From 1eade910bedf94a8737e2e26082b66020451adbd Mon Sep 17 00:00:00 2001 From: Linus Johansen Date: Sun, 22 May 2022 20:25:59 +0200 Subject: [PATCH] Started work on a findings file documenting our research --- FINDINGS.md | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 FINDINGS.md diff --git a/FINDINGS.md b/FINDINGS.md new file mode 100644 index 0000000..defd48e --- /dev/null +++ b/FINDINGS.md @@ -0,0 +1,26 @@ +# Findings. + +This is basically a summary of our findings whilst trying to become +totally independent of root access. + +## Seat + +One of our first suggestions where opening a seat to get access to the +keyboard and other input devices. After a lot of research we concluded +this path unviable. This is going to be technical. + +So basically when a process asks the systems seat manager if they could +open a seat they indirectly ask to take control of the whole session. + +Well in simple terms it means if we go ahead and implement seat support +the compositor/display server can't access a keyboard and mouse anymore +totally breaking normal expected compositor behaviour. Big nono. + +## Pkexec + +Pkexec is our current solution... (Somebody else do this i have no idea.) + +## Polkit + +Polkit is a solution we have considered... (Somebody else do this i have +no idea.)