aboutsummaryrefslogtreecommitdiff
path: root/sway/sway-security.7.txt
diff options
context:
space:
mode:
authorDrew DeVault <sir@cmpwn.com>2016-12-02 10:29:50 -0500
committerDrew DeVault <sir@cmpwn.com>2016-12-02 10:29:50 -0500
commitc61746a15b78bcd22ca473345ff164ff2c9de973 (patch)
tree34d5d16ec773c124877d8255e22a8b20947ca438 /sway/sway-security.7.txt
parenta4e92ad2723a9c33c029f90f8a2af054bf74e1ce (diff)
Soften up environment security
So no one gets their feewings hurt
Diffstat (limited to 'sway/sway-security.7.txt')
-rw-r--r--sway/sway-security.7.txt11
1 files changed, 4 insertions, 7 deletions
diff --git a/sway/sway-security.7.txt b/sway/sway-security.7.txt
index b6f18e80..ec11f10b 100644
--- a/sway/sway-security.7.txt
+++ b/sway/sway-security.7.txt
@@ -39,12 +39,9 @@ you choose to place it in other locations.
Environment security
--------------------
-LD_PRELOAD is a mechanism designed by GNU for the purpose of ruining the security
-of your system. One of the many ways LD_PRELOAD kills security is by making
-Wayland keyloggers possible.
-
-There are a number of strategies for dealing with this but they all suck a little.
-In order of most practical to least practical:
+LD_PRELOAD is a mechanism designed to ruin the security of your system. There are
+a number of strategies for dealing with this but they all suck a little. In order
+of most practical to least practical:
1. Only run important programs via exec. Sway's exec command will ensure that
LD_PRELOAD is unset when running programs.
@@ -54,7 +51,7 @@ In order of most practical to least practical:
but this is the most effective solution.
3. Use static linking for important programs. Of course statically linked programs
- are unaffected by the security dumpster fire that is dynamic linking.
+ are unaffected by the dynamic linking security dumpster fire.
Note that should you choose method 1, you MUST ensure that sway itself isn't
compromised by LD_PRELOAD. It probably isn't, but you can be sure by setting