Comment 3 for bug 1211141
Revision history for this message
| Daniel van Vugt (vanvugt) wrote Re: Unity system compositor allows connections from any Mir client | #3 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
513534c
demo site
(Get the code!)
I think we made the critical mistake of designing a solution in the bug description. All we should do is ensure the permissions are restricted on the server socket file. So other users/daemons can't display things.
If however a "malicious program" is running as yourself, then you're already compromised, and already screwed.
I just want to make sure the desktop user still has permission to run a native Mir client on their own desktop. That's really important for us to triage bugs, and has been so far.