Skip to content

interfaces: misc small interface updates #8873

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
mvo5 merged 3 commits into from
Jun 16, 2020
Merged

interfaces: misc small interface updates #8873

mvo5 merged 3 commits into from
Jun 16, 2020

Conversation

@jdstrand
Copy link

@jdstrand jdstrand commented Jun 15, 2020

  • apparmor: allow read on @{PROC}/sys/fs/file-nr by default
  • seccomp: better document ioctl mediation
  • interfaces/desktop-legacy: allow org.gtk.GLib.PACRunner.Lookup()

@jdstrand jdstrand changed the title Misc small interface updates interfaces: misc small interface updates Jun 15, 2020
@jdstrand jdstrand requested a review from jhenstridge June 15, 2020 22:00
@jdstrand
Copy link
Author

jdstrand commented Jun 15, 2020

@jhenstridge - can you comment on 65323a9 and its location in desktop-legacy?

@mvo5 mvo5 merged commit 96abd5e into canonical:master Jun 16, 2020
jhenstridge
jhenstridge reviewed Jun 16, 2020
View reviewed changes
interfaces/builtin/desktop_legacy.go
path=/org/gtk/GLib/PACRunner
interface=org.gtk.GLib.PACRunner
member=Lookup
peer=(label=unconfined),
Copy link
Contributor

@jhenstridge jhenstridge Jun 16, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems fairly safe to add to desktop-legacy. We probably want to direct people towards org.freedesktop.portal.ProxyResolver instead though.

If a confined app is hitting this D-Bus API, then it is using the libgiognomeproxy GProxyResolver backend, and has gsettings access to know that proxy auto config has been enabled.

If instead portal support is enabled, the portal backend for GProxyResolver is used. This one doesn't need to have gsettings plugged, and delegates all proxy requests to xdg-desktop-portal, which in turn calls the standard GProxyResolver backend.

As far as security concerns over the org.gtk.GLib.PACRunner interface specifically, the client can ask the unconfined glib-pacrunner executable to execute an arbitrary file://, http://, or https:// URL as JavaScript and pass in an arbitrary URL as a function argument. With that said, the JS is run within mozjs's web sandbox so should be fairly safe.

Copy link
Author

@jdstrand jdstrand Jun 16, 2020
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@kenvandine - fyi, this came up due to a snap-store bug: https://bugs.launchpad.net/snapd/+bug/1871364 and based on @jhenstridge comments, it seems like it needs to be updated.

@jdstrand jdstrand deleted the misc-small-interface-updates branch July 1, 2020 17:49
jdstrand pushed a commit to jdstrand/snapd that referenced this pull request Aug 19, 2020
interface/desktop-legacy: add clarifying comment on Lookup() API
ade457e 
References:
canonical#8873 (comment)
https://gitlab.gnome.org/GNOME/glib-networking/-/blob/master/proxy/libproxy/glibpacrunner.c
jdstrand pushed a commit to jdstrand/snapd that referenced this pull request Aug 19, 2020
interface/desktop-legacy: add clarifying comment on Lookup() API
0108fff 
References:
canonical#8873 (comment)
https://gitlab.gnome.org/GNOME/glib-networking/-/blob/master/proxy/libproxy/glibpacrunner.c
jdstrand pushed a commit to jdstrand/snapd that referenced this pull request Aug 20, 2020
interface/desktop-legacy: add clarifying comment on Lookup() API
0e241c9 
References:
canonical#8873 (comment)
https://gitlab.gnome.org/GNOME/glib-networking/-/blob/master/proxy/libproxy/glibpacrunner.c
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jhenstridge jhenstridge jhenstridge left review comments

@zyga zyga zyga approved these changes

+1 more reviewer

@mvo5 mvo5 mvo5 approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@jdstrand @zyga @mvo5 @jhenstridge