Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
run: Don't let XDG_RUNTIME_DIR from user override the value we set
We use `bwrap --setenv XDG_RUNTIME_DIR` to set it to `/run/user/UID`, regardless of what it is on the host system, but the changes made to resolve CVE-2021-21261 unintentionally broke this by overwriting it with the user's XDG_RUNTIME_DIR. In practice this worked for most people, who either have XDG_RUNTIME_DIR set to the same value we use (which is the conventional setup from systemd-logind and elogind), or entirely unset (if they do not have systemd-logind or elogind). However, it broke Wayland and other XDG_RUNTIME_DIR-based protocols for people who intentionally set up an XDG_RUNTIME_DIR that is different. Resolves: flatpak#4372 Signed-off-by: Simon McVittie <smcv@collabora.com>
- Loading branch information