[gnome-session/benzea/systemd-issue-36] autostart-app: Strip blacklisted variables from autostart environment

From: Benjamin Berg <bberg src gnome org>
To: commits-list gnome org
Cc:
Subject: [gnome-session/benzea/systemd-issue-36] autostart-app: Strip blacklisted variables from autostart environment
Date: Tue, 8 Oct 2019 08:56:45 +0000 (UTC)

commit d20ff917ca4b771f87f61818f3235b2a2fdf5f1f
Author: Benjamin Berg <bberg redhat com>
Date:   Mon Oct 7 22:47:24 2019 +0200

    autostart-app: Strip blacklisted variables from autostart environment
    
    So far the blacklisted variables were not actively striped from the
    environment of XDG autostart applications. Update the code to explicitly
    unset the variables, preventing e.g. NOTIFY_SOCKET to be leaked to
    children.
    
    Fixes: #36

 gnome-session/gsm-autostart-app.c | 4 ++++
 gnome-session/gsm-util.c          | 8 ++++----
 gnome-session/gsm-util.h          | 2 ++
 3 files changed, 10 insertions(+), 4 deletions(-)
---
diff --git a/gnome-session/gsm-autostart-app.c b/gnome-session/gsm-autostart-app.c
index 01ba5f9a..c6b2d747 100644
--- a/gnome-session/gsm-autostart-app.c
+++ b/gnome-session/gsm-autostart-app.c
@@ -1013,6 +1013,10 @@ autostart_app_start_spawn (GsmAutostartApp *app,
         local_error = NULL;
         ctx = g_app_launch_context_new ();
 
+        /* Unset environment variables that are on the blacklist. */
+        for (i = 0; gsm_variable_blacklist[i] != NULL; i++)
+                g_app_launch_context_unsetenv (ctx, gsm_variable_blacklist[i]);
+
         child_environment = gsm_util_listenv ();
         for (i = 0; child_environment[i] != NULL; i++) {
                 char **environment_tuple;
diff --git a/gnome-session/gsm-util.c b/gnome-session/gsm-util.c
index ada12253..29bf51e0 100644
--- a/gnome-session/gsm-util.c
+++ b/gnome-session/gsm-util.c
@@ -41,7 +41,7 @@ static gchar **child_environment;
  * (e.g. XDG_VTNR), others because they simply must never be passed on
  * (NOTIFY_SOCKET).
  */
-static const char * const variable_blacklist[] = {
+const char * const gsm_variable_blacklist[] = {
     "NOTIFY_SOCKET",
     "XDG_SEAT",
     "XDG_SESSION_ID",
@@ -564,7 +564,7 @@ gsm_util_export_activation_environment (GError     **error)
                 const char *entry_name = entry_names[i];
                 const char *entry_value = g_getenv (entry_name);
 
-                if (g_strv_contains (variable_blacklist, entry_name))
+                if (g_strv_contains (gsm_variable_blacklist, entry_name))
                     continue;
 
                 if (!g_utf8_validate (entry_name, -1, NULL))
@@ -640,8 +640,8 @@ gsm_util_export_user_environment (GError     **error)
 
         entries = g_get_environ ();
 
-        for (i = 0; variable_blacklist[i] != NULL; i++)
-                entries = g_environ_unsetenv (entries, variable_blacklist[i]);
+        for (i = 0; gsm_variable_blacklist[i] != NULL; i++)
+                entries = g_environ_unsetenv (entries, gsm_variable_blacklist[i]);
 
         g_variant_builder_init (&builder, G_VARIANT_TYPE ("(asas)"));
 
diff --git a/gnome-session/gsm-util.h b/gnome-session/gsm-util.h
index 8bca5f4d..aad9e451 100644
--- a/gnome-session/gsm-util.h
+++ b/gnome-session/gsm-util.h
@@ -61,6 +61,8 @@ gboolean    gsm_util_start_systemd_unit             (const char  *unit,
 
 void        gsm_quit                                (void);
 
+extern const char * const gsm_variable_blacklist[];
+
 G_END_DECLS
 
 #endif /* __GSM_UTIL_H__ */

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]