[epiphany/wip/sandbox: 19/20] embed-shell: use a unix:dir address for the D-Bus server

[Michael Catanzaro <mcatanzaro src gnome org>]

commit 8d768e0c159da29d3677f5920bae347c8ed597f8
Author: Michael Catanzaro <mcatanzaro igalia com>
Date:   Wed Jun 12 16:30:19 2019 -0500

    embed-shell: use a unix:dir address for the D-Bus server
    
    This will allow sandboxed web processes to connect to the D-Bus server.
    
    Depends on glib!911

 embed/ephy-embed-shell.c | 8 ++++++--
 meson.build              | 2 +-
 2 files changed, 7 insertions(+), 3 deletions(-)
---
diff --git a/embed/ephy-embed-shell.c b/embed/ephy-embed-shell.c
index 0b1b91c99..ad0b7a274 100644
--- a/embed/ephy-embed-shell.c
+++ b/embed/ephy-embed-shell.c
@@ -1032,7 +1032,11 @@ ephy_embed_shell_setup_web_process_extensions_server (EphyEmbedShell *shell)
   g_autofree char *address = NULL;
   g_autoptr(GError) error = NULL;
 
-  address = g_strdup_printf ("unix:tmpdir=%s", g_get_tmp_dir ());
+  /* Due to the bubblewrap sandbox, we cannot use any abstract sockets here.
+   * This means that unix:tmpdir= or unix:abstract= addresses will not work.
+   * Using unix:dir= guarantees that abstract sockets won't be used.
+   */
+  address = g_strdup_printf ("unix:dir=%s", ephy_file_tmp_dir ());
 
   observer = g_dbus_auth_observer_new ();
 
@@ -1052,7 +1056,7 @@ ephy_embed_shell_setup_web_process_extensions_server (EphyEmbedShell *shell)
                                               &error);
 
   if (error) {
-    g_warning ("Failed to start web process extension server on %s: %s", address, error->message);
+    g_warning ("Failed to start embed shell D-Bus server on %s: %s", address, error->message);
     return;
   }
 
diff --git a/meson.build b/meson.build
index 2a54c6c7a..27fa538d2 100644
--- a/meson.build
+++ b/meson.build
@@ -73,7 +73,7 @@ config_h = declare_dependency(
   )
 )
 
-glib_requirement = '>= 2.56.0'
+glib_requirement = '>= 2.61.2'
 gtk_requirement = '>= 3.24.0'
 nettle_requirement = '>= 3.4'
 webkitgtk_requirement = '>= 2.25.1'