unofficial mirror of bug-guix@gnu.org 
 help / color / mirror / code / Atom feed
* bug#47576: [security] ibus-daemon launches ungrafted subprocesses
@ 2021-04-03  4:44 Mark H Weaver
  2021-04-03  4:51 ` Mark H Weaver
                   ` (2 more replies)
  0 siblings, 3 replies; 10+ messages in thread
From: Mark H Weaver @ 2021-04-03  4:44 UTC (permalink / raw)
  To: 47576

Several processes on my Guix system load shared libraries from the
*ungrafted* glib: specifically, all of the subprocesses of
'ibus-daemon'.

The 'ibus-daemon' process itself seems to be properly grafted.  However,
its subprocesses are from an old, ungrafted build of 'ibus':

--8<---------------cut here---------------start------------->8---
mhw@jojen ~$ pstree -up 796
.ibus-daemon-re(796,mhw)─┬─.ibus-dconf-rea(803)─┬─{.ibus-dconf-rea}(806)
                         │                      └─{.ibus-dconf-rea}(807)
                         ├─.ibus-engine-si(892)─┬─{.ibus-engine-si}(917)
                         │                      └─{.ibus-engine-si}(918)
                         ├─.ibus-extension(804)─┬─{.ibus-extension}(810)
                         │                      ├─{.ibus-extension}(811)
                         │                      └─{.ibus-extension}(819)
                         ├─{.ibus-daemon-re}(797)
                         └─{.ibus-daemon-re}(798)
mhw@jojen ~$ ps -fq 796,803,892,804
UID        PID  PPID  C STIME TTY          TIME CMD
mhw        796   698  0 00:10 tty8     00:00:00 /gnu/store/radg6xacqvw60d76k97y0ydccjm7iq7a-ibus-1.5.22/bin/ibus-daemon --panel disable -r --xim
mhw        803   796  0 00:10 tty8     00:00:00 /gnu/store/a4r6q1fbfqapy5hrrxap1yg96rjgln6q-ibus-1.5.22/libexec/ibus-dconf
mhw        892   796  0 00:10 tty8     00:00:00 /gnu/store/a4r6q1fbfqapy5hrrxap1yg96rjgln6q-ibus-1.5.22/libexec/ibus-engine-simple
mhw        804   796  2 00:10 tty8     00:00:01 /gnu/store/a4r6q1fbfqapy5hrrxap1yg96rjgln6q-ibus-1.5.22/libexec/ibus-extension-gtk3
--8<---------------cut here---------------end--------------->8---

(The same issue occurs for the 'ibus-daemon' that's owned by 'gdm').

/gnu/store/radg…-ibus-1.5.22 seems to be the properly grafted 'ibus',
replacing the ungrafted /gnu/store/wnqv…-ibus-1.5.22 which I last built
on February 2nd: (I don't use substitutes)

--8<---------------cut here---------------start------------->8---
mhw@jojen ~$ bzcat $(guix build --log-file /gnu/store/radg6xacqvw60d76k97y0ydccjm7iq7a-ibus-1.5.22)
grafting '/gnu/store/wnqv8rj3ngjivl6334d1h8irszf39dm9-ibus-1.5.22' -> '/gnu/store/radg6xacqvw60d76k97y0ydccjm7iq7a-ibus-1.5.22'...
mhw@jojen ~$ ls -l $(guix build --log-file /gnu/store/wnqv8rj3ngjivl6334d1h8irszf39dm9-ibus-1.5.22)
-rw-r--r-- 1 root root 24923 Feb  2 10:35 /var/log/guix/drvs/hx/qpdblmghj7pvg0ni2l38p0a1s4igbd-ibus-1.5.22.drv.bz2
--8<---------------cut here---------------end--------------->8---

The reference scanner does not see any references to any other 'ibus',
from either my system, my user profile, or the grafted 'ibus':

--8<---------------cut here---------------start------------->8---
mhw@jojen ~$ guix gc -R $(readlink -f /run/current-system) | grep -e -ibus-
/gnu/store/radg6xacqvw60d76k97y0ydccjm7iq7a-ibus-1.5.22
mhw@jojen ~$ guix gc -R $(readlink -f ~/.guix-profile) | grep -e -ibus-
mhw@jojen ~$ guix gc -R /gnu/store/radg6xacqvw60d76k97y0ydccjm7iq7a-ibus-1.5.22 | grep -e -ibus-
/gnu/store/radg6xacqvw60d76k97y0ydccjm7iq7a-ibus-1.5.22
--8<---------------cut here---------------end--------------->8---

Interestingly, the subprocesses are *not* from the ungrafted 'ibus' that
I last built on February 2nd.  Instead, they are from a much older
ungrafted 'ibus', which I last built on December 20th of last year:

--8<---------------cut here---------------start------------->8---
mhw@jojen ~$ ls -l $(guix build --log-file /gnu/store/a4r6q1fbfqapy5hrrxap1yg96rjgln6q-ibus-1.5.22)
-rw-r--r-- 1 root root 24981 Dec 20 20:33 /var/log/guix/drvs/sn/k6581cpk6n8q3dvsarqmqimhx0n2i2-ibus-1.5.22.drv.bz2
--8<---------------cut here---------------end--------------->8---

