protocol-native: don't allow recursive security context

Place the engine name in pipewire.sec.context and make sure that a
client with a pipewire.sec.context property can't make new contexts.

src/pipewire/extensions/security-context.h

@@ -73,7 +73,8 @@ struct pw_security_context_methods {
 	 * \param engine_name a unique sandbox engine name.
 	 * \param listen_fd the fd to listen on for new connections
 	 * \param close_fd the fd used to stop listening
-	 * \param props extra (engine_name specific) properties.
+	 * \param props extra (engine_name specific) properties. These will be
+	 *       copied on the client that connects through this context.
 	 *
 	 * See https://gitlab.freedesktop.org/wayland/wayland-protocols/-/blob/main/staging/security-context/engines.md
 	 * For a list of engine_names and the properties to set.

src/pipewire/keys.h

@@ -39,6 +39,7 @@ extern "C" {
 #define PW_KEY_SEC_LABEL		"pipewire.sec.label"	/**< client security label, set by protocol*/
 
 #define PW_KEY_SEC_SOCKET		"pipewire.sec.socket"	/**< client socket name, set by protocol */
+#define PW_KEY_SEC_CONTEXT		"pipewire.sec.context"	/**< client secure context, set by protocol */
 
 #define PW_KEY_LIBRARY_NAME_SYSTEM	"library.name.system"	/**< name of the system library to use */
 #define PW_KEY_LIBRARY_NAME_LOOP	"library.name.loop"	/**< name of the loop library to use */