As we're all aware by now, libfinite 0.7.0 added the gamepad api. This API for the most part works great.
There is a major security flaw in it however.
Right now, the on system implementation uses raw ioctl and read events to register input. To do this, processes need to act as a privileged users (root). Obviously, this is problematic as it's difficult to restrict what the program can do if they are in fact, running as root.
Addressing this is a major concern and we should ensure that this attack surface is properly addressed before the next minor libfinite release (0.8.0). The solution is likely to create an IPC service of some kind that can run as root and act as a middleman between unprevileged processes and their clients. This may also address the "inputWatcher" problem where input must be read on a seperate thread.
As we're all aware by now, libfinite 0.7.0 added the gamepad api. This API for the most part works great.
There is a major security flaw in it however.
Right now, the on system implementation uses raw ioctl and read events to register input. To do this, processes need to act as a privileged users (root). Obviously, this is problematic as it's difficult to restrict what the program can do if they are in fact, running as root.
Addressing this is a major concern and we should ensure that this attack surface is properly addressed before the next minor libfinite release (0.8.0). The solution is likely to create an IPC service of some kind that can run as root and act as a middleman between unprevileged processes and their clients. This may also address the "inputWatcher" problem where input must be read on a seperate thread.