From a3c07273ba5c1f786271655ebd47468b1a225e9c Mon Sep 17 00:00:00 2001 From: Johannes Lundberg Date: Tue, 11 Jul 2017 10:56:07 +0200 Subject: [PATCH] Add secucity config for FreeBSD. --- security.d/10-freebsd.in | 12 ++++++++++++ sway/CMakeLists.txt | 4 ++++ 2 files changed, 16 insertions(+) create mode 100644 security.d/10-freebsd.in diff --git a/security.d/10-freebsd.in b/security.d/10-freebsd.in new file mode 100644 index 00000000..de405f70 --- /dev/null +++ b/security.d/10-freebsd.in @@ -0,0 +1,12 @@ +# sway security rules +# +# FreeBSD does not support getting client PID from server side +# so we can not know the path to the client's binary. +# +# The solution for now is to be permissive and allow all +# features by default for any client. + +# Configures enabled compositor features for specific programs +permit * fullscreen keyboard mouse background screenshot panel lock + + diff --git a/sway/CMakeLists.txt b/sway/CMakeLists.txt index bf0b2e7f..61c22b84 100644 --- a/sway/CMakeLists.txt +++ b/sway/CMakeLists.txt @@ -93,6 +93,10 @@ endfunction() add_config(config config sway) add_config(00-defaults security.d/00-defaults sway/security.d) +if (CMAKE_SYSTEM_NAME STREQUAL FreeBSD) + add_config(10-freebsd security.d/10-freebsd sway/security.d) +endif (CMAKE_SYSTEM_NAME STREQUAL FreeBSD) + if (A2X_FOUND) add_manpage(sway 1) add_manpage(sway 5)