Closed rpigott closed 1 year ago
Making secure_getenv
optional sounds fine to me, as long as it's an explicit, non-default flag passed by the application, and not controlled externally. I believe gdm had some issues with this as well.
I think it would be better for the flag to be explicit, e.g. XKB_CONTEXT_NO_SECURE_GETENV
. This would only control whether the library uses secure_getenv
or getenv
.
Looking at the code, it should be possible to thread a context flag to all places which call secure_getenv
currently (for libxkbregistry, the rxkb context). So we'll replace secure_getenv
calls with a xkb_context_getenv
which consults the flag (and same for rxkb).
Would you like to send a patch for this?
xref #129
Sure, I can send that patch.
Thanks, I think it will help us too :) https://lxr.kde.org/source/plasma/kwin/src/xkb.cpp#0180
0179 /**
0180 * libxkbcommon uses secure_getenv to read the XKB_DEFAULT_* variables.
0181 * As kwin_wayland may have the CAP_SET_NICE capability, it returns nullptr
0182 * so we need to do it ourselves (see xkb_context_sanitize_rule_names).
0183 **/
0184 void Xkb::applyEnvironmentRules(xkb_rule_names &ruleNames)
Hi there.
I'm working on sway, which uses CAP_SYS_NICE to gain realtime priority. This has the unfortunate side-effect of borking
xkb_context_include_path_append_default
because secure_getenv refuses to read $HOME, $XDG_CONFIG_HOME, etc. and this is a hassle to avoid.I would be interested in maybe a XKB_CONTEXT_YES_DEFAULT_INCLUDES flag (opposite of XKB_CONTEXT_NO_DEFAULT_INCLUDES) that would add these default configs using getenv on request. Sway doesn't support suid operation so I believe there would be no security risk to create our xkb context with such a flag.
Related: swaywm/sway#7311