From ce6a6e593310d42f7aecddb88d98e759f22ab6db Mon Sep 17 00:00:00 2001 From: Simon McVittie Date: Tue, 12 Jan 2021 12:25:59 +0000 Subject: [PATCH] portal: Convert --env in extra-args into --env-fd This hides overridden variables from the command-line, which means processes running under other uids can't see them in /proc/*/cmdline, which might be important if they contain secrets. Signed-off-by: Simon McVittie Part-of: https://github.com/flatpak/flatpak/security/advisories/GHSA-4ppf-fxf6-vxg2 --- portal/Makefile.am.inc | 4 ++- portal/flatpak-portal.c | 65 ++++++++++++++++++++++++++++++++++++++++- 2 files changed, 67 insertions(+), 2 deletions(-) diff --git a/portal/Makefile.am.inc b/portal/Makefile.am.inc index dc45969..e5e57ba 100644 --- a/portal/Makefile.am.inc +++ b/portal/Makefile.am.inc @@ -46,6 +46,8 @@ flatpak_portal_SOURCES = \ portal/portal-impl.h \ common/flatpak-portal-error.c \ common/flatpak-portal-error.h \ + common/flatpak-utils-memfd.c \ + common/flatpak-utils-memfd-private.h \ $(NULL) BUILT_SOURCES += $(nodist_flatpak_portal_SOURCES) diff --git a/portal/flatpak-portal.c b/portal/flatpak-portal.c index 7887c57..40a8ce7 100644 --- a/portal/flatpak-portal.c +++ b/portal/flatpak-portal.c @@ -46,6 +46,14 @@ #include "flatpak-instance-private.h" #include "flatpak-portal-app-info.h" #include "flatpak-portal-error.h" +#include "flatpak-utils-memfd-private.h" + +/* Syntactic sugar added in newer GLib, which makes the error paths more + * clearly correct */ +#ifndef G_DBUS_METHOD_INVOCATION_HANDLED +# define G_DBUS_METHOD_INVOCATION_HANDLED TRUE +# define G_DBUS_METHOD_INVOCATION_UNHANDLED FALSE +#endif #include "flatpak-utils-base-private.h" #include "portal-impl.h" #include "flatpak-permission-dbus.h"