From 18a4ded30771240916454bfcfa4fb037b539f9ff Mon Sep 17 00:00:00 2001 From: David Edmundson Date: Wed, 6 Nov 2019 13:39:58 +0000 Subject: [PATCH] [wayland] Fix sha check of filtered applications Summary: We have a sha check rather than just readlink as an app in a mount namespace could have an executable with the same path as an exectuable on the host system that we trust. This became overly complicated to solve an issue that didn't exist. sha(/proc/PID/exe) does resolve to what is currently running even if sha(readlink(/proc/PID/exe) does not as /proc is magic. This patch compares the root file system as kwin sees it to the running exe. See later comments on D22571 Reviewers: fvogt Reviewed By: fvogt Subscribers: kwin Tags: #kwin Differential Revision: https://phabricator.kde.org/D25169 --- wayland_server.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wayland_server.cpp b/wayland_server.cpp index 2cce2c5efa..e92d634b44 100644 --- a/wayland_server.cpp +++ b/wayland_server.cpp @@ -221,7 +221,7 @@ public: } bool isTrustedOrigin(KWayland::Server::ClientConnection *client) const { - const auto fullPathSha = sha256(QStringLiteral("/proc/") + QString::number(client->processId()) + QLatin1String("/root") + client->executablePath()); + const auto fullPathSha = sha256(client->executablePath()); const auto localSha = sha256(QLatin1String("/proc/") + QString::number(client->processId()) + QLatin1String("/exe")); const bool trusted = !localSha.isEmpty() && fullPathSha == localSha;