https://bugs.freedesktop.org/show_bug.cgi?id=84817
--- Comment #3 from [email protected] --- Sorry about the incomplete comment. I edited the title while drafting one, and hit save. As for WAYLAND_SOCKET, if the user needs child processes, that will probably be a bit unusable. It might also be possible for the setuid helper to setup a bind mount to the socket if it's not possible to make the Wayland server listen on two sockets, but that might be a bit too hackish, as the setuid helper will need to run again when the Wayland server dies to clean up the mounts. At the very least, if the target user knows the XDG_RUNTIME_DIR and WAYLAND_DISPLAY, you can set permissions for the user on the XDG_RUNTIME_DISPLAY, and WAYLAND_DISPLAY socket file, and then have the user symlink to it in their XDG_RUNTIME_DIR. This requires the user to have execute permissions on the XDG_RUNTIME_DIR. (Either chmod 711, or just grant x permissions with setfacl to the target user). If they know the file names of other files in XDG_RUNTIME_DIR, they will be able to have permissions to them, (mostly 755). -- You are receiving this mail because: You are the assignee for the bug.
_______________________________________________ wayland-bugs mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/wayland-bugs
