slackware-current/source/l/polkit/0005-data-Set-GIO_USE_VFS-local-in-the-environment.patch

From daf3d5c2d15466a267221fcb099c59c870098e03 Mon Sep 17 00:00:00 2001
From: Philip Withnall <philip.withnall@collabora.co.uk>
Date: Thu, 19 May 2016 10:08:08 +0100
Subject: [PATCH 05/16] data: Set GIO_USE_VFS=local in the environment

There is no need for polkit to ever use GVFS to load files from
non-local sources, so it's best to avoid loading GVFS code, and to just
rely on the local implementation in GIO instead. This reduces the attack
surface of polkit.

Implemented for the daemon, pkaction, pkcheck, pkexec and pkttyagent,
because none of them need remote file access.

https://bugs.freedesktop.org/show_bug.cgi?id=95487
---
 src/polkitbackend/polkitd.c | 4 ++++
 src/programs/pkaction.c     | 4 ++++
 src/programs/pkcheck.c      | 4 ++++
 src/programs/pkexec.c       | 3 +++
 src/programs/pkttyagent.c   | 4 ++++
 5 files changed, 19 insertions(+)

diff --git a/src/polkitbackend/polkitd.c b/src/polkitbackend/polkitd.c
index d1527fb..8d54ed7 100644
--- a/src/polkitbackend/polkitd.c
+++ b/src/polkitbackend/polkitd.c
@@ -22,6 +22,7 @@
 #include "config.h"
 
 #include <signal.h>
+#include <stdlib.h>
 
 #include <glib-unix.h>
 
@@ -169,6 +170,9 @@ main (int    argc,
   sigint_id = 0;
   registration_id = NULL;
 
+  /* Disable remote file access from GIO. */
+  setenv ("GIO_USE_VFS", "local", 1);
+
   g_type_init ();
 
   opt_context = g_option_context_new ("polkit system daemon");
diff --git a/src/programs/pkaction.c b/src/programs/pkaction.c
index f17a7dc..221662a 100644
--- a/src/programs/pkaction.c
+++ b/src/programs/pkaction.c
@@ -24,6 +24,7 @@
 #endif
 
 #include <stdio.h>
+#include <stdlib.h>
 #include <glib/gi18n.h>
 #include <polkit/polkit.h>
 
@@ -121,6 +122,9 @@ main (int argc, char *argv[])
   actions = NULL;
   ret = 1;
 
+  /* Disable remote file access from GIO. */
+  setenv ("GIO_USE_VFS", "local", 1);
+
   g_type_init ();
 
   opt_show_version = FALSE;
diff --git a/src/programs/pkcheck.c b/src/programs/pkcheck.c
index 5781893..33db128 100644
--- a/src/programs/pkcheck.c
+++ b/src/programs/pkcheck.c
@@ -24,6 +24,7 @@
 #endif
 
 #include <stdio.h>
+#include <stdlib.h>
 #include <glib/gi18n.h>
 #include <polkit/polkit.h>
 #define POLKIT_AGENT_I_KNOW_API_IS_SUBJECT_TO_CHANGE
@@ -362,6 +363,9 @@ main (int argc, char *argv[])
   local_agent_handle = NULL;
   ret = 126;
 
+  /* Disable remote file access from GIO. */
+  setenv ("GIO_USE_VFS", "local", 1);
+
   g_type_init ();
 
   details = polkit_details_new ();
diff --git a/src/programs/pkexec.c b/src/programs/pkexec.c
index 50de92c..3b29b24 100644
--- a/src/programs/pkexec.c
+++ b/src/programs/pkexec.c
@@ -503,6 +503,9 @@ main (int argc, char *argv[])
   opt_user = NULL;
   local_agent_handle = NULL;
 
+  /* Disable remote file access from GIO. */
+  setenv ("GIO_USE_VFS", "local", 1);
+
   /* check for correct invocation */
   if (geteuid () != 0)
     {
diff --git a/src/programs/pkttyagent.c b/src/programs/pkttyagent.c
index 423b728..8aac7dd 100644
--- a/src/programs/pkttyagent.c
+++ b/src/programs/pkttyagent.c
@@ -24,6 +24,7 @@
 #endif
 
 #include <stdio.h>
+#include <stdlib.h>
 #include <glib/gi18n.h>
 #include <polkit/polkit.h>
 #define POLKIT_AGENT_I_KNOW_API_IS_SUBJECT_TO_CHANGE
@@ -74,6 +75,9 @@ main (int argc, char *argv[])
   guint ret = 126;
   GVariantBuilder builder;
 
+  /* Disable remote file access from GIO. */
+  setenv ("GIO_USE_VFS", "local", 1);
+
   g_type_init ();
 
   error = NULL;
-- 
2.13.0
Mon May 28 19:12:29 UTC 2018 a/pkgtools-15.0-noarch-13.txz: Rebuilt. installpkg: default line length for --terselength is the number of columns. removepkg: added --terse mode. upgradepkg: default line length for --terselength is the number of columns. upgradepkg: accept -option in addition to --option. ap/vim-8.1.0026-x86_64-1.txz: Upgraded. d/bison-3.0.5-x86_64-1.txz: Upgraded. e/emacs-26.1-x86_64-1.txz: Upgraded. kde/kopete-4.14.3-x86_64-8.txz: Rebuilt. Recompiled against libidn-1.35. n/conntrack-tools-1.4.5-x86_64-1.txz: Upgraded. n/libnetfilter_conntrack-1.0.7-x86_64-1.txz: Upgraded. n/libnftnl-1.1.0-x86_64-1.txz: Upgraded. n/links-2.16-x86_64-2.txz: Rebuilt. Rebuilt to enable X driver for -g mode. n/lynx-2.8.9dev.19-x86_64-1.txz: Upgraded. n/nftables-0.8.5-x86_64-1.txz: Upgraded. n/p11-kit-0.23.11-x86_64-1.txz: Upgraded. n/ulogd-2.0.7-x86_64-1.txz: Upgraded. n/whois-5.3.1-x86_64-1.txz: Upgraded. xap/network-manager-applet-1.8.12-x86_64-1.txz: Upgraded. xap/vim-gvim-8.1.0026-x86_64-1.txz: Upgraded. 2018-05-28 21:12:29 +02:00			`From daf3d5c2d15466a267221fcb099c59c870098e03 Mon Sep 17 00:00:00 2001`
			`From: Philip Withnall <philip.withnall@collabora.co.uk>`
			`Date: Thu, 19 May 2016 10:08:08 +0100`
			`Subject: [PATCH 05/16] data: Set GIO_USE_VFS=local in the environment`

