This will cause most applications to disallow changing the file and also
add some visual indication about the view being read only. This will
avoid making the changes that would be discarded later.
QubesOS/qubes-issues#1118
Implement option to disallow (ignore in fact) modifications of file
opened in another VM (including DispVM).
This commit implements actual services part and handling in wrapping scripts.
FixesQubesOS/qubes-issues#1118
That one would also send more data to the other VM that what we
intended: the start of the env var data (which in similar code
on my host includes the GPG agent socket path, XDG session cookie,
and more.
The other side expects a fixed size though, so pad with NULs.
Interestingly, the original code was not vulnerable as it was
callocing enough space.
