Age | Commit message (Collapse) | Author | |
---|---|---|---|
2018-10-06 | Fix swaylock w/shadow on glibc, improve security | Drew DeVault | |
Today I learned that GNU flaunts the POSIX standard in yet another creative way. Additionally, this adds some security improvements, namely: - Zeroing out password buffers in the privileged child process - setuid/setgid after reading /etc/shadow | |||
2018-10-06 | swaylock: Support keyboard and pointer disconnects and reconnects | Ryan Dwyer | |
2018-09-30 | Add support for installing binaries with DT_RPATH | Arkadiusz Hiler | |
It's better to use DT_RPATH dynamic section of the elf binary to store the paths of libraries to load instead of overwriting LD_LIBRARY_PATH for the whole environment, causing surprises. This solution is much more transparent and perfectly suitable for running contained installations of wayland/wlroots/sway. The code unsetting the LD_LIBRARY_PATH/LD_PRELOAD was also deleted as it's a placebo security at best - we should trust the execution path that leads us to running sway, and it's way too late to care about those variables since we already started executing our compositor, thus we would be compromised anyway. | |||
2018-09-30 | Turn funcs() into funcs(void) | Arkadiusz Hiler | |
If they really do not take undefined number of arguments. | |||
2018-09-28 | Add support for building swaylock without PAM | Drew DeVault | |
This involves setuid'ing swaylock, which then forks and drops perms on the parent process. The child process remains root and listens on a pipe for requests to validate passwords against /etc/shadow. | |||
2018-09-22 | swaybar, swaylock, & tree/container: Set cairo font options to render text ↵ | Geoff Greer | |
and lines with subpixel hinting (if available). | |||
2018-08-30 | Add FreeBSD-specific PAM configuration | sghctoma | |
The "login" PAM configuration means somathing entirely different on FreeBSD than on Linux: if you try to authenticate as the calling user, it OKs the request without prompting for password. The "passwd" config implements the desired functionality, therefore it should be used by swaylock. | |||
2018-07-17 | Fix swaylock arguments | Brian Ashworth | |
2018-07-16 | Switch to using getopt_long for config flag | Brian Ashworth | |
2018-07-16 | Remove leftover parens | Brian Ashworth | |
2018-07-16 | Remove int cast after changing to size_t | Brian Ashworth | |
2018-07-16 | Change to size_t in swaylock's get_config_path | Brian Ashworth | |
2018-07-16 | Implement swaylock configuration file parsing | Brian Ashworth | |
2018-07-10 | Change formatting of swaylock usage in the code | Brian Ashworth | |
2018-07-10 | Implement swaylock customization flags | Brian Ashworth | |
2018-07-09 | Update for swaywm/wlroots#1126 | emersion | |
2018-07-07 | swaylock: daemonize after locking | emersion | |
2018-07-07 | swaylock: fix the displaying of "verified" | Dominique Martinet | |
Displaying verified after damaging state needs more than one roundtrip, so keep looping until surfaces are not dirty anymore | |||
2018-07-07 | Detect opaque lockscreen when using a solid color | Ryan Dwyer | |
2018-07-07 | Use infinite opaque region in swaylock | Ryan Dwyer | |
2018-07-07 | Use opaque region to determine if frame done should be sent | Ryan Dwyer | |
2018-07-04 | Fix transparency in background images in swaylock | Bor Grošelj Simić | |
2018-07-04 | Fix #1857 | Bor Grošelj Simić | |
2018-07-02 | swaylock daemonize: fix leak of devnull fd | Dominique Martinet | |
2018-06-08 | swaylock: implement ^U to clear buffer | Dominique Martinet | |
The whole state->xcb.modifiers thing didn't work at all (always 0) The xkb doc says "[xkb_state_serialize_mods] should not be used in regular clients; please use the xkb_state_mod_*_is_active API instead" so here it is | |||
2018-05-27 | swaylock: implement a proper render loop | emersion | |
2018-05-25 | Delete old asciidoc man pages | emersion | |
2018-05-23 | swaylock: remove unused field | emersion | |
2018-05-23 | swaylock: don't try to render unconfigured surfaces | emersion | |
2018-05-23 | Merge branch 'master' into fix-swaylock-hotplugging | emersion | |
2018-05-20 | Swaylock: Use calloc instead of malloc | Ryan Dwyer | |
2018-05-20 | Swaylock: Log error if multiple images are defined for the same output | Ryan Dwyer | |
2018-05-20 | Swaylock: Allow per-output images | Ryan Dwyer | |
2018-05-18 | Fix output hotplugging | emersion | |
2018-05-18 | Fix swaylock crashing when unplugging output | emersion | |
2018-05-11 | Add swaylock(1) and swaymsg(1) | Drew DeVault | |
2018-04-24 | Improved key handling in swaylock | Mattias Eriksson | |
Make escape clear buffer Add indicator states for ctrl,shift,super et al Add CapsLock indicator | |||
2018-04-20 | [swaylock] Install pam module | Bruno Pinto | |
2018-04-12 | swaylock: Securely zero-out password. | Geoff Greer | |
- Replace char* with static array. Any chars > 1024 will be discarded. - mlock() password buffer so it can't be written to swap. - Clear password buffer after auth succeeds or fails. This is basically the same treatment I gave the 0.15 branch in https://github.com/swaywm/sway/pull/1519 | |||
2018-04-05 | Error handling in swaylock daemonize() | Drew DeVault | |
Fixes #1741 | |||
2018-04-04 | Address review feedback from @emersion | Drew DeVault | |
2018-04-04 | exit() needs stdlib.h | Drew DeVault | |
inb4 acrisci | |||
2018-04-04 | Import stdlib.h and define POSIX macro for rand() | Drew DeVault | |
2018-04-04 | Move extra roundtrip into password.c | Drew DeVault | |
2018-04-04 | Add hidpi support to swaylock | Drew DeVault | |
2018-04-04 | Implement input-inhibit in sway, swaylock | Drew DeVault | |
2018-04-04 | Actually let's not do that TODO | Drew DeVault | |
2018-04-04 | R E N D E R I N G | Drew DeVault | |
2018-04-04 | Verify passwords | Drew DeVault | |
2018-04-04 | Add password buffer, refactor rendering/surfaces | Drew DeVault | |