nixpkgs-suyu/pkgs/desktops/plasma-5/kwin/0001-Lower-CAP_SYS_NICE-from-the-ambient-set.patch
Alois Wohlschlager f238a0a093
kwin: don't leak CAP_SYS_NICE
The capability wrapper raises CAP_SYS_NICE into the ambient set. As a
result, not only is kwin_wayland itself granted that capability, but
also all applications started by it (even transitively, i.e. the entire
desktop environment). While CAP_SYS_NICE is not a particularly dangerous
capability, that behaviour is still not great; furthermore it's annoying
because it breaks programs checking that they are not granted any
capabilities (e.g. bubblewrap).

Fix this behaviour by adding a patch that causes kwin_wayland to lower
CAP_SYS_NICE from the ambient capability set at startup. That way,
expected upstream behaviour is restored.
2022-08-07 19:12:37 +02:00

40 lines
1.2 KiB
Diff

From 232e480ab1303f37d37d295b57fdcbb6b6648bca Mon Sep 17 00:00:00 2001
From: Alois Wohlschlager <alois1@gmx-topmail.de>
Date: Sun, 7 Aug 2022 16:12:31 +0200
Subject: [PATCH] Lower CAP_SYS_NICE from the ambient set
The capabilities wrapper raises CAP_SYS_NICE into the ambient set so it
is inherited by the wrapped program. However, we don't want it to leak
into the entire desktop environment.
Lower the capability again at startup so that the kernel will clear it
on exec.
---
src/main_wayland.cpp | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/main_wayland.cpp b/src/main_wayland.cpp
index 1720e14e7..f2bb446b0 100644
--- a/src/main_wayland.cpp
+++ b/src/main_wayland.cpp
@@ -39,7 +39,9 @@
#include <QWindow>
#include <qplatformdefs.h>
+#include <linux/capability.h>
#include <sched.h>
+#include <sys/prctl.h>
#include <sys/resource.h>
#include <iomanip>
@@ -285,6 +287,7 @@ static QString automaticBackendSelection()
int main(int argc, char *argv[])
{
+ prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_LOWER, CAP_SYS_NICE, 0, 0);
KWin::Application::setupMalloc();
KWin::Application::setupLocalizedString();
KWin::gainRealTime();
--
2.37.1