From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Paul Eggert Newsgroups: gmane.emacs.bugs Subject: bug#43071: Enable WebKit sandboxing Date: Thu, 27 Aug 2020 06:14:37 -0700 Organization: UCLA Computer Science Department Message-ID: <05668e76-ce5b-0766-471f-0cafa91fd978@cs.ucla.edu> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="------------D94440C52FCC38EE0599852A" Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="8646"; mail-complaints-to="usenet@ciao.gmane.io" User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 Cc: Robert Pluim , Jimmy Aguilar Mena , Jaesup Kwak , Qiantan Hong , Sungbin Jo To: 43071@debbugs.gnu.org Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Thu Aug 27 15:15:09 2020 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1kBHkD-00026b-Lt for geb-bug-gnu-emacs@m.gmane-mx.org; Thu, 27 Aug 2020 15:15:09 +0200 Original-Received: from localhost ([::1]:49892 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kBHkC-0007XO-LY for geb-bug-gnu-emacs@m.gmane-mx.org; Thu, 27 Aug 2020 09:15:08 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:41724) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBHk6-0007XE-Sw for bug-gnu-emacs@gnu.org; Thu, 27 Aug 2020 09:15:02 -0400 Original-Received: from debbugs.gnu.org ([209.51.188.43]:58806) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kBHk6-000301-IY for bug-gnu-emacs@gnu.org; Thu, 27 Aug 2020 09:15:02 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1kBHk6-0008Es-Bi for bug-gnu-emacs@gnu.org; Thu, 27 Aug 2020 09:15:02 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Paul Eggert Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Thu, 27 Aug 2020 13:15:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 43071 X-GNU-PR-Package: emacs X-Debbugs-Original-To: Emacs bug reports and feature requests Original-Received: via spool by submit@debbugs.gnu.org id=B.159853408731620 (code B ref -1); Thu, 27 Aug 2020 13:15:02 +0000 Original-Received: (at submit) by debbugs.gnu.org; 27 Aug 2020 13:14:47 +0000 Original-Received: from localhost ([127.0.0.1]:42119 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kBHjr-0008Du-Bp for submit@debbugs.gnu.org; Thu, 27 Aug 2020 09:14:47 -0400 Original-Received: from lists.gnu.org ([209.51.188.17]:57788) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kBHjp-0008Dn-Iw for submit@debbugs.gnu.org; Thu, 27 Aug 2020 09:14:46 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:41698) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBHjp-0007WN-EL for bug-gnu-emacs@gnu.org; Thu, 27 Aug 2020 09:14:45 -0400 Original-Received: from zimbra.cs.ucla.edu ([131.179.128.68]:49364) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBHjn-0002x2-68 for bug-gnu-emacs@gnu.org; Thu, 27 Aug 2020 09:14:44 -0400 Original-Received: from localhost (localhost [127.0.0.1]) by zimbra.cs.ucla.edu (Postfix) with ESMTP id 273BE160097; Thu, 27 Aug 2020 06:14:39 -0700 (PDT) Original-Received: from zimbra.cs.ucla.edu ([127.0.0.1]) by localhost (zimbra.cs.ucla.edu [127.0.0.1]) (amavisd-new, port 10032) with ESMTP id ncwWGBN3mFJB; Thu, 27 Aug 2020 06:14:38 -0700 (PDT) Original-Received: from localhost (localhost [127.0.0.1]) by zimbra.cs.ucla.edu (Postfix) with ESMTP id 2EB061600A5; Thu, 27 Aug 2020 06:14:38 -0700 (PDT) X-Virus-Scanned: amavisd-new at zimbra.cs.ucla.edu Original-Received: from zimbra.cs.ucla.edu ([127.0.0.1]) by localhost (zimbra.cs.ucla.edu [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id blUpiIMAOj3F; Thu, 27 Aug 2020 06:14:38 -0700 (PDT) Original-Received: from [192.168.1.9] (cpe-75-82-69-226.socal.res.rr.com [75.82.69.226]) by zimbra.cs.ucla.edu (Postfix) with ESMTPSA id C4361160097; Thu, 27 Aug 2020 06:14:37 -0700 (PDT) Autocrypt: addr=eggert@cs.ucla.edu; prefer-encrypt=mutual; keydata= LS0tLS1CRUdJTiBQR1AgUFVCTElDIEtFWSBCTE9DSy0tLS0tCgptUUlOQkV5QWNtUUJFQURB QXlIMnhvVHU3cHBHNUQzYThGTVpFb243NGRDdmM0K3ExWEEySjJ0QnkycHdhVHFmCmhweHhk R0E5Smo1MFVKM1BENGJTVUVnTjh0TFowc2FuNDdsNVhUQUZMaTI0NTZjaVNsNW04c0thSGxH ZHQ5WG0KQUF0bVhxZVpWSVlYL1VGUzk2ZkR6ZjR4aEVtbS95N0xiWUVQUWRVZHh1NDd4QTVL aFRZcDVibHRGM1dZRHoxWQpnZDdneDA3QXV3cDdpdzdlTnZub0RUQWxLQWw4S1lEWnpiRE5D UUdFYnBZM2VmWkl2UGRlSStGV1FONFcra2doCnkrUDZhdTZQcklJaFlyYWV1YTdYRGRiMkxT MWVuM1NzbUUzUWpxZlJxSS9BMnVlOEpNd3N2WGUvV0szOEV6czYKeDc0aVRhcUkzQUZINmls QWhEcXBNbmQvbXNTRVNORnQ3NkRpTzFaS1FNcjlhbVZQa25qZlBtSklTcWRoZ0IxRApsRWR3 MzRzUk9mNlY4bVp3MHhmcVQ2UEtFNDZMY0ZlZnpzMGtiZzRHT1JmOHZqRzJTZjF0azVlVThN Qml5Ti9iClowM2JLTmpOWU1wT0REUVF3dVA4NGtZTGtYMndCeHhNQWhCeHdiRFZadWR6eERa SjFDMlZYdWpDT0pWeHEya2wKakJNOUVUWXVVR3FkNzVBVzJMWHJMdzYrTXVJc0hGQVlBZ1Jy NytLY3dEZ0JBZndoU Content-Language: en-US Received-SPF: pass client-ip=131.179.128.68; envelope-from=eggert@cs.ucla.edu; helo=zimbra.cs.ucla.edu X-detected-operating-system: by eggs.gnu.org: First seen = 2020/08/27 09:14:39 X-ACL-Warn: Detected OS = Linux 3.1-3.10 X-Spam_score_int: -41 X-Spam_score: -4.2 X-Spam_bar: ---- X-Spam_report: (-4.2 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.io gmane.emacs.bugs:186530 Archived-At: This is a multi-part message in MIME format. --------------D94440C52FCC38EE0599852A Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Qiantan Hong suggested that Emacs should enable sandboxing in WebKit, for all the usual security reasons. (Thanks, Qiantan!) Attached is a proposed patch to implement that suggestion; it's a bit fancier than what Qiantan originally proposed in because it checks that WebKit 2.26 or later is in use, and it avoids a duplicate call to webkit_web_context_get_default. I'm cc'ing this to Qiantan and to other recent committers to xwidget.c, to get their opinions. --------------D94440C52FCC38EE0599852A Content-Type: text/x-patch; charset=UTF-8; name="0001-Use-WebKit-sandboxing.patch" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="0001-Use-WebKit-sandboxing.patch" >From 1ca9d47923813e536753c18aa15194f15f39ab3d Mon Sep 17 00:00:00 2001 From: Paul Eggert Date: Thu, 27 Aug 2020 06:00:52 -0700 Subject: [PATCH] Use WebKit sandboxing * src/xwidget.c (Fmake_xwidget): Enable sandboxing if WebKit 2.26 or later. Do this early, as required for sandboxing. Co-authored-by: Qiantan Hong Copyright-paperwork-exempt: yes --- src/xwidget.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/src/xwidget.c b/src/xwidget.c index 154b3e9c82..851f96952c 100644 --- a/src/xwidget.c +++ b/src/xwidget.c @@ -114,6 +114,13 @@ DEFUN ("make-xwidget", if (EQ (xw->type, Qwebkit)) { block_input (); + WebKitWebContext *webkit_context = webkit_web_context_get_default (); + +# if WEBKIT_CHECK_VERSION (2, 26, 0) + if (!webkit_web_context_get_sandbox_enabled (webkit_context)) + webkit_web_context_set_sandbox_enabled (webkit_context, TRUE); +# endif + xw->widgetwindow_osr = gtk_offscreen_window_new (); gtk_window_resize (GTK_WINDOW (xw->widgetwindow_osr), xw->width, xw->height); @@ -152,7 +159,7 @@ DEFUN ("make-xwidget", "load-changed", G_CALLBACK (webkit_view_load_changed_cb), xw); - g_signal_connect (G_OBJECT (webkit_web_context_get_default ()), + g_signal_connect (G_OBJECT (webkit_context), "download-started", G_CALLBACK (webkit_download_cb), xw); -- 2.25.4 --------------D94440C52FCC38EE0599852A--