wayland: prevent unprivileged clients from binding secure globals

2022-05-07 19:59:51 +02:00 · 2022-05-07 19:59:51 +02:00 · 1e9cc60693
commit 1e9cc60693
parent 6c9e058c3f
2 changed files with 13 additions and 7 deletions
--- a/src/globals.rs
+++ b/src/globals.rs
@ -174,8 +174,16 @@ impl Globals {
        self.broadcast(state, global.secure(), |r| r.send_global(&global));
    }

-    pub fn get(&self, name: GlobalName) -> Result<Rc<dyn Global>, GlobalsError> {
-        self.take(name, false)
+    pub fn get(
+        &self,
+        name: GlobalName,
+        allow_secure: bool,
+    ) -> Result<Rc<dyn Global>, GlobalsError> {
+        let global = self.take(name, false)?;
+        if global.secure() && !allow_secure {
+            return Err(GlobalsError::GlobalDoesNotExist(name));
+        }
+        Ok(global)
    }

    pub fn remove<T: WaylandGlobal>(&self, state: &State, global: &T) -> Result<(), GlobalsError> {
--- a/src/ifs/wl_registry.rs
+++ b/src/ifs/wl_registry.rs
@ -44,11 +44,9 @@ impl WlRegistry {

    fn bind(&self, parser: MsgParser<'_, '_>) -> Result<(), WlRegistryError> {
        let bind: Bind = self.client.parse(self, parser)?;
-        let global = self
-            .client
-            .state
-            .globals
-            .get(GlobalName::from_raw(bind.name))?;
+        let name = GlobalName::from_raw(bind.name);
+        let globals = &self.client.state.globals;
+        let global = globals.get(name, self.client.secure)?;
        if global.interface().name() != bind.interface {
            return Err(WlRegistryError::InvalidInterface(InterfaceError {
                name: global.name(),