On Fri, 29 Jun 2018 10:46:16 +0200 Markus Ongyerth <[email protected]> wrote:
> Urgh, of course I forget to mention something when I write mails. > > This is current RFC quality, not actual patch. Should this be something > people > are interested in, I think it should live mostly in connection.c and be > supported by both -server and -client libraries. > > I'm also not sure whether the supplied whitelist approach is the best way to > go, or this should be a blacklist in practice. > > On 2018/6月/29 10:43, [email protected] wrote: > > From: Markus Ongyerth <[email protected]> > > > > Add environment variable WAYLAND_DEBUG_INTERFACES for filtering the > > output of WAYLAND_DEBUG logs. > > While WAYLAND_DEBUG is a pretty powerful and useful debug tool, printing > > everything has a few downsides. > > > > 1) It's a full keylogger (getting debug-logs from users) > > 2) It can be overly spammy with wl_buffer/wl_surface actions (e.g. when > > playing a video)) > > > > With this addition it's possible to supply another environment > > variable, to filter on the interfaces one is interested in. > > E.g. when interested in the behaviour of xdg-shell popups the filter could > > be > > WAYLAND_DEBUG_INTERFACES=xdg_positioner,xdg_surface,xdg_popup > > greatly improving SNR on the output and hiding potentially sensitive > > information such as keystrokes. > > --- > > src/wayland-client.c | 85 +++++++++++++++++++++++++++++++++++++++++--- > > 1 file changed, 81 insertions(+), 4 deletions(-) Hi, I'm not fond of this. Whether it is a white-list or a black-list, it will be hard to use. You cannot be sure which interfaces will actually be interesting, which is likely to result in asking the user to trace multiple times trying to get the filter right. There might be interfaces you didn't know of existing. It is much better to capture everything and filter while you analyze the dump. For example, you almost always need wl_surface messages, because so many things get latched in on wl_surface.commit. I'm not concerned about the keylogger aspect much. Presumably most use cases are relatively fast to reproduce so the user can simply avoid inputting anything sensitive, knowing that e.g. key presses will be logged (the developer asking for a log should note this if there is any danger of leaking sensitive data). libwayland also does not understand the interfaces, so any kind of more intelligent analysis must be done with other tools. We do have middle-man protocol logger tools. If key logging is a concern, I would suggest to have a middle-man logger enhanced to censor the key codes in key events. Thanks, pq
pgp635NlhzXji.pgp
Description: OpenPGP digital signature
_______________________________________________ wayland-devel mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/wayland-devel
