mirrors/sway
1
0
Fork 0
mirror of https://github.com/swaywm/sway.git synced 2025-11-05 13:29:51 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add ipc connection feature policy controls

Browse source
This commit is contained in:
Drew DeVault 2016-12-02 18:08:15 -05:00
parent 62dad7148f
commit d353da248b
6 changed files with 34 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

21
sway/ipc-server.c
View file

@ -15,6 +15,7 @@
#include <libinput.h>
#include "sway/ipc-json.h"
#include "sway/ipc-server.h"
#include "sway/security.h"
#include "sway/config.h"
#include "sway/commands.h"
#include "sway/input.h"
@ -124,6 +125,17 @@ struct sockaddr_un *ipc_user_sockaddr(void) {
return ipc_sockaddr;
}
static pid_t get_client_pid(int client_fd) {
struct ucred ucred;
socklen_t len = sizeof(struct ucred);
if (getsockopt(client_fd, SOL_SOCKET, SO_PEERCRED, &ucred, &len) == -1) {
return -1;
}
return ucred.pid;
}
int ipc_handle_connection(int fd, uint32_t mask, void *data) {
(void) fd; (void) data;
sway_log(L_DEBUG, "Event on IPC listening socket");
@ -142,6 +154,15 @@ int ipc_handle_connection(int fd, uint32_t mask, void *data) {
return 0;
}
pid_t pid = get_client_pid(client_fd);
if (!(get_feature_policy(pid) & FEATURE_IPC)) {
sway_log(L_INFO, "Permission to connect to IPC socket denied to %d", pid);
const char *error = "{\"success\": false, \"message\": \"Permission denied\"}";
write(client_fd, &error, sizeof(error));
close(client_fd);
return 0;
}
struct ipc_client* client = malloc(sizeof(struct ipc_client));
client->payload_length = 0;
client->fd = client_fd;