Add patch to strip blacklisted variables from autostart applications environment

https://gitlab.gnome.org/GNOME/gnome-session/merge_requests/27

0001-autostart-app-Strip-blacklisted-variables-from-autos.patch

@@ -0,0 +1,70 @@
+From 60e619b8a2cacc7b844fe6f0e206c895de68f890 Mon Sep 17 00:00:00 2001
+From: Benjamin Berg <bberg@redhat.com>
+Date: Mon, 7 Oct 2019 22:47:24 +0200
+Subject: [PATCH] autostart-app: Strip blacklisted variables from autostart
+ environment
+
+So far the blacklisted variables were not actively striped from the
+environment of XDG autostart applications. Update the code to explicitly
+unset the variables, preventing e.g. NOTIFY_SOCKET to be leaked to
+children.
+
+Fixes: #36
+---
+ gnome-session/gsm-autostart-app.c | 5 +++++
+ gnome-session/gsm-util.c          | 6 ++++++
+ gnome-session/gsm-util.h          | 1 +
+ 3 files changed, 12 insertions(+)
+
+diff --git a/gnome-session/gsm-autostart-app.c b/gnome-session/gsm-autostart-app.c
+index 01ba5f9a..6fd5915a 100644
+--- a/gnome-session/gsm-autostart-app.c
++++ b/gnome-session/gsm-autostart-app.c
+@@ -997,6 +997,7 @@ autostart_app_start_spawn (GsmAutostartApp *app,
+         gboolean         success;
+         GError          *local_error;
+         const char      *startup_id;
++        const char * const *variable_blacklist;
+         const char * const *child_environment;
+         int i;
+         GAppLaunchContext *ctx;
+@@ -1013,6 +1014,10 @@ autostart_app_start_spawn (GsmAutostartApp *app,
+         local_error = NULL;
+         ctx = g_app_launch_context_new ();
+ 
++        variable_blacklist = gsm_util_get_variable_blacklist ();
++        for (i = 0; variable_blacklist[i] != NULL; i++)
++                g_app_launch_context_unsetenv (ctx, variable_blacklist[i]);
++
+         child_environment = gsm_util_listenv ();
+         for (i = 0; child_environment[i] != NULL; i++) {
+                 char **environment_tuple;
+diff --git a/gnome-session/gsm-util.c b/gnome-session/gsm-util.c
+index ada12253..02bc4a57 100644
+--- a/gnome-session/gsm-util.c
++++ b/gnome-session/gsm-util.c
+@@ -808,3 +808,9 @@ gsm_util_listenv (void)
+         return (const char * const *) child_environment;
+ 
+ }
++
++const char * const *
++gsm_util_get_variable_blacklist (void)
++{
++        return variable_blacklist;
++}
+diff --git a/gnome-session/gsm-util.h b/gnome-session/gsm-util.h
+index 8bca5f4d..bd7b6986 100644
+--- a/gnome-session/gsm-util.h
++++ b/gnome-session/gsm-util.h
+@@ -50,6 +50,7 @@ char *      gsm_util_generate_startup_id            (void);
+ void        gsm_util_setenv                         (const char *variable,
+                                                      const char *value);
+ const char * const * gsm_util_listenv               (void);
++const char * const * gsm_util_get_variable_blacklist(void);
+ 
+ gboolean    gsm_util_export_activation_environment  (GError     **error);
+ #ifdef HAVE_SYSTEMD
+-- 
+2.23.0
+

gnome-session.spec

@@ -9,7 +9,7 @@
 
 Name: gnome-session
 Version: 3.34.1
-Release: 1%{?dist}
+Release: 2%{?dist}
 Summary: GNOME session manager
 
 License: GPLv2+
@@ -26,6 +26,8 @@ Patch4: 0001-check-accelerated-gles-Use-eglGetPlatformDisplay-EXT.patch
 Patch5: 0001-Add-support-for-new-ConfirmedRebootToBootOptions-sig.patch
 Patch6: 0002-Fedora-Set-grub-boot-flags-on-shutdown-reboot.patch
 
+Patch10: 0001-autostart-app-Strip-blacklisted-variables-from-autos.patch
+
 BuildRequires: meson
 BuildRequires: gcc
 BuildRequires: pkgconfig(egl)
@@ -129,6 +131,10 @@ Desktop file to add GNOME on wayland to display manager session menu.
 %{_userunitdir}/gnome-session*
 
 %changelog
+* Tue Oct 08 2019 Benjamin Berg <bberg@redhat.com> - 3.34.1-2
+- Add patch to strip blacklisted variables from autostart applications environment
+  https://gitlab.gnome.org/GNOME/gnome-session/merge_requests/27
+
 * Mon Oct 07 2019 Kalev Lember <klember@redhat.com> - 3.34.1-1
 - Update to 3.34.1