| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2016-06-12 | Merge branch 'lukeshu/postmove' into 'lukeshu/master' | Luke Shumaker | |
| 2016-06-09 | ./move.sh | Luke Shumaker | |
| 2016-06-09 | # Rename "Linux Boot Manager" -> "Systemd Boot Manager"systemd/v230-3.parabola1 | Luke Shumaker | |
| sed -i 's|Linux Boot Manager|Systemd Boot Manager|' src/boot/bootctl.c | |||
| 2016-06-09 | FSDG: systemd-resolved: Default to hostname "gnu-linux" instead of "linux" | Luke Shumaker | |
| 2016-06-09 | FSDG: os-release: Default to NAME "GNU/Linux" instead of "Linux". | Luke Shumaker | |
| 2016-06-09 | FSDG: os-release: Default to PRETTY_NAME "GNU/Linux" instead of "Linux". | Luke Shumaker | |
| 2016-06-09 | systemctl: fix return values on successsystemd/v230-3 | Christian Hesse | |
| 2016-06-09 | {machine,system}ctl: always pass &changes and &n_changes (#3350) | Christian Hesse | |
| We have to pass addresses of changes and n_changes to bus_deserialize_and_dump_unit_file_changes(). Otherwise we are hit by missing information (subsequent calls to unit_file_changes_add() to not add anything). Also prevent null pointer dereference in bus_deserialize_and_dump_unit_file_changes() by asserting. Fixes #3339 | |||
| 2016-06-09 | Revert "rules: allow users to access frame buffer devices" (#3333) | Zbigniew Jędrzejewski-Szmek | |
| This reverts commit 483d8bbb4c0190f419bf9fba57fb0feb1a56bea6. In [1] Michel Dänzer and Daniel Vetter wrote: >> The scenario you describe isn't possible if the Wayland compositor >> directly uses the KMS API of /dev/dri/card*, but it may be possible if >> the Wayland compositor uses the fbdev API of /dev/fb* instead (e.g. if >> weston uses its fbdev backend). > > Yeah, if both weston and your screen grabber uses native fbdev API you can > now screenshot your desktop. And since fbdev has no concept of "current > owner of the display hw" like the drm master, I think this is not fixable. > At least not just in userspace. Also even with native KMS compositors > fbdev still doesn't have the concept of ownership, which is why it doesn't > bother clearing it's buffer before KMS takes over. I agree that this > should be reverted or at least hidden better. TBH, I think that privilege separation between processes running under the same UID is tenuous. Even with drm, in common setups any user process can ptrace the "current owner of the display" and call DROP_MASTER or do whatever. It *is* possible to prevent that, e.g. by disabling ptrace using yama.ptrace_scope, or selinux, and so on, but afaik this is not commonly done. E.g. all Fedora systems pull in elfutils-default-yama-scope.rpm through dependencies which sets yama.ptrace_scope=0. And even assuming that ptrace was disabled, it is trivial to modify files on disk, communicate through dbus, etc; there is just to many ways for a non-sandboxed process to interact maliciously with the display shell to close them all off. To achieve real protection, some sort of sandboxing must be implemented, and in that case there is no need to rely on access mode on the device files, since much more stringent measures have to be implemented anyway. The situation is similar for framebuffer devices. It is common to add framebuffer users to video group to allow them unlimited access to /dev/fb*. Using uaccess would be better solution in that case. Also, since there is no "current owner" limitation like in DRM, processes running under the same UID should be able to access /proc/<pid-of-display-server>/fd/* and gain access to the devices. Nevertheless, weston implements a suid wrapper to access the devices and then drop privileges, and this patch would make this daemon pointless. So if the weston developers feel that this change reduces security, I prefer to revert it. [1] https://lists.freedesktop.org/archives/wayland-devel/2016-May/029017.html | |||
