9a5b09cd7f
- save_restore_token: use create_new(true) + mode(0o600) for exclusive atomic file creation, preventing symlink attacks and predictable temp file exploitation - token_path: return Option, eliminate insecure /tmp fallback - load_restore_token: reject insecure files (symlinks, wrong owner, group/world-readable permissions) - Directory creation uses DirBuilderExt::mode(0o700) bypassing umask - Added verify_secure_dir and ensure_secure_parent with full metadata validation (owner, permissions, symlink rejection) - Added 11 regression tests covering all security scenarios
34 lines
978 B
TOML
34 lines
978 B
TOML
[package]
|
|
name = "wl-webrtc"
|
|
version = "0.1.0"
|
|
edition = "2021"
|
|
description = "Wayland screen capture and encoding tool"
|
|
|
|
[dependencies]
|
|
wayland-client = "0.31"
|
|
wayland-protocols = { version = "0.32", features = ["client", "unstable"] }
|
|
wayland-protocols-wlr = { version = "0.3", features = ["client"] }
|
|
ffmpeg-next = "8"
|
|
mio = { version = "1.0", features = ["os-poll", "os-ext"] }
|
|
signal-hook = "0.3"
|
|
signal-hook-mio = { version = "0.2", features = ["support-v1_0"] }
|
|
clap = { version = "4", features = ["derive"] }
|
|
tracing = "0.1"
|
|
tracing-subscriber = "0.3"
|
|
anyhow = "1"
|
|
drm = "0.12"
|
|
drm-fourcc = "2"
|
|
libc = "0.2"
|
|
ashpd = { version = "0.13", features = ["tokio", "screencast"] }
|
|
zbus = { version = "5", default-features = false, features = ["tokio"] }
|
|
tokio = { version = "1", features = ["rt"] }
|
|
pipewire = { version = "0.9", features = ["v0_3_45"] }
|
|
libspa = "0.9"
|
|
crossbeam-channel = "0.5"
|
|
str0m = "0.20"
|
|
serde_json = "1"
|
|
dirs = "6"
|
|
|
|
[dev-dependencies]
|
|
tempfile = "3.27.0"
|