[glib: 5/10] gdesktopappinfo: Don't trust $GIO_LAUNCH_DESKTOP if setuid

[Philip Withnall <pwithnall src gnome org>]

commit 8157668eacd69312cfa954218a6362e897450bf1
Author: Simon McVittie <smcv collabora com>
Date:   Thu Jul 14 16:43:57 2022 +0100

    gdesktopappinfo: Don't trust $GIO_LAUNCH_DESKTOP if setuid
    
    gio-launch-desktop was removed before checking GIO for potentially
    unsafe environment variable references, so reverting its removal brought
    this one back. If a setuid program is using GAppInfo then something is
    probably already horribly wrong, but let's be careful anyway.
    
    Signed-off-by: Simon McVittie <smcv collabora com>

 gio/gdesktopappinfo.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)
---
diff --git a/gio/gdesktopappinfo.c b/gio/gdesktopappinfo.c
index 20cf2af8cc..4813425aca 100644
--- a/gio/gdesktopappinfo.c
+++ b/gio/gdesktopappinfo.c
@@ -51,6 +51,7 @@
 #include "gfileicon.h"
 #include <glib/gstdio.h>
 #include "glibintl.h"
+#include "glib-private.h"
 #include "giomodule-priv.h"
 #include "gappinfo.h"
 #include "gappinfoprivate.h"
@@ -2918,10 +2919,12 @@ g_desktop_app_info_launch_uris_with_spawn (GDesktopAppInfo            *info,
 
       if (g_once_init_enter (&gio_launch_desktop_path))
         {
-          const gchar *tmp;
+          const gchar *tmp = NULL;
+          gboolean is_setuid = GLIB_PRIVATE_CALL (g_check_setuid) ();
 
           /* Allow test suite to specify path to gio-launch-desktop */
-          tmp = g_getenv ("GIO_LAUNCH_DESKTOP");
+          if (!is_setuid)
+            tmp = g_getenv ("GIO_LAUNCH_DESKTOP");
 
           /* Fall back on usual searching in $PATH */
           if (tmp == NULL)