| 2016-06-09 | stuff | Luke Shumaker | |
| 2016-06-07 | Merge branch 'lukeshu/postmove' into lukeshu/master | Luke Shumaker | |
| 2016-06-07 | ./move.sh | Luke Shumaker | |
| 2016-06-07 | missed some | Luke Shumaker | |
| 2016-06-07 | Merge branch 'lukeshu/postmove' into lukeshu/master | Luke Shumaker | |
| # Conflicts: # src/Makefile # src/grp-boot/Makefile # src/grp-coredump/Makefile # src/grp-machine/Makefile # src/libsystemd/libsystemd-internal/subdir.mk # src/libudev/Makefile | |||
| 2016-06-07 | ./move.sh | Luke Shumaker | |
| 2016-06-07 | f | Luke Shumaker | |
| 2016-06-07 | Merge branch 'lukeshu/postmove' into lukeshu/master | Luke Shumaker | |
| # Conflicts: # build-aux/Makefile.each.tail/20-systemd.mk # build-aux/Makefile.once.head/20-systemd.mk # build-aux/Makefile.once.tail/20-systemd.mk # config.mk.in # src/busctl/Makefile # src/grp-boot/bootctl/Makefile # src/grp-boot/systemd-boot/Makefile # src/grp-coredump/coredumpctl/Makefile # src/grp-coredump/systemd-coredump/Makefile # src/grp-machine/libmachine-core/Makefile # src/grp-machine/nss-mymachines/Makefile # src/libbasic/Makefile # src/libfirewall/Makefile # src/libshared/Makefile # src/libsystemd/Makefile # src/libsystemd/libsystemd-internal/Makefile # src/libsystemd/libsystemd-journal-internal/Makefile # src/libudev/src/Makefile # src/systemd-nspawn/Makefile | |||
| 2016-06-07 | ./move.sh | Luke Shumaker | |
| 2016-06-07 | Makefile tidy | Luke Shumaker | |
| 2016-06-07 | Merge branch 'lukeshu/postmove' into lukeshu/master | Luke Shumaker | |
| 2016-06-07 | ./move.sh | Luke Shumaker | |
| 2016-06-07 | stuff | Luke Shumaker | |
| 2016-06-07 | stuff | Luke Shumaker | |
| 2016-06-07 | Merge branch 'lukeshu/postmove' into lukeshu/master | Luke Shumaker | |
| 2016-06-07 | ./move.sh | Luke Shumaker | |
| 2016-06-07 | stuff | Luke Shumaker | |
| 2016-06-07 | Merge branch 'lukeshu/postmove' into lukeshu/master | Luke Shumaker | |
| 2016-06-07 | ./move.sh | Luke Shumaker | |
| 2016-06-07 | stuff | Luke Shumaker | |
| 2016-06-07 | grp-boot | Luke Shumaker | |
| 2016-06-07 | Merge branch 'lukeshu/postmove' into lukeshu/master | Luke Shumaker | |
| # Conflicts: # src/systemd-nspawn/Makefile | |||
| 2016-06-07 | ./move.sh | Luke Shumaker | |
| 2016-06-07 | stuff | Luke Shumaker | |
| 2016-06-06 | Merge branch 'lukeshu/postmove' into lukeshu/master | Luke Shumaker | |
| # Conflicts: # src/libsystemd/libsystemd-internal/Makefile | |||
| 2016-06-06 | move things | Luke Shumaker | |
| 2016-06-06 | ./move.sh | Luke Shumaker | |
| 2016-06-06 | stuff | Luke Shumaker | |
| 2016-06-06 | add missing at.depdirs | Luke Shumaker | |
| 2016-06-06 | Merge branch 'lukeshu/postmove' into lukeshu/master | Luke Shumaker | |
| # Conflicts: # src/coredump/coredumpctl.c # src/coredumpctl/coredumpctl.c # src/systemd-coredump/coredumpctl.c | |||
| 2016-06-06 | ./move.sh | Luke Shumaker | |
| 2016-06-06 | move things | Luke Shumaker | |
| 2016-06-06 | busctl | Luke Shumaker | |
| 2016-06-06 | tidy | Luke Shumaker | |
| 2016-06-06 | oops | Luke Shumaker | |
| 2016-06-06 | tidy | Luke Shumaker | |
| 2016-06-06 | stuff | Luke Shumaker | |
| 2016-06-06 | libudev, systemd-nspawn | Luke Shumaker | |
| 2016-06-04 | stuff | Luke Shumaker | |
| 2016-06-02 | Merge branch 'lukeshu/postmove' into lukeshu/master | Luke Shumaker | |
| 2016-06-02 | ./move.sh | Luke Shumaker | |
 |
index : ~lukeshu/systemd | |
| Unnamed repository; edit this file 'description' to name the repository. | git-mirror |
| summaryrefslogtreecommitdiff |