[webkit-changes] [WebKit/WebKit] 79f413: [GLib] D-Bus proxy quietly fails if host session b...
Michael Catanzaro
noreply at github.com
Thu Oct 6 08:03:34 PDT 2022
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 79f41316d99e6496904950be78a0015503385ec2
https://github.com/WebKit/WebKit/commit/79f41316d99e6496904950be78a0015503385ec2
Author: Michael Catanzaro <mcatanzaro at redhat.com>
Date: 2022-10-06 (Thu, 06 Oct 2022)
Changed paths:
M Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp
M Source/WebKit/UIProcess/Launcher/glib/XDGDBusProxy.cpp
M Source/WebKit/UIProcess/Launcher/glib/XDGDBusProxy.h
Log Message:
-----------
[GLib] D-Bus proxy quietly fails if host session bus address is an abstract socket
https://bugs.webkit.org/show_bug.cgi?id=245843
Reviewed by Carlos Garcia Campos.
Nowadays all major Linux distros run the D-Bus session bus using a
standard Unix socket created on the filesystem, but distros that do not
use systemd still wind up using dbus-daemon's default session bus
address, which up until now has used the abstract socket namespace.
Our code here is only compatible with filesystem sockets since it
attempts to create the proxy bus socket in the sandbox at exactly the
same location within the sandbox that the real session bus socket exists
on the host system. If the host session bus uses an abstract socket, our
code just fails. There's no particular reason to do things this way, so
let's not. Instead, we'll always create the proxy bus socket in a
well-known location within the sandbox, /run/webkitgtk/bus or
/run/wpe/bus. This matches flatpak's behavior and should allow things to
work regardless.
The accessibility bus requires the same changes.
Note there are major security problems if the host session bus uses an
abstract socket. See https://gitlab.freedesktop.org/dbus/dbus/-/issues/416
for full details. While this configuration is not recommended, it's
usually safe for WebKit because our sandbox does not allow network access
(unless using a non-local X server, which is inherently insecure anyway).
* Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp:
(WebKit::bindDBusSession):
(WebKit::bindA11y):
* Source/WebKit/UIProcess/Launcher/glib/XDGDBusProxy.cpp:
(WebKit::XDGDBusProxy::dbusSessionPath):
(WebKit::XDGDBusProxy::accessibilityPath):
(WebKit::XDGDBusProxy::dbusSessionProxy):
(WebKit::XDGDBusProxy::accessibilityProxy):
(WebKit::XDGDBusProxy::makePath): Deleted.
* Source/WebKit/UIProcess/Launcher/glib/XDGDBusProxy.h:
Canonical link: https://commits.webkit.org/255218@main
More information about the webkit-changes
mailing list