Zeroing out password buffers in the privileged child process - setuid/setgid after reading /etc/shadow	2018-10-06 12:20:12 -04:00
Drew DeVault	c977349120	Add support for building swaylock without PAM This involves setuid'ing swaylock, which then forks and drops perms on the parent process. The child process remains root and listens on a pipe for requests to validate passwords against /etc/shadow.	2018-09-28 13:53:01 +02:00

Author

SHA1

Message

Date

Drew DeVault

c89e00a97e

Fix swaylock w/shadow on glibc, improve security

Today I learned that GNU flaunts the POSIX standard in yet another
creative way. Additionally, this adds some security improvements,
namely:

- Zeroing out password buffers in the privileged child process
- setuid/setgid after reading /etc/shadow

2018-10-06 12:20:12 -04:00

Drew DeVault

c977349120

Add support for building swaylock without PAM

This involves setuid'ing swaylock, which then forks and drops perms on
the parent process. The child process remains root and listens on a pipe
for requests to validate passwords against /etc/shadow.

2018-09-28 13:53:01 +02:00

2 commits