From 906c0766df2fec4bd32c316fd1b0d46fded5fc84 Mon Sep 17 00:00:00 2001
From: Scott Anderson <scott@anderso.nz>
Date: Tue, 28 Apr 2020 20:44:05 +1200
Subject: Remove libcap support

This is simply a false sense of security, and is worse than just using
setuid. CAP_SYS_ADMIN is an extremely serious capability that is
effectively as powerful as root.

It also required users to be in the input group, which allows any
process to keylog the entire system.
---
 meson_options.txt | 1 -
 1 file changed, 1 deletion(-)

(limited to 'meson_options.txt')

diff --git a/meson_options.txt b/meson_options.txt
index ae6f5c0b..894113e7 100644
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -1,4 +1,3 @@
-option('libcap', type: 'feature', value: 'auto', description: 'Enable support for rootless session via capabilities (cap_sys_admin)')
 option('logind', type: 'feature', value: 'auto', description: 'Enable support for rootless session via logind')
 option('logind-provider', type: 'combo', choices: ['auto', 'systemd', 'elogind'], value: 'auto', description: 'Provider of logind support library')
 option('xcb-errors', type: 'feature', value: 'auto', description: 'Use xcb-errors util library')
-- 
cgit v1.2.3