[gnome-shell] main: Warn when unsafe mode is toggled

From: Marge Bot <marge-bot src gnome org>
To: commits-list gnome org
Cc:
Subject: [gnome-shell] main: Warn when unsafe mode is toggled
Date: Fri, 26 Nov 2021 16:19:13 +0000 (UTC)

commit aba0d0bb1ba4cfd1e55c1f96fc806917b843305f
Author: Florian Müllner <fmuellner gnome org>
Date:   Tue Nov 23 20:19:14 2021 +0100

    main: Warn when unsafe mode is toggled
    
    MetaContext:unsafe-mode was added as a debugging tool to temporarily
    remove restrictions on privileged APIs. But as it turns out, there
    are now extensions that toggle the property permanently. Right now
    none of them are malicious (as far as I can see), but it's still a
    bad idea and should be discouraged.
    
    Do this with a notification that warns the user when unsafe mode is
    enabled non-interactively (i.e. via looking glass), and hopefully
    also clarifies what the weird lock icon in the top bar is about.
    
    https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/4798
    
    Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/2050>

 js/ui/main.js | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
---
diff --git a/js/ui/main.js b/js/ui/main.js
index c7bac11f25..ab97c6cc37 100644
--- a/js/ui/main.js
+++ b/js/ui/main.js
@@ -247,6 +247,23 @@ function _initializeUI() {
 
     global.display.connect('gl-video-memory-purged', loadTheme);
 
+    global.context.connect('notify::unsafe-mode', () => {
+        if (!global.context.unsafe_mode)
+            return; // we're safe
+        if (lookingGlass?.isOpen)
+            return; // assume user action
+
+        const source = new MessageTray.SystemNotificationSource();
+        messageTray.add(source);
+        const notification = new MessageTray.Notification(source,
+            _('System was put in unsafe mode'),
+            _('Applications now have unrestricted access'));
+        notification.addAction(_('Undo'),
+            () => (global.context.unsafe_mode = false));
+        notification.setTransient(true);
+        source.showNotification(notification);
+    });
+
     // Provide the bus object for gnome-session to
     // initiate logouts.
     EndSessionDialog.init();

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]