mirrors
/
sway
mirror of https://github.com/swaywm/sway.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,051 Commits 10 Branches 91 Tags 39 MiB
Commit Graph

2051 Commits

Author SHA1 Message Date
Drew DeVault 7784f1a905 Handle allocation failures in security code 
Note that such errors are generally going to be fatal
 2016-12-15 19:01:41 -05:00
Drew DeVault 31b002b6d5 Handle IPC server allocation failures 2016-12-15 19:01:41 -05:00
Drew DeVault 8cef81d6f2 Handle some more memory allocation failures 2016-12-15 19:01:41 -05:00
Drew DeVault d75a747a3d Handle config-related allocation failures 2016-12-15 19:01:41 -05:00
Drew DeVault 248df18c24 Handle allocation failure in commands 2016-12-15 19:01:40 -05:00
Drew DeVault 8691ff1b63 Handle border-related malloc failures 2016-12-15 19:01:40 -05:00
Drew DeVault ad7f68585b Always log filename and line number 2016-12-15 19:01:40 -05:00
Drew DeVault 4c6c65e70c Handle malloc failures from read_line 2016-12-15 19:01:40 -05:00
Drew DeVault 9ad1e6b40f Handle malloc failure in ipc_recv_response 2016-12-15 19:01:40 -05:00
Drew DeVault 6c0fc20936 Merge pull request #991 from barfoo1/registry_fix 
minor logic error in registry.c:seat_handle_capabilities()
 2016-12-14 04:29:52 -05:00
barfoo1 dc6942d10d minor logic error 2016-12-14 10:24:13 +01:00
Drew DeVault 6350752d6b Merge pull request #985 from myfreeweb/master 
Fix build on FreeBSD
 2016-12-11 14:07:08 -05:00
Greg V da26d69cb1 Fix build on FreeBSD 
- Make sure CMake always finds absolute paths for Cairo, Pango and GdkPixbuf
- Add forgotten json-c include path to swaymsg/CMakeLists.txt
- Disable -Werror because of assert warnings
- Add correct /proc/pid/file path for FreeBSD
- Use libepoll-shim on FreeBSD
- Only use Linux capabilities on, well, Linux
 2016-12-09 19:32:07 +03:00
Drew DeVault d93e53fd4b Use return value of write 2016-12-06 09:10:16 -05:00
Drew DeVault 979878d8af Decrement expected_len 2016-12-04 10:55:11 -05:00
Drew DeVault cb0ca3c301 Change name of ld-library-path cmake variable 2016-12-04 10:20:15 -05:00
Drew DeVault 49fe25c106 Mention setcap in manual install instructions 2016-12-04 09:59:25 -05:00
Drew DeVault 1d39c22a38 Add link to security features issue in readme 2016-12-04 09:52:38 -05:00
Drew DeVault 1a509dcc29 Fix to sway-security(7) 2016-12-04 09:49:13 -05:00
Drew DeVault cdecf3c495 Drop restart command from sanity check 
Since we don't actually have one of those
 2016-12-04 09:37:24 -05:00
Drew DeVault 6604bb67ea Fix minor issues with default security config 2016-12-04 09:12:31 -05:00
D.B 35b8d185ac fix layout switching (was broken because of workspace_layout) 
For workspace containers, swayc_change_layout also changes ->layout alongside
->workspace_layout when it's a sensible thing to do. There is an additional test
for 'layout toggle' command which ensures that containers will be tiled
horizontally after toggling from tabbed or stacked.
 2016-12-04 08:31:34 -05:00
D.B 4762bcb3b9 wrap some views under workspaces 
If workspace layout is set to tabbed or stacked, its C_VIEW children
should get wrapped in a container. Alongside that, move_container was
modified to retain previous functionality.
 2016-12-04 08:31:34 -05:00
D.B 6fb4b6737a add workspace_layout to container 
Add swayc_change_layout function, which changes either layout or
workspace_layout, depending on the container type.
 2016-12-04 08:31:34 -05:00
Drew DeVault 5778c59a2f Merge pull request #981 from SirCmpwn/security 
Security features
 2016-12-04 08:30:40 -05:00
Drew DeVault e7a764fdf4 Disallow everything by default 
And update config.d/security to configure sane defaults
 2016-12-03 12:38:42 -05:00
Drew DeVault 93d99f3712 Fix use-after-free 2016-12-02 18:57:10 -05:00
Drew DeVault d2d6fcd1ff Fix clang issues 2016-12-02 18:38:31 -05:00
Drew DeVault 8577095db7 Check for CAP_SYS_PTRACE 2016-12-02 18:37:01 -05:00
Drew DeVault d353da248b Add ipc connection feature policy controls 2016-12-02 18:09:19 -05:00
Drew DeVault 62dad7148f Enforce IPC security policy 2016-12-02 17:55:03 -05:00
Drew DeVault c8dc4925d1 Add IPC security policy command handlers 2016-12-02 17:34:26 -05:00
Drew DeVault e9e1a6a409 Add IPC policy to config 
Also reduces enum abuse, cc @minus7
 2016-12-02 16:08:45 -05:00
Drew DeVault 0a1b211e09 Drop -Denable-binding-event 2016-12-02 16:01:33 -05:00
Drew DeVault 25a4a85a59 Run config files through sed and install to /etc 2016-12-02 15:56:36 -05:00
Drew DeVault 751e6d2ab2 Clarify lock permission consequences 2016-12-02 10:34:17 -05:00
Drew DeVault 0c8dc0e6df Clarify that executable has to be a full path 2016-12-02 10:32:08 -05:00
Drew DeVault c61746a15b Soften up environment security 
So no one gets their feewings hurt
 2016-12-02 10:29:50 -05:00
Drew DeVault a4e92ad272 Deal with LD_LIBRARY_PATH 2016-12-02 10:23:30 -05:00
Drew DeVault 1a143e601b Clarify when keyboard/mouse features work 2016-12-02 10:17:53 -05:00
Drew DeVault 4d312f753c Add docs on what features sway programs require 2016-12-02 10:13:06 -05:00
Drew DeVault 3dbeb9c35c Add sway-security(7) 2016-12-02 10:05:43 -05:00
Drew DeVault 10c2125040 Unset LD_PRELOAD on startup (before dropping root) 
LD_PRELOAD enables keyloggers to easily be made. This solution isn't
perfect - really a secure system wouldn't have LD_PRELOAD at all. It was
a stupid idea in the first place.
 2016-12-02 08:47:47 -05:00
Drew DeVault 04fc10feeb Flesh out security_sanity_check 2016-12-02 08:42:26 -05:00
Drew DeVault 39cf9a82f7 Enforce command policies 2016-12-02 08:17:45 -05:00
Drew DeVault f23880b1fd Add support for command policies in config file 2016-12-02 08:10:03 -05:00
Drew DeVault 0d395681fe Enforce mouse permissions 2016-12-01 22:11:48 -05:00
Drew DeVault 8aeeacf178 Enforce keyboard permissions 2016-12-01 22:09:33 -05:00
Drew DeVault ffdbb9d050 Enforce fullscreen permissions 2016-12-01 22:03:36 -05:00
Drew DeVault dc4b57c868 Shut Clang up 2016-12-01 21:58:38 -05:00