X11, Wayland: only give access to the current display, not all of them
authorRalf Jung <post@ralfj.de>
Mon, 15 Apr 2024 14:09:16 +0000 (16:09 +0200)
committerRalf Jung <post@ralfj.de>
Mon, 15 Apr 2024 14:14:17 +0000 (16:14 +0200)
profiles.py

index 69445f444f91110597c9614724ed8c9fb589bcc3..18c3116517f828a71b8e2d8ecf0d477bcb775d9b 100644 (file)
@@ -42,10 +42,12 @@ def DESKTOP(name):
       "dev": {
         ("dri", "snd"): Access.Device,
       },
       "dev": {
         ("dri", "snd"): Access.Device,
       },
-      "/tmp/.X11-unix/": Access.Read,
+      "/tmp/.X11-unix/": {
+        "X"+os.environ["DISPLAY"].removeprefix(":"): Access.Read,
+      },
       os.environ["XAUTHORITY"]: Access.Read,
       XDG_RUNTIME_DIR: {
       os.environ["XAUTHORITY"]: Access.Read,
       XDG_RUNTIME_DIR: {
-        ("wayland*", "pulse"): Access.Read,
+        (os.environ["WAYLAND_DISPLAY"], "pulse"): Access.Read,
       },
     }),
     # Access to some key user configuration
       },
     }),
     # Access to some key user configuration