Add patch to strip blacklisted variables from autostart applications environment

https://gitlab.gnome.org/GNOME/gnome-session/merge_requests/27
2019-10-08 16:35:52 +02:00 · 2019-10-08 16:35:52 +02:00 · 656c556d76
commit 656c556d76
parent 3fcbe36109
2 changed files with 77 additions and 1 deletions
--- a/0001-autostart-app-Strip-blacklisted-variables-from-autos.patch
+++ b/0001-autostart-app-Strip-blacklisted-variables-from-autos.patch
@ -0,0 +1,70 @@
 From 60e619b8a2cacc7b844fe6f0e206c895de68f890 Mon Sep 17 00:00:00 2001
 From: Benjamin Berg <bberg@redhat.com>
 Date: Mon, 7 Oct 2019 22:47:24 +0200
 Subject: [PATCH] autostart-app: Strip blacklisted variables from autostart
 environment
 So far the blacklisted variables were not actively striped from the
 environment of XDG autostart applications. Update the code to explicitly
 unset the variables, preventing e.g. NOTIFY_SOCKET to be leaked to
 children.
 Fixes: #36
 ---
 gnome-session/gsm-autostart-app.c | 5 +++++
 gnome-session/gsm-util.c          | 6 ++++++
 gnome-session/gsm-util.h          | 1 +
 3 files changed, 12 insertions(+)
 diff --git a/gnome-session/gsm-autostart-app.c b/gnome-session/gsm-autostart-app.c
 index 01ba5f9a..6fd5915a 100644
 --- a/gnome-session/gsm-autostart-app.c
 +++ b/gnome-session/gsm-autostart-app.c
@@ -997,6 +997,7 @@ autostart_app_start_spawn (GsmAutostartApp *app,
         gboolean         success;
         GError          *local_error;
         const char      *startup_id;
 +        const char * const *variable_blacklist;
         const char * const *child_environment;
         int i;
         GAppLaunchContext *ctx;
@@ -1013,6 +1014,10 @@ autostart_app_start_spawn (GsmAutostartApp *app,
         local_error = NULL;
         ctx = g_app_launch_context_new ();
 +        variable_blacklist = gsm_util_get_variable_blacklist ();
 +        for (i = 0; variable_blacklist[i] != NULL; i++)
 +                g_app_launch_context_unsetenv (ctx, variable_blacklist[i]);
 +
         child_environment = gsm_util_listenv ();
         for (i = 0; child_environment[i] != NULL; i++) {
                 char **environment_tuple;
 diff --git a/gnome-session/gsm-util.c b/gnome-session/gsm-util.c
 index ada12253..02bc4a57 100644
 --- a/gnome-session/gsm-util.c
 +++ b/gnome-session/gsm-util.c
@@ -808,3 +808,9 @@ gsm_util_listenv (void)
         return (const char * const *) child_environment;
 }
 +
 +const char * const *
 +gsm_util_get_variable_blacklist (void)
 +{
 +        return variable_blacklist;
 +}
 diff --git a/gnome-session/gsm-util.h b/gnome-session/gsm-util.h
 index 8bca5f4d..bd7b6986 100644
 --- a/gnome-session/gsm-util.h
 +++ b/gnome-session/gsm-util.h
@@ -50,6 +50,7 @@ char *      gsm_util_generate_startup_id            (void);
 void        gsm_util_setenv                         (const char *variable,
                                                      const char *value);
 const char * const * gsm_util_listenv               (void);
 +const char * const * gsm_util_get_variable_blacklist(void);
 gboolean    gsm_util_export_activation_environment  (GError     **error);
 #ifdef HAVE_SYSTEMD
 -- 
 2.23.0
--- a/gnome-session.spec
+++ b/gnome-session.spec
@ -9,7 +9,7 @@
 Name: gnome-session
 Version: 3.34.1
-Release: 1%{?dist}
+Release: 2%{?dist}
 Summary: GNOME session manager
 License: GPLv2+
@ -26,6 +26,8 @@ Patch4: 0001-check-accelerated-gles-Use-eglGetPlatformDisplay-EXT.patch
 Patch5: 0001-Add-support-for-new-ConfirmedRebootToBootOptions-sig.patch
 Patch6: 0002-Fedora-Set-grub-boot-flags-on-shutdown-reboot.patch
 Patch10: 0001-autostart-app-Strip-blacklisted-variables-from-autos.patch
 BuildRequires: meson
 BuildRequires: gcc
 BuildRequires: pkgconfig(egl)
@ -129,6 +131,10 @@ Desktop file to add GNOME on wayland to display manager session menu.
 %{_userunitdir}/gnome-session*
 %changelog
 * Tue Oct 08 2019 Benjamin Berg <bberg@redhat.com> - 3.34.1-2
 - Add patch to strip blacklisted variables from autostart applications environment
  https://gitlab.gnome.org/GNOME/gnome-session/merge_requests/27
 * Mon Oct 07 2019 Kalev Lember <klember@redhat.com> - 3.34.1-1
 - Update to 3.34.1