			`There is no need for polkit to ever use GVFS to load files from`
			`non-local sources, so it's best to avoid loading GVFS code, and to just`
			`rely on the local implementation in GIO instead. This reduces the attack`
			`surface of polkit.`

			`Implemented for the daemon, pkaction, pkcheck, pkexec and pkttyagent,`
			`because none of them need remote file access.`

			`https://bugs.freedesktop.org/show_bug.cgi?id=95487`
			`---`
			`src/polkitbackend/polkitd.c \| 4 ++++`
			`src/programs/pkaction.c \| 4 ++++`
			`src/programs/pkcheck.c \| 4 ++++`
			`src/programs/pkexec.c \| 3 +++`
			`src/programs/pkttyagent.c \| 4 ++++`
			`5 files changed, 19 insertions(+)`

			`diff --git a/src/polkitbackend/polkitd.c b/src/polkitbackend/polkitd.c`
			`index d1527fb..8d54ed7 100644`
			`--- a/src/polkitbackend/polkitd.c`
			`+++ b/src/polkitbackend/polkitd.c`
			`@@ -22,6 +22,7 @@`
			`#include "config.h"`

			`#include <signal.h>`
			`+#include <stdlib.h>`

			`#include <glib-unix.h>`

			`@@ -169,6 +170,9 @@ main (int argc,`
			`sigint_id = 0;`
			`registration_id = NULL;`

			`+ /* Disable remote file access from GIO. */`
			`+ setenv ("GIO_USE_VFS", "local", 1);`
			`+`
			`g_type_init ();`

			`opt_context = g_option_context_new ("polkit system daemon");`
			`diff --git a/src/programs/pkaction.c b/src/programs/pkaction.c`
			`index f17a7dc..221662a 100644`
			`--- a/src/programs/pkaction.c`
			`+++ b/src/programs/pkaction.c`
			`@@ -24,6 +24,7 @@`
			`#endif`

			`#include <stdio.h>`
			`+#include <stdlib.h>`
			`#include <glib/gi18n.h>`
			`#include <polkit/polkit.h>`

			`@@ -121,6 +122,9 @@ main (int argc, char *argv[])`
			`actions = NULL;`
			`ret = 1;`

			`+ /* Disable remote file access from GIO. */`
			`+ setenv ("GIO_USE_VFS", "local", 1);`
			`+`
			`g_type_init ();`

			`opt_show_version = FALSE;`
			`diff --git a/src/programs/pkcheck.c b/src/programs/pkcheck.c`
			`index 5781893..33db128 100644`
			`--- a/src/programs/pkcheck.c`
			`+++ b/src/programs/pkcheck.c`
			`@@ -24,6 +24,7 @@`
			`#endif`

			`#include <stdio.h>`
			`+#include <stdlib.h>`
			`#include <glib/gi18n.h>`
			`#include <polkit/polkit.h>`
			`#define POLKIT_AGENT_I_KNOW_API_IS_SUBJECT_TO_CHANGE`
			`@@ -362,6 +363,9 @@ main (int argc, char *argv[])`
			`local_agent_handle = NULL;`
			`ret = 126;`

			`+ /* Disable remote file access from GIO. */`
			`+ setenv ("GIO_USE_VFS", "local", 1);`
			`+`
			`g_type_init ();`

			`details = polkit_details_new ();`
			`diff --git a/src/programs/pkexec.c b/src/programs/pkexec.c`
			`index 50de92c..3b29b24 100644`
			`--- a/src/programs/pkexec.c`
			`+++ b/src/programs/pkexec.c`
			`@@ -503,6 +503,9 @@ main (int argc, char *argv[])`
			`opt_user = NULL;`
			`local_agent_handle = NULL;`

			`+ /* Disable remote file access from GIO. */`
			`+ setenv ("GIO_USE_VFS", "local", 1);`
			`+`
			`/* check for correct invocation */`
			`if (geteuid () != 0)`
			`{`
			`diff --git a/src/programs/pkttyagent.c b/src/programs/pkttyagent.c`
			`index 423b728..8aac7dd 100644`
			`--- a/src/programs/pkttyagent.c`
			`+++ b/src/programs/pkttyagent.c`
			`@@ -24,6 +24,7 @@`
			`#endif`

			`#include <stdio.h>`
			`+#include <stdlib.h>`
			`#include <glib/gi18n.h>`
			`#include <polkit/polkit.h>`
			`#define POLKIT_AGENT_I_KNOW_API_IS_SUBJECT_TO_CHANGE`
			`@@ -74,6 +75,9 @@ main (int argc, char *argv[])`
			`guint ret = 126;`
			`GVariantBuilder builder;`

			`+ /* Disable remote file access from GIO. */`
			`+ setenv ("GIO_USE_VFS", "local", 1);`
			`+`
			`g_type_init ();`

			`error = NULL;`
			`--`
			`2.13.0`