2014/1/3 Maarten Baert <maarten-ba...@hotmail.com>: > > So far your protocol sounded secure, but I think this is where it breaks > down. You're leaving the Wayland server open to a confused deputy attack, > and also a social engineering attack.
And also please consider the following "hammer-based" attack. A piece of malware could repeatedly try to launch something privileged. It looks like this. A polkit agent dialog appears, which is modal in most cases. The user says "No". The dialog immediately appears again. The user says "No". The dialog appears until the user authorizes the malware to do its bad thing. Of course this is not specific to Wayland or Weston, please run this piece of pseudo-malware to see what I mean: while ! pkexec bash ; do echo "Too bad" ; done So my opinion is that polkit dialogs should be avoided, or should have some protection against this. -- Alexander E. Patrakov _______________________________________________ wayland-devel mailing list wayland-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/wayland-devel