[wayland] Fix sha check of filtered applications

Summary: We have a sha check rather than just readlink as an app in a mount namespace could have an executable with the same path as an exectuable on the host system that we trust. This became overly complicated to solve an issue that didn't exist. sha(/proc/PID/exe) does resolve to what is currently running even if sha(readlink(/proc/PID/exe) does not as /proc is magic. This patch compares the root file system as kwin sees it to the running exe. See later comments on D22571 Reviewers: fvogt Reviewed By: fvogt Subscribers: kwin Tags: #kwin Differential Revision: https://phabricator.kde.org/D25169
2019-11-06 13:39:58 +00:00 · 2019-11-06 13:39:58 +00:00 · 18a4ded307
parent 8c1589404d
commit 18a4ded307
1 changed files with 1 additions and 1 deletions
--- a/wayland_server.cpp
+++ b/wayland_server.cpp
@ -221,7 +221,7 @@ public:
    }

    bool isTrustedOrigin(KWayland::Server::ClientConnection *client) const {
-        const auto fullPathSha = sha256(QStringLiteral("/proc/") + QString::number(client->processId()) + QLatin1String("/root") + client->executablePath());
+        const auto fullPathSha = sha256(client->executablePath());
        const auto localSha = sha256(QLatin1String("/proc/") + QString::number(client->processId()) + QLatin1String("/exe"));
        const bool trusted = !localSha.isEmpty() && fullPathSha == localSha;