diff options
author | Drew DeVault <sir@cmpwn.com> | 2016-12-02 10:29:50 -0500 |
---|---|---|
committer | Drew DeVault <sir@cmpwn.com> | 2016-12-02 10:29:50 -0500 |
commit | c61746a15b78bcd22ca473345ff164ff2c9de973 (patch) | |
tree | 34d5d16ec773c124877d8255e22a8b20947ca438 /sway/sway-security.7.txt | |
parent | a4e92ad2723a9c33c029f90f8a2af054bf74e1ce (diff) |
Soften up environment security
So no one gets their feewings hurt
Diffstat (limited to 'sway/sway-security.7.txt')
-rw-r--r-- | sway/sway-security.7.txt | 11 |
1 files changed, 4 insertions, 7 deletions
diff --git a/sway/sway-security.7.txt b/sway/sway-security.7.txt index b6f18e80..ec11f10b 100644 --- a/sway/sway-security.7.txt +++ b/sway/sway-security.7.txt @@ -39,12 +39,9 @@ you choose to place it in other locations. Environment security -------------------- -LD_PRELOAD is a mechanism designed by GNU for the purpose of ruining the security -of your system. One of the many ways LD_PRELOAD kills security is by making -Wayland keyloggers possible. - -There are a number of strategies for dealing with this but they all suck a little. -In order of most practical to least practical: +LD_PRELOAD is a mechanism designed to ruin the security of your system. There are +a number of strategies for dealing with this but they all suck a little. In order +of most practical to least practical: 1. Only run important programs via exec. Sway's exec command will ensure that LD_PRELOAD is unset when running programs. @@ -54,7 +51,7 @@ In order of most practical to least practical: but this is the most effective solution. 3. Use static linking for important programs. Of course statically linked programs - are unaffected by the security dumpster fire that is dynamic linking. + are unaffected by the dynamic linking security dumpster fire. Note that should you choose method 1, you MUST ensure that sway itself isn't compromised by LD_PRELOAD. It probably isn't, but you can be sure by setting |