I'm at a bit of a loss of where this much older, ungrafted 'ibus' is
coming from.  Running "guix build ibus", with and without grafts, give
the other two 'ibus' store items:

--8<---------------cut here---------------start------------->8---
mhw@jojen ~$ guix build ibus --no-grafts
/gnu/store/wnqv8rj3ngjivl6334d1h8irszf39dm9-ibus-1.5.22
mhw@jojen ~$ guix build ibus
/gnu/store/radg6xacqvw60d76k97y0ydccjm7iq7a-ibus-1.5.22
--8<---------------cut here---------------end--------------->8---

Is there another variant of the 'ibus' package hiding somewhere?
Where is "/gnu/store/a4r6…-ibus-1.5.22" coming from?

I don't know that I'll have the energy to investigate this further
anytime soon, so I'm hoping that someone else will pick this up.

* * *

FYI, I discovered this while doing sanity checks on my new preliminary
grafting implementation (which supports rewriting UTF-16/32 store
references).  Looking for references to the old 'glib' was the *first*
thing I checked.  I haven't yet checked anything else, so I don't know
how widespread this problem is.

       Mark




^ permalink raw reply	[flat|nested] 10+ messages in thread

* bug#47576: [security] ibus-daemon launches ungrafted subprocesses
  2021-04-03  4:44 bug#47576: [security] ibus-daemon launches ungrafted subprocesses Mark H Weaver
@ 2021-04-03  4:51 ` Mark H Weaver
  2021-04-03  7:12 ` Mark H Weaver
  2021-04-20 14:51 ` Ricardo Wurmus
  2 siblings, 0 replies; 10+ messages in thread
From: Mark H Weaver @ 2021-04-03  4:51 UTC (permalink / raw)
  To: 47576

Here's an obvious check that I should have included in my last message:

--8<---------------cut here---------------start------------->8---
mhw@jojen ~$ guix gc --referrers /gnu/store/a4r6q1fbfqapy5hrrxap1yg96rjgln6q-ibus-1.5.22
/gnu/store/a4r6q1fbfqapy5hrrxap1yg96rjgln6q-ibus-1.5.22
mhw@jojen ~$ 
--8<---------------cut here---------------end--------------->8---

This is the 'ibus' that I last built in December 2020, and which is
somehow, mysteriously, being used for the subprocesses of 'ibus-daemon'.

       Mark




^ permalink raw reply	[flat|nested] 10+ messages in thread

* bug#47576: [security] ibus-daemon launches ungrafted subprocesses
  2021-04-03  4:44 bug#47576: [security] ibus-daemon launches ungrafted subprocesses Mark H Weaver
  2021-04-03  4:51 ` Mark H Weaver
@ 2021-04-03  7:12 ` Mark H Weaver
  2021-04-03  7:31   ` Mark H Weaver
  2021-04-03 13:16   ` Maxime Devos
  2021-04-20 14:51 ` Ricardo Wurmus
  2 siblings, 2 replies; 10+ messages in thread
From: Mark H Weaver @ 2021-04-03  7:12 UTC (permalink / raw)
  To: 47576

Earlier, I wrote:
> Looking for references to the old 'glib' was the *first* thing I
> checked.  I haven't yet checked anything else, so I don't know how
> widespread this problem is.

I looked for other ungrafted libraries loaded on my system, and I'm glad
to report that I see no evidence of any grafting problem other than this
'ibus-daemon' issue.

The following ungrafted libraries are loaded by processes from the
mysterious old version of 'ibus' on my system: glib, cairo, and libx11.
I still have no clue where the reference to that mysterious old version
(/gnu/store/a4r6q1fbfqapy5hrrxap1yg96rjgln6q-ibus-1.5.22) is coming
from.

Are other people seeing this?  Here's an easy way to check:

--8<---------------cut here---------------start------------->8---
mhw@jojen ~$ ps axf | grep -e -ibus-
  402 tty7     Sl     0:00  |           |   \_ /gnu/store/vdc4j6c9psx8jicr5h2n8jdxsfjms3h2-ibus-1.5.22/bin/ibus-daemon --panel disable -r --xim
  407 tty7     Sl     0:00  |           |       \_ /gnu/store/a4r6q1fbfqapy5hrrxap1yg96rjgln6q-ibus-1.5.22/libexec/ibus-dconf
  450 tty7     Sl     0:00  |           |       \_ /gnu/store/a4r6q1fbfqapy5hrrxap1yg96rjgln6q-ibus-1.5.22/libexec/ibus-engine-simple
  798 tty8     Sl     0:00              |   \_ /gnu/store/vdc4j6c9psx8jicr5h2n8jdxsfjms3h2-ibus-1.5.22/bin/ibus-daemon --panel disable -r --xim
  804 tty8     Sl     0:00              |   |   \_ /gnu/store/a4r6q1fbfqapy5hrrxap1yg96rjgln6q-ibus-1.5.22/libexec/ibus-dconf
  805 tty8     Sl     0:01              |   |   \_ /gnu/store/a4r6q1fbfqapy5hrrxap1yg96rjgln6q-ibus-1.5.22/libexec/ibus-extension-gtk3
  894 tty8     Sl     0:00              |   |   \_ /gnu/store/a4r6q1fbfqapy5hrrxap1yg96rjgln6q-ibus-1.5.22/libexec/ibus-engine-simple
 2246 pts/0    S+     0:00              |   |   |   \_ grep -e -ibus-
  409 tty7     Sl     0:00 /gnu/store/vdc4j6c9psx8jicr5h2n8jdxsfjms3h2-ibus-1.5.22/libexec/ibus-x11 --kill-daemon
  808 tty8     Sl     0:00 /gnu/store/vdc4j6c9psx8jicr5h2n8jdxsfjms3h2-ibus-1.5.22/libexec/ibus-x11 --kill-daemon
--8<---------------cut here---------------end--------------->8---

