security-context: implement protocol

fixes #7318
author: Vaxry <[email protected]> 2024-10-06 14:07:07 +0100
committer: Vaxry <[email protected]> 2024-10-06 14:07:07 +0100
commit: da86aac0f5c5c3604351961b901f62cdf7186a10 (patch)
tree: cffe015c9899d699d401301018a430b5ab39e8a7 /src/Compositor.cpp
parent: 0c7a7e2d569eeed9d6025f3eef4ea0690d90845d (diff)
download: Hyprland-da86aac0f5c5c3604351961b901f62cdf7186a10.tar.gz
Hyprland-da86aac0f5c5c3604351961b901f62cdf7186a10.zip
1 files changed, 12 insertions, 0 deletions
diff --git a/src/Compositor.cpp b/src/Compositor.cpp
index b4d10c88..f00e1e34 100644
--- a/src/Compositor.cpp
+++ b/src/Compositor.cpp
@@ -24,6 +24,7 @@
 #include "protocols/LayerShell.hpp"
 #include "protocols/XDGShell.hpp"
 #include "protocols/XDGOutput.hpp"
+#include "protocols/SecurityContext.hpp"
 #include "protocols/core/Compositor.hpp"
 #include "protocols/core/Subcompositor.hpp"
 #include "desktop/LayerSurface.hpp"
@@ -211,10 +212,21 @@ void CCompositor::setRandomSplash() {
 static std::vector<SP<Aquamarine::IOutput>> pendingOutputs;
 
 //
+
+static bool filterGlobals(const wl_client* client, const wl_global* global, void* data) {
+    if (!PROTO::securityContext->isClientSandboxed(client))
+        return true;
+
+    return !g_pProtocolManager || !g_pProtocolManager->isGlobalPrivileged(global);
+}
+
+//
 void CCompositor::initServer(std::string socketName, int socketFd) {
 
     m_sWLDisplay = wl_display_create();
 
+    wl_display_set_global_filter(m_sWLDisplay, ::filterGlobals, nullptr);
+
     m_sWLEventLoop = wl_display_get_event_loop(m_sWLDisplay);
 
     // register crit signal handler
author	Vaxry <[email protected]>	2024-10-06 14:07:07 +0100
committer	Vaxry <[email protected]>	2024-10-06 14:07:07 +0100
commit	da86aac0f5c5c3604351961b901f62cdf7186a10 (patch)
tree	cffe015c9899d699d401301018a430b5ab39e8a7 /src/Compositor.cpp
parent	0c7a7e2d569eeed9d6025f3eef4ea0690d90845d (diff)
download	Hyprland-da86aac0f5c5c3604351961b901f62cdf7186a10.tar.gz Hyprland-da86aac0f5c5c3604351961b901f62cdf7186a10.zip