From 068d5bf3697ac0dd6ba8b73bd728d4cc21b67855 Mon Sep 17 00:00:00 2001 From: apt-ghetto Date: Fri, 16 Nov 2018 16:35:57 -0600 Subject: [PATCH] Strip environment in lxqt-sudo to leave only required environment variables to get into the elevated child process. Summary: Strip environment variables in lxqt-sudo Test Plan: 1. Test first with lxqt-sudo from repo: lxqt-sudo env 2> env.txt 2. Install this version 3. Run lxqt-sudo env 2> env2.txt 4. Compare env.txt with env2.txt: diff -y env.txt env2.txt 5. Both files should differ in most environment variables, such as HOME Reviewers: tsimonq2, wxl Reviewed By: tsimonq2 Differential Revision: https://phab.lubuntu.me/D44 --- debian/changelog | 6 ++ debian/debhelper-build-stamp | 1 + debian/patches/series | 1 + debian/patches/sudo-strip-environment.patch | 69 +++++++++++++++++++++ 4 files changed, 77 insertions(+) create mode 100644 debian/debhelper-build-stamp create mode 100644 debian/patches/sudo-strip-environment.patch diff --git a/debian/changelog b/debian/changelog index 8085dd1..71b421b 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +lxqt-sudo (0.13.0-0ubuntu3) UNRELEASED; urgency=medium + + * Leave only required variables to get into the elevated child process. + + -- apt-ghetto Wed, 14 Nov 2018 17:55:39 +0100 + lxqt-sudo (0.13.0-0ubuntu2) cosmic; urgency=medium * Change Uploaders to Ubuntu uploaders. diff --git a/debian/debhelper-build-stamp b/debian/debhelper-build-stamp new file mode 100644 index 0000000..1bee9d4 --- /dev/null +++ b/debian/debhelper-build-stamp @@ -0,0 +1 @@ +lxqt-sudo diff --git a/debian/patches/series b/debian/patches/series index 4eb4849..1fbd884 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1 +1,2 @@ fix-layout-line-break.patch +sudo-strip-environment.patch diff --git a/debian/patches/sudo-strip-environment.patch b/debian/patches/sudo-strip-environment.patch new file mode 100644 index 0000000..2652c4b --- /dev/null +++ b/debian/patches/sudo-strip-environment.patch @@ -0,0 +1,69 @@ +Description: Sudo: Strip environment + Leave only required environment variables (for X & locale) to get into the elevated child process. +Author: Palo Kisa +Applied-Upstream: https://github.com/lxqt/lxqt-sudo/commit/07ec9ec14e5d8ff2fe5aba33d9f0a1cd07a4db60 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +--- a/sudo.cpp ++++ b/sudo.cpp +@@ -36,12 +36,14 @@ + #include + #include + #include ++#include + #include + #include + #include + #include + #include + #include ++#include + + namespace + { +@@ -80,11 +82,42 @@ namespace + << QObject::tr("%1 version %2\n").arg(app_master).arg(app_version); + } + ++ //Note: array must be sorted to allow usage of binary search ++ static constexpr char const * const ALLOWED_VARS[] = { ++ "DISPLAY" ++ , "LANG", "LANGUAGE", "LC_ADDRESS", "LC_ALL", "LC_COLLATE", "LC_CTYPE", "LC_IDENTIFICATION", "LC_MEASUREMENT" ++ , "LC_MESSAGES", "LC_MONETARY", "LC_NAME", "LC_NUMERIC", "LC_PAPER", "LC_TELEPHONE", "LC_TIME" ++ , "PATH", "QT_PLATFORM_PLUGIN", "QT_QPA_PLATFORMTHEME", "WAYLAND_DISPLAY", "XAUTHORITY" ++ }; ++ static constexpr char const * const * const ALLOWED_END = ALLOWED_VARS + sizeof (ALLOWED_VARS) / sizeof (ALLOWED_VARS[0]); ++ struct assert_helper ++ { ++ assert_helper() ++ { ++ Q_ASSERT(std::is_sorted(ALLOWED_VARS, ALLOWED_END ++ , [] (char const * const a, char const * const b) { return strcmp(a, b) < 0; })); ++ } ++ }; ++ assert_helper h; ++ + inline void env_workarounds() + { +- //cleanup environment +- //pcmanfm-qt will not start if the DBUS_SESSION_BUS_ADDRESS is preserved +- unsetenv("DBUS_SESSION_BUS_ADDRESS"); ++ std::cerr << LXQTSUDO << ": Stripping child environment except for: "; ++ std::copy(ALLOWED_VARS, ALLOWED_END - 1, std::ostream_iterator{std::cerr, ", "}); ++ std::cerr << *(ALLOWED_END - 1) << '\n'; // printing the last separately to avoid trailing comma ++ // cleanup environment, because e.g.: ++ // - pcmanfm-qt will not start if the DBUS_SESSION_BUS_ADDRESS is preserved ++ // - Qt apps may change user's config files permissions if the XDG_* are preserved ++ for (auto const & key : QProcessEnvironment::systemEnvironment().keys()) ++ { ++ auto const & i = std::lower_bound(ALLOWED_VARS, ALLOWED_END, key, [] (char const * const a, QString const & b) { ++ return b > a; ++ }); ++ if (i == ALLOWED_END || key != *i) ++ { ++ unsetenv(key.toStdString().c_str()); ++ } ++ } + } + } +