fix: audit fixes — D-Bus sender validation, fp lifecycle, multi-monitor caching (v0.6.0)
Close the only exploitable auth bypass: validate VerifyStatus signal sender against fprintd's unique bus name. Fix fingerprint D-Bus lifecycle so devices are properly released on verify-match and async restarts check the running flag between awaits. Security: num_msg guard in PAM callback, symlink rejection for background_path, peek icon disabled, TOML parse errors logged, panic hook before logging. Performance: blur and avatar textures cached across monitors, release profile with LTO/strip.
This commit is contained in:
+21
-6
@@ -86,6 +86,10 @@ fn activate_with_session_lock(
|
||||
app_clone.quit();
|
||||
});
|
||||
|
||||
// Shared caches for multi-monitor — first monitor renders, rest reuse
|
||||
let blur_cache: Rc<RefCell<Option<gdk::Texture>>> = Rc::new(RefCell::new(None));
|
||||
let avatar_cache: Rc<RefCell<Option<gdk::Texture>>> = Rc::new(RefCell::new(None));
|
||||
|
||||
// Create all monitor windows immediately — no D-Bus calls here
|
||||
let mut all_handles = Vec::new();
|
||||
let mut created_any = false;
|
||||
@@ -99,6 +103,8 @@ fn activate_with_session_lock(
|
||||
config,
|
||||
app,
|
||||
unlock_callback.clone(),
|
||||
&blur_cache,
|
||||
&avatar_cache,
|
||||
);
|
||||
lock.assign_window_to_monitor(&handles.window, &monitor);
|
||||
handles.window.present();
|
||||
@@ -160,11 +166,15 @@ fn activate_without_lock(
|
||||
app_clone.quit();
|
||||
});
|
||||
|
||||
let blur_cache = Rc::new(RefCell::new(None));
|
||||
let avatar_cache = Rc::new(RefCell::new(None));
|
||||
let handles = lockscreen::create_lockscreen_window(
|
||||
bg_texture,
|
||||
config,
|
||||
app,
|
||||
unlock_callback,
|
||||
&blur_cache,
|
||||
&avatar_cache,
|
||||
);
|
||||
handles.window.set_default_size(800, 600);
|
||||
handles.window.present();
|
||||
@@ -176,10 +186,16 @@ fn activate_without_lock(
|
||||
}
|
||||
|
||||
fn setup_logging() {
|
||||
systemd_journal_logger::JournalLog::new()
|
||||
.unwrap()
|
||||
.install()
|
||||
.unwrap();
|
||||
match systemd_journal_logger::JournalLog::new() {
|
||||
Ok(logger) => {
|
||||
if let Err(e) = logger.install() {
|
||||
eprintln!("Failed to install journal logger: {e}");
|
||||
}
|
||||
}
|
||||
Err(e) => {
|
||||
eprintln!("Failed to create journal logger: {e}");
|
||||
}
|
||||
}
|
||||
log::set_max_level(log::LevelFilter::Info);
|
||||
}
|
||||
|
||||
@@ -195,6 +211,7 @@ fn install_panic_hook() {
|
||||
}
|
||||
|
||||
fn main() {
|
||||
install_panic_hook();
|
||||
setup_logging();
|
||||
|
||||
// Root check — moonlock should not run as root
|
||||
@@ -202,8 +219,6 @@ fn main() {
|
||||
log::error!("Moonlock should not run as root");
|
||||
std::process::exit(1);
|
||||
}
|
||||
|
||||
install_panic_hook();
|
||||
log::info!("Moonlock starting");
|
||||
|
||||
// Register compiled GResources
|
||||
|
||||
Reference in New Issue
Block a user