Wayland security contexts demo

general high-level discussion about spectrum
 help / color / mirror / Atom feed

From: Alyssa Ross <hi@alyssa.is>
To: discuss@spectrum-os.org
Cc: Puck Meerburg <puck@puckipedia.com>
Subject: Wayland security contexts demo
Date: Mon, 03 Oct 2022 09:14:54 +0000	[thread overview]
Message-ID: <87czb9tgj5.fsf@alyssa.is> (raw)

[-- Attachment #1: Type: text/plain, Size: 1302 bytes --]

Puck has created a video demonstrating the work she's been doing with
the in-development Wayland security-context protocol [1], which allows a
Wayland compositor to distinguish between applications running in
different sandboxes (e.g. in different VMs).

The video is available at

	https://diode.zone/w/2n3kKNNjXFkSWUwyjT3hgt

Or alternatively,

	magnet:?xt=urn:btih:f340dfd391be0cabbb0638eb8af6659214c5d821&dn=puck%27s%20video%20720p.mp4&tr=https%3A%2F%2Fdiode.zone%2Ftracker%2Fannounce&ws=https%3A%2F%2Fdiode.zone%2Fstatic%2Fstreaming-playlists%2Fhls%2F0b093345-a100-4051-b4c3-37292af48c81%2F176adb94-167a-4cb7-b954-a09b301c4d80-720-fragmented.mp4

As part of this work, she updated the draft wlroots and Sway
implementations to support the latest proposed version of the protocol,
exposed the security context information to Sway configuration hooks,
and created a draft crosvm implementation of exposing security context
information to the compositor.

There's some more information in Puck's post to the Spectrum development
mailing list. [2]

Thanks to NLnet and NGI Zero for funding this project.

[1]: https://gitlab.freedesktop.org/wayland/wayland-protocols/-/merge_requests/68
[2]: https://spectrum-os.org/lists/archives/spectrum-devel/5cf20f6f-9d89-4cf9-9154-6dd3c9310c06@app.fastmail.com/

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 832 bytes --]

                 reply	other threads:[~2022-10-03  9:36 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87czb9tgj5.fsf@alyssa.is \
    --to=hi@alyssa.is \
    --cc=discuss@spectrum-os.org \
    --cc=puck@puckipedia.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).