[Webkit-unassigned] [Bug 194370] New: [WPE][GTK] Unsafe setenv use in WebProcessPool::platformInitialize
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Feb 6 18:54:06 PST 2019
https://bugs.webkit.org/show_bug.cgi?id=194370
Bug ID: 194370
Summary: [WPE][GTK] Unsafe setenv use in
WebProcessPool::platformInitialize
Product: WebKit
Version: WebKit Nightly Build
Hardware: PC
OS: Linux
Status: NEW
Severity: Normal
Priority: P2
Component: WebKitGTK+
Assignee: webkit-unassigned at lists.webkit.org
Reporter: mcatanzaro at igalia.com
CC: bugs-noreply at webkitgtk.org
WebProcessPool::platformInitialize unsafely calls g_unsetenv to unset WEBKIT_INSPECTOR_SERVER. WebKit must never modify environment variables in the UI process, because it could cause applications to crash. (The only safe place to modify environment variables is the very top of main() in secondary processes. It can't be done at all in the UI process.) So we need to find some way to avoid the need to call unsetenv here.
Also, note this function is duplicated between WebProcessPoolGtk.cpp and WebProcessPoolWPE.cpp, so both places need to be fixed, or the implementations shared.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20190207/12106422/attachment.html>
More information about the webkit-unassigned
mailing list