pogmommy/swayfx
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
4557 commits 17 branches 8 tags 44 MiB
Commit graph

2711 commits

Author SHA1 Message Date
Drew DeVault
d859f825d3 Fix build error 2016-12-15 19:01:41 -05:00
Drew DeVault
63d96c1bb4 Fix indentation issues 2016-12-15 19:01:41 -05:00
Drew DeVault
10c8b73075 Handle calloc failures 2016-12-15 19:01:41 -05:00
Drew DeVault
a2b9149656 Add remaining sway allocation failure handling 2016-12-15 19:01:41 -05:00
Drew DeVault
7784f1a905 Handle allocation failures in security code 
Note that such errors are generally going to be fatal
 2016-12-15 19:01:41 -05:00
Drew DeVault
31b002b6d5 Handle IPC server allocation failures 2016-12-15 19:01:41 -05:00
Drew DeVault
8cef81d6f2 Handle some more memory allocation failures 2016-12-15 19:01:41 -05:00
Drew DeVault
d75a747a3d Handle config-related allocation failures 2016-12-15 19:01:41 -05:00
Drew DeVault
248df18c24 Handle allocation failure in commands 2016-12-15 19:01:40 -05:00
Drew DeVault
8691ff1b63 Handle border-related malloc failures 2016-12-15 19:01:40 -05:00
Drew DeVault
4c6c65e70c Handle malloc failures from read_line 2016-12-15 19:01:40 -05:00
Greg V
da26d69cb1 Fix build on FreeBSD 
- Make sure CMake always finds absolute paths for Cairo, Pango and GdkPixbuf
- Add forgotten json-c include path to swaymsg/CMakeLists.txt
- Disable -Werror because of assert warnings
- Add correct /proc/pid/file path for FreeBSD
- Use libepoll-shim on FreeBSD
- Only use Linux capabilities on, well, Linux
 2016-12-09 19:32:07 +03:00
Drew DeVault
d93e53fd4b Use return value of write 2016-12-06 09:10:16 -05:00
Drew DeVault
979878d8af Decrement expected_len 2016-12-04 10:55:11 -05:00
Drew DeVault
1a509dcc29 Fix to sway-security(7) 2016-12-04 09:49:13 -05:00
Drew DeVault
cdecf3c495 Drop restart command from sanity check 
Since we don't actually have one of those
 2016-12-04 09:37:24 -05:00
D.B
35b8d185ac fix layout switching (was broken because of workspace_layout) 
For workspace containers, swayc_change_layout also changes ->layout alongside
->workspace_layout when it's a sensible thing to do. There is an additional test
for 'layout toggle' command which ensures that containers will be tiled
horizontally after toggling from tabbed or stacked.
 2016-12-04 08:31:34 -05:00
D.B
4762bcb3b9 wrap some views under workspaces 
If workspace layout is set to tabbed or stacked, its C_VIEW children
should get wrapped in a container. Alongside that, move_container was
modified to retain previous functionality.
 2016-12-04 08:31:34 -05:00
D.B
6fb4b6737a add workspace_layout to container 
Add swayc_change_layout function, which changes either layout or
workspace_layout, depending on the container type.
 2016-12-04 08:31:34 -05:00
Drew DeVault
e7a764fdf4 Disallow everything by default 
And update config.d/security to configure sane defaults
 2016-12-03 12:38:42 -05:00
Drew DeVault
93d99f3712 Fix use-after-free 2016-12-02 18:57:10 -05:00
Drew DeVault
d2d6fcd1ff Fix clang issues 2016-12-02 18:38:31 -05:00
Drew DeVault
8577095db7 Check for CAP_SYS_PTRACE 2016-12-02 18:37:01 -05:00
Drew DeVault
d353da248b Add ipc connection feature policy controls 2016-12-02 18:09:19 -05:00
Drew DeVault
62dad7148f Enforce IPC security policy 2016-12-02 17:55:03 -05:00
Drew DeVault
c8dc4925d1 Add IPC security policy command handlers 2016-12-02 17:34:26 -05:00
Drew DeVault
e9e1a6a409 Add IPC policy to config 
Also reduces enum abuse, cc @minus7
 2016-12-02 16:08:45 -05:00
Drew DeVault
0a1b211e09 Drop -Denable-binding-event 2016-12-02 16:01:33 -05:00
Drew DeVault
25a4a85a59 Run config files through sed and install to /etc 2016-12-02 15:56:36 -05:00
Drew DeVault
751e6d2ab2 Clarify lock permission consequences 2016-12-02 10:34:17 -05:00
Drew DeVault
0c8dc0e6df Clarify that executable has to be a full path 2016-12-02 10:32:08 -05:00
Drew DeVault
c61746a15b Soften up environment security 
So no one gets their feewings hurt
 2016-12-02 10:29:50 -05:00
Drew DeVault
a4e92ad272 Deal with LD_LIBRARY_PATH 2016-12-02 10:23:30 -05:00
Drew DeVault
1a143e601b Clarify when keyboard/mouse features work 2016-12-02 10:17:53 -05:00
Drew DeVault
4d312f753c Add docs on what features sway programs require 2016-12-02 10:13:06 -05:00
Drew DeVault
3dbeb9c35c Add sway-security(7) 2016-12-02 10:05:43 -05:00
Drew DeVault
10c2125040 Unset LD_PRELOAD on startup (before dropping root) 
LD_PRELOAD enables keyloggers to easily be made. This solution isn't
perfect - really a secure system wouldn't have LD_PRELOAD at all. It was
a stupid idea in the first place.
 2016-12-02 08:47:47 -05:00
Drew DeVault
04fc10feeb Flesh out security_sanity_check 2016-12-02 08:42:26 -05:00
Drew DeVault
39cf9a82f7 Enforce command policies 2016-12-02 08:17:45 -05:00
Drew DeVault
f23880b1fd Add support for command policies in config file 2016-12-02 08:10:03 -05:00
Drew DeVault
0d395681fe Enforce mouse permissions 2016-12-01 22:11:48 -05:00
Drew DeVault
8aeeacf178 Enforce keyboard permissions 2016-12-01 22:09:33 -05:00
Drew DeVault
ffdbb9d050 Enforce fullscreen permissions 2016-12-01 22:03:36 -05:00
Drew DeVault
dc4b57c868 Shut Clang up 2016-12-01 21:58:38 -05:00
Drew DeVault
21e1b2bef3 Add security checks for background, panel, lock 2016-12-01 21:51:07 -05:00
Drew DeVault
76cab04b4d Implement permit and reject commands 2016-12-01 21:36:43 -05:00
Drew DeVault
1a8a42f372 Memory leak 2016-12-01 20:39:35 -05:00
Drew DeVault
2675293200 Implement policy lookups 2016-12-01 19:58:11 -05:00
Drew DeVault
44cc0ef125 Add config related code and initial headers 2016-12-01 19:38:36 -05:00
Drew DeVault
5831f7ab68 Write example security config, start on code 2016-12-01 19:27:35 -05:00