xpra icon
Bug tracker and wiki

This bug tracker and wiki are being discontinued
please use https://github.com/Xpra-org/xpra instead.

Opened 8 years ago

Last modified 17 months ago

#622 assigned enhancement

seccomp security support

Reported by: Antoine Martin Owned by: Antoine Martin
Priority: minor Milestone: future
Component: core Version:
Keywords: Cc:

Description (last modified by Antoine Martin)

See libseccomp.

It shouldn't be too hard to wrap this in ctypes or Cython.

After we have started the server, created its log file, the vfb and all the clients, there is no need for having permission to create any more (as long as we can still send signals to clients). (the only exception might be the setxkbmap call we still make to setup the keyboard for new clients, the client code has already had this replaced with native xkb calls in r6931, alternatively we can look at xkbcommon #371)

Client side, the same caveat applies: we currently have a setxkbmap fallback, which we could probably get rid of.

Change History (4)

comment:1 Changed 8 years ago by Antoine Martin

Description: modified (diff)
Owner: changed from Antoine Martin to Antoine Martin
Status: newassigned

comment:2 Changed 8 years ago by Antoine Martin

Found that there are already some nice Cython bindings in libseccomp: python/seccomp.pyx - they're just not packaged anywhere, but since the license is LGPL, we can just copy it into our source tree for now.

Hurdles for implementation:

  • the keyboard code needs to be done natively (which will just re-use the X11 connection)
  • if used, the password file has to be read on start - some other authentication modules may cause problems
  • opencl and nvenc will cause us problems: they spawn processes (bytecode compilers) and open devices..

Maybe the proxy instance process is a good candidate, as it does nothing but forward data between already opened connections. (except for the nvenc / opencl case...)

comment:3 Changed 7 years ago by Antoine Martin

Milestone: 0.15future

And we now have the ability to start new commands on the fly, etc..

Too much of a moving target.

comment:4 Changed 17 months ago by migration script

this ticket has been moved to: https://github.com/Xpra-org/xpra/issues/622

Note: See TracTickets for help on using tickets.