[gnome-session/benzea/systemd-issue-36] autostart-app: Strip blacklisted variables from autostart environment
- From: Benjamin Berg <bberg src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gnome-session/benzea/systemd-issue-36] autostart-app: Strip blacklisted variables from autostart environment
- Date: Tue, 8 Oct 2019 08:57:30 +0000 (UTC)
commit 72a6278b68e54e77848e51291fbc5d1efb7088a7
Author: Benjamin Berg <bberg redhat com>
Date: Mon Oct 7 22:47:24 2019 +0200
autostart-app: Strip blacklisted variables from autostart environment
So far the blacklisted variables were not actively striped from the
environment of XDG autostart applications. Update the code to explicitly
unset the variables, preventing e.g. NOTIFY_SOCKET to be leaked to
children.
Fixes: #36
gnome-session/gsm-autostart-app.c | 3 +++
gnome-session/gsm-util.c | 8 ++++----
gnome-session/gsm-util.h | 2 ++
3 files changed, 9 insertions(+), 4 deletions(-)
---
diff --git a/gnome-session/gsm-autostart-app.c b/gnome-session/gsm-autostart-app.c
index 01ba5f9a..dd92bab3 100644
--- a/gnome-session/gsm-autostart-app.c
+++ b/gnome-session/gsm-autostart-app.c
@@ -1013,6 +1013,9 @@ autostart_app_start_spawn (GsmAutostartApp *app,
local_error = NULL;
ctx = g_app_launch_context_new ();
+ for (i = 0; gsm_variable_blacklist[i] != NULL; i++)
+ g_app_launch_context_unsetenv (ctx, gsm_variable_blacklist[i]);
+
child_environment = gsm_util_listenv ();
for (i = 0; child_environment[i] != NULL; i++) {
char **environment_tuple;
diff --git a/gnome-session/gsm-util.c b/gnome-session/gsm-util.c
index ada12253..29bf51e0 100644
--- a/gnome-session/gsm-util.c
+++ b/gnome-session/gsm-util.c
@@ -41,7 +41,7 @@ static gchar **child_environment;
* (e.g. XDG_VTNR), others because they simply must never be passed on
* (NOTIFY_SOCKET).
*/
-static const char * const variable_blacklist[] = {
+const char * const gsm_variable_blacklist[] = {
"NOTIFY_SOCKET",
"XDG_SEAT",
"XDG_SESSION_ID",
@@ -564,7 +564,7 @@ gsm_util_export_activation_environment (GError **error)
const char *entry_name = entry_names[i];
const char *entry_value = g_getenv (entry_name);
- if (g_strv_contains (variable_blacklist, entry_name))
+ if (g_strv_contains (gsm_variable_blacklist, entry_name))
continue;
if (!g_utf8_validate (entry_name, -1, NULL))
@@ -640,8 +640,8 @@ gsm_util_export_user_environment (GError **error)
entries = g_get_environ ();
- for (i = 0; variable_blacklist[i] != NULL; i++)
- entries = g_environ_unsetenv (entries, variable_blacklist[i]);
+ for (i = 0; gsm_variable_blacklist[i] != NULL; i++)
+ entries = g_environ_unsetenv (entries, gsm_variable_blacklist[i]);
g_variant_builder_init (&builder, G_VARIANT_TYPE ("(asas)"));
diff --git a/gnome-session/gsm-util.h b/gnome-session/gsm-util.h
index 8bca5f4d..aad9e451 100644
--- a/gnome-session/gsm-util.h
+++ b/gnome-session/gsm-util.h
@@ -61,6 +61,8 @@ gboolean gsm_util_start_systemd_unit (const char *unit,
void gsm_quit (void);
+extern const char * const gsm_variable_blacklist[];
+
G_END_DECLS
#endif /* __GSM_UTIL_H__ */
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
