Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

permission-reset doesn't remove document permissions #3759

Open
BryanQuigley opened this issue Jul 23, 2020 · 4 comments
Open

permission-reset doesn't remove document permissions #3759

BryanQuigley opened this issue Jul 23, 2020 · 4 comments

Comments

@BryanQuigley
Copy link

Ubuntu 18.04 / Stock

1.6.3

flatpak permission-reset app appears to reset permissions, but appears to do nothing.

Steps to reproduce

  1. Using Firefox flatpak Open /etc/passwd with Ctrl-O.
  2. Note name file:///run/user/1000/doc/4fab1618/passwd
  3. Close Firefox
  4. Run flatpak permission-show org.mozilla.firefox (note how it exists)
  5. Run flatpak permission-reset org.mozilla.firefox
  6. Run flatpak permission-show org.mozilla.firefox (note how that permission is gone)
  7. Try opening file:///run/user/1000/doc/4fab1618/passwd again. Note how it still works. (IMU this should not work anymore...). Try Ctrl-F5 to try a force refresh.
@TingPing TingPing changed the title permission-reset doesn't truly remove permissions permission-reset doesn't truly remove document permissions Jul 24, 2020
@TingPing TingPing changed the title permission-reset doesn't truly remove document permissions permission-reset doesn't remove document permissions Jul 24, 2020
@mwleeds
Copy link
Collaborator

mwleeds commented Sep 22, 2020

Tried to reproduce this with permission-remove instead of permission-reset but I seem to have hit another bug:

$ flatpak permission-remove documents aa93c5ae org.mozilla.firefox
error: Message recipient disconnected from message bus without replying
$ 

From the journal:

Sep 21 21:05:11 pop-os xdg-permission-[8950]: g_variant_builder_end: assertion '!GVSB(builder)->uniform_item_types || GVSB(builder)->prev_item_type != NULL || g_variant_type_is_definite (GVSB(builder)->type)' failed
Sep 21 21:05:11 pop-os xdg-permission-[8950]: g_variant_get_type: assertion 'value != NULL' failed
Sep 21 21:05:11 pop-os xdg-permission-[8950]: g_variant_type_is_subtype_of: assertion 'g_variant_type_check (type)' failed
Sep 21 21:05:11 pop-os kernel: show_signal: 17 callbacks suppressed
Sep 21 21:05:11 pop-os kernel: traps: xdg-permission-[8950] trap int3 ip:7f51336e30d5 sp:7ffc158c8d90 error:0 in libglib-2.0.so.0.6400.3[7f51336a7000+84000]
Sep 21 21:05:11 pop-os xdg-permission-[8950]: g_variant_get_type_string: assertion 'value != NULL' failed
Sep 21 21:05:11 pop-os xdg-permission-[8950]: g_variant_new: expected GVariant of type 'a{sas}' but received value has type '(null)'
Sep 21 21:05:11 pop-os systemd[5025]: xdg-permission-store.service: Main process exited, code=dumped, status=5/TRAP
Sep 21 21:05:11 pop-os systemd[5025]: xdg-permission-store.service: Failed with result 'core-dump'.

@edwincc-vital
Copy link

Same problem, same error on Ubuntu 20.04

command :
flatpak permission-remove documents daae60e1 org.mozilla.firefox

dmesg log :
traps: xdg-permission-[1461248] trap int3 ip:7f4ed8b100d5 sp:7fff1589ac60 error:0 in libglib-2.0.so.0.6400.3[7f4ed8ad4000+84000]

@Perkolator
Copy link

Same problem here, Mint 20.3 Cinnamon.

$ flatpak permission-remove background background org.gnome.Boxes

error: Message recipient disconnected from message bus without replying

But running just flatpak permission-remove background background works (no output though, no error, no ok, nothing), I can see the permission removed.

But removing permissions without the APP_ID can't be used IF there's similar permissions (TABLE and ID (or Object as the flatpak permissions confusingly lists the ID in the column header)) for different apps and the user wants to remove the permission for just one app.

@chrisawi
Copy link
Collaborator

I can't reproduce any of those crashes with flatpak 1.15.91 on F41, but a comment in flatpak-builtins-permission-reset.c points to what I think is the root cause: flatpak/xdg-desktop-portal#197

As a (poor) workaround, you can use the flatpak documents and flatpak document-unexport commands to interact directly with the document portal.

All of the relevant pieces are in xdg-desktop-portal; I don't think there's anything to fix in Flatpak itself.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

5 participants