> On Dec. 15, 2014, 2:39 p.m., David Edmundson wrote: > > So basically we have a named pipe and we we pass back the wID of the lock > > screen to ksld? > > > > I'm not sure what benefit we have from using Wayland as the protocol as > > opposed to a private p2p DBus session or just writing it out as a simple > > integer on a socket..but I can't see any harm either. > > > > +1
> So basically we have a named pipe and we we pass back the wID of the lock > screen to ksld? yes > I'm not sure what benefit we have from using Wayland as the protocol as > opposed to a private p2p DBus session or just writing it out as a simple > integer on a socket..but I can't see any harm either. one of the reasons is that I want to extend it to support more. E.g. with the protocol in place we can move the authentication to ksld. This makes integer on a socket a non-solution. Also we would have to add all the security like proper parsing whether it's an integer and so onl Concerning p2p DBus: I do not see a way on how one could pass the connection and ensure no other client connects to it except the expected one. This is possible in the KWayland case - you can see that there are validations in several places. > On Dec. 15, 2014, 2:39 p.m., David Edmundson wrote: > > ksmserver/screenlocker/waylandserver.cpp, line 44 > > <https://git.reviewboard.kde.org/r/121429/diff/2/?file=333348#file333348line44> > > > > FYI you end up calling this twice. Though it doesn't seem like that > > will cause a problem. I just added it in the dtor as a safety measure and stop is deliberately implemented in a way that it doesn't matter. - Martin ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://git.reviewboard.kde.org/r/121429/#review72044 ----------------------------------------------------------- On Dec. 15, 2014, 10:29 a.m., Martin Gräßlin wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://git.reviewboard.kde.org/r/121429/ > ----------------------------------------------------------- > > (Updated Dec. 15, 2014, 10:29 a.m.) > > > Review request for Plasma, Àlex Fiestas and David Edmundson. > > > Repository: plasma-workspace > > > Description > ------- > > The screenlocker_greet needs to tell the parent ksld process which > windows it created. Ksld sends input events to these windows. So > far this was based on an X property on the window. Unfortunately > ksld didn't validate whether the windows tagged with this property > belong to the screenlocker_greet process it started. > > With this change the communication for announcing windows is moved > away from the X11 protocol and instead a custom Wayland protocol is > used. > > Ksld starts a KWaylandServer when the greet process gets started. It > creates anonymous unix sockets for the connection and passes one > filedescriptor to the started greeter process. > > The check for the X property is removed in ksld and instead only > windows ids passed through the Wayland socket connection are > accepted. > > > Diffs > ----- > > ksmserver/screenlocker/ksldapp.cpp 22698ce37e9d4be17126111b3ded8133f7c3baa6 > ksmserver/screenlocker/lockwindow.h > 9938d201269c89a24c9c0bd6275aa5f731bb5535 > ksmserver/screenlocker/lockwindow.cpp > 3aa963a59e21636862f5ca59e220bbea3bd41ff9 > ksmserver/screenlocker/protocols/ksld.xml PRE-CREATION > ksmserver/screenlocker/waylandserver.h PRE-CREATION > ksmserver/screenlocker/waylandserver.cpp PRE-CREATION > ksmserver/screenlocker/greeter/greeterapp.h > b92b13b63365a9026dba5d71b772dcd8c9ee3d3b > ksmserver/screenlocker/greeter/greeterapp.cpp > 30d1821bdba38028959f3457e900a1b32e628192 > ksmserver/screenlocker/greeter/main.cpp > 12e570107d0cba851b8978131d730b27924529bb > ksmserver/screenlocker/ksldapp.h 095424c9845c134aa156917aeb6c8ddf31e8d25a > CMakeLists.txt c6d89c14b05f5639937aee5692d305fa2faed974 > ksmserver/screenlocker/CMakeLists.txt > 5378a10df2be70cee95b5612c23046eae639f610 > ksmserver/screenlocker/greeter/CMakeLists.txt > 10c473488f08354096f68784b9240392a444af5f > > Diff: https://git.reviewboard.kde.org/r/121429/diff/ > > > Testing > ------- > > Running ksmserver with the patch. Lock/unlock working, my exploit is failing. > > > Thanks, > > Martin Gräßlin > >
_______________________________________________ Plasma-devel mailing list Plasma-devel@kde.org https://mail.kde.org/mailman/listinfo/plasma-devel
