[Webkit-unassigned] [Bug 219325] New: [WPE][GTK] flatpak-spawn subsandbox clears environment variables? breaks EphyPermissionsManager

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sat Nov 28 09:12:32 PST 2020 

https://bugs.webkit.org/show_bug.cgi?id=219325

            Bug ID: 219325
           Summary: [WPE][GTK] flatpak-spawn subsandbox clears environment
                    variables? breaks EphyPermissionsManager
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebKitGTK
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: mcatanzaro at gnome.org
                CC: bugs-noreply at webkitgtk.org

When logging into a certain website in Ephy Tech Preview, I notice that I am prompted to choose whether to save my password every time, despite selecting "Never Save" the password each time. I should not be prompted again when I select "Never Save." But this works perfectly fine outside flatpak. I wound up debugging EphyPermissionsManager and determined that its GKeyfileSettingsBackend is returning bogus results when the EphyPermissionsManager is created in the web process (but it works fine in the UI process). Turns out the GKeyfileSettingsBackend is created for the wrong filename: ~/.local/share/epiphany/permissions.ini (wrong) instead of ~/.var/app/org.gnome.Epiphany.Devel/data/epiphany/permissions.ini. Turns out ephy_default_profile_dir() is wrong. But that is set from g_get_user_data_dir(), which is set from $XDG_DATA_HOME. flatpak sets that to /home/mcatanzaro/.var/app/org.gnome.Epiphany.Devel/data, and that's what it is set to in the UI process. But in the web process, it is unset, so g_get_user_data_dir() falls back to ~/.local/share/epiphany, which is not persistent, and we have a disaster.

So somehow the environment variable is being filtered before it reaches the web process, presumably by flatpak-spawn. I'm very confused, because FlatpakLauncher.cpp does not pass --clear-env to flatpak-spawn, implying that environment variables should not be cleared. We should either fix it somehow, or disable the flatpak-spawn subsandbox.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20201128/ed6fd952/attachment.htm>

More information about the webkit-unassigned mailing list