security/hakurei
6
3
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases 11 Wiki Activity

app: tag ACL operations for revert

Browse Source 
ACL operations are now tagged with the enablement causing them. At the end of child process's life, enablements of all remaining launchers are resolved and inverted. This allows Wait to only revert operations targeting resources no longer required by other launchers.

Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
This commit is contained in:
Ophestra
2024-10-10 14:33:58 +09:00
parent 86cb5ac1db
commit a3aadd4146
4 changed files with 72 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
internal/app/share.display.go
View File

@@ -42,7 +42,7 @@ func (seal *appSeal) shareDisplay() error {
seal.appendEnv(waylandDisplay, wpi)
// ensure Wayland socket ACL (e.g. `/run/user/%d/wayland-%d`)
seal.sys.updatePerm(wp, acl.Read, acl.Write, acl.Execute)
seal.sys.updatePermTag(state.EnableWayland, wp, acl.Read, acl.Write, acl.Execute)
}
}