diff options
Diffstat (limited to 'debian/patches/util-Remove-undesired-variables-from-activation-environme.patch')
| -rw-r--r-- | debian/patches/util-Remove-undesired-variables-from-activation-environme.patch | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/debian/patches/util-Remove-undesired-variables-from-activation-environme.patch b/debian/patches/util-Remove-undesired-variables-from-activation-environme.patch new file mode 100644 index 0000000..65255fd --- /dev/null +++ b/debian/patches/util-Remove-undesired-variables-from-activation-environme.patch @@ -0,0 +1,35 @@ +From: Simon McVittie <smcv@debian.org> +Date: Mon, 29 Mar 2021 12:49:35 +0100 +Subject: util: Remove undesired variables from activation environment + +Commit 646b9bc0 (included in 3.33.92) prevented one run of gnome-session +from uploading environment variables into `systemd --user` that should not +leak into a different login session, such as XDG_SESSION_ID. However, +non-GNOME session managers (and in particular the forks of gnome-session +found in Cinnamon and MATE) might still upload those environment variables. + +The other session managers should be fixed, similar to 646b9bc0, but we +can mitigate this for GNOME sessions by actively unsetting the undesired +variables, instead of just not setting them. + +Signed-off-by: Simon McVittie <smcv@collabora.com> +Bug: https://gitlab.gnome.org/GNOME/gnome-session/-/issues/86 +Bug-Debian: https://bugs.debian.org/973474 +Forwarded: https://gitlab.gnome.org/GNOME/gnome-session/-/merge_requests/63 +--- + gnome-session/gsm-util.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/gnome-session/gsm-util.c b/gnome-session/gsm-util.c +index cdf6761..7dc4f26 100644 +--- a/gnome-session/gsm-util.c ++++ b/gnome-session/gsm-util.c +@@ -646,6 +646,8 @@ gsm_util_export_user_environment (GError **error) + g_variant_builder_open (&builder, G_VARIANT_TYPE ("as")); + for (i = 0; variable_unsetlist[i] != NULL; i++) + g_variant_builder_add (&builder, "s", variable_unsetlist[i]); ++ for (i = 0; variable_blacklist[i] != NULL; i++) ++ g_variant_builder_add (&builder, "s", variable_blacklist[i]); + g_variant_builder_close (&builder); + + g_variant_builder_open (&builder, G_VARIANT_TYPE ("as")); |