From b19ee1a7e39cf7fb4acd6ecaa15b2e55830cc1ad Mon Sep 17 00:00:00 2001 From: Sebastian Wick Date: Thu, 6 Jul 2023 20:10:38 +0200 Subject: security-context-v1: Document out of band metadata for flatpak and specify when the invalid_metadata error will be sent. Signed-off-by: Sebastian Wick --- staging/security-context/engines.md | 6 +++++- staging/security-context/security-context-v1.xml | 5 +++++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/staging/security-context/engines.md b/staging/security-context/engines.md index dc5452a..3a7d13f 100644 --- a/staging/security-context/engines.md +++ b/staging/security-context/engines.md @@ -1,7 +1,8 @@ # security-context-v1 engines This document describes how some specific engine implementations populate the -metadata in security-context-v1. +metadata in security-context-v1 and provide further metadata with out of band +mechanisms. ## [Flatpak] @@ -11,4 +12,7 @@ metadata in security-context-v1. * `instance_id` is the Flatpak instance ID of the running sandbox. It is always set. +More metadata is stored in `$XDG_RUNTIME_DIR/.flatpak/$instance_id/info`. This +file will be readable when `wp_security_context_v1.commit` is called. + [Flatpak]: https://flatpak.org/ diff --git a/staging/security-context/security-context-v1.xml b/staging/security-context/security-context-v1.xml index c5de6cb..e38d009 100644 --- a/staging/security-context/security-context-v1.xml +++ b/staging/security-context/security-context-v1.xml @@ -163,6 +163,11 @@ Atomically register the new client and attach the security context metadata. + If the provided metadata is inconsistent or does not match with out of + band metadata (see + https://gitlab.freedesktop.org/wayland/wayland-protocols/-/blob/main/staging/security-context/engines.md), + the invalid_metadata error may be sent eventually. + It's a protocol error to send any request other than "destroy" after this request. In this case, the already_used error is sent. -- cgit v1.2.3