If you run this command, do you also see different 'ibus' store items
used by the daemon and its subprocesses?

      Mark




^ permalink raw reply	[flat|nested] 10+ messages in thread

* bug#47576: [security] ibus-daemon launches ungrafted subprocesses
  2021-04-03  7:12 ` Mark H Weaver
@ 2021-04-03  7:31   ` Mark H Weaver
  2021-04-03 11:29     ` Julien Lepiller
  2021-04-09  9:06     ` Ludovic Courtès
  2021-04-03 13:16   ` Maxime Devos
  1 sibling, 2 replies; 10+ messages in thread
From: Mark H Weaver @ 2021-04-03  7:31 UTC (permalink / raw)
  To: 47576

I wrote:
> I still have no clue where the reference to that mysterious old version
> (/gnu/store/a4r6q1fbfqapy5hrrxap1yg96rjgln6q-ibus-1.5.22) is coming
> from.

I found them:

  ~/.cache/ibus/bus/registry
  /var/lib/gdm/.cache/ibus/bus/registry

On my system, those files include absolute pathnames to programs in
/gnu/store/a4r6q1fbfqapy5hrrxap1yg96rjgln6q-ibus-1.5.22, which I
compiled last December.

That old store item has been kept safe from GC for only one reason:
because 'ibus-daemon', along with its subprocesses, tend to be running
whenever I run "guix gc", and "guix gc" protects store items that are
currently in use by active processes.

      Mark




^ permalink raw reply	[flat|nested] 10+ messages in thread

* bug#47576: [security] ibus-daemon launches ungrafted subprocesses
  2021-04-03  7:31   ` Mark H Weaver
@ 2021-04-03 11:29     ` Julien Lepiller
  2021-04-03 21:10       ` Mark H Weaver
  2021-04-09  9:06     ` Ludovic Courtès
  1 sibling, 1 reply; 10+ messages in thread
From: Julien Lepiller @ 2021-04-03 11:29 UTC (permalink / raw)
  To: Mark H Weaver, 47576

[-- Attachment #1: Type: text/plain, Size: 1069 bytes --]

Oh! That would explain why I had so much trouble fixing/updating ibus and ibus-anthy!

We should probably fix ibus so it regenerates its cache when it's a different process. It could be as simple as using a subdirectory computed from the absolute name of the ibus binary, maybe.

Le 3 avril 2021 03:31:44 GMT-04:00, Mark H Weaver <mhw@netris.org> a écrit :
>I wrote:
>> I still have no clue where the reference to that mysterious old
>version
>> (/gnu/store/a4r6q1fbfqapy5hrrxap1yg96rjgln6q-ibus-1.5.22) is coming
>> from.
>
>I found them:
>
>  ~/.cache/ibus/bus/registry
>  /var/lib/gdm/.cache/ibus/bus/registry
>
>On my system, those files include absolute pathnames to programs in
>/gnu/store/a4r6q1fbfqapy5hrrxap1yg96rjgln6q-ibus-1.5.22, which I
>compiled last December.
>
>That old store item has been kept safe from GC for only one reason:
>because 'ibus-daemon', along with its subprocesses, tend to be running
>whenever I run "guix gc", and "guix gc" protects store items that are
>currently in use by active processes.
>
>      Mark

[-- Attachment #2: Type: text/html, Size: 1476 bytes --]

^ permalink raw reply	[flat|nested] 10+ messages in thread

* bug#47576: [security] ibus-daemon launches ungrafted subprocesses
  2021-04-03  7:12 ` Mark H Weaver
  2021-04-03  7:31   ` Mark H Weaver
@ 2021-04-03 13:16   ` Maxime Devos
  1 sibling, 0 replies; 10+ messages in thread
From: Maxime Devos @ 2021-04-03 13:16 UTC (permalink / raw)
  To: Mark H Weaver, 47576

[-- Attachment #1: Type: text/plain, Size: 1354 bytes --]

On Sat, 2021-04-03 at 03:12 -0400, Mark H Weaver wrote:
> [...]
> 
> The following ungrafted libraries are loaded by processes from the
> mysterious old version of 'ibus' on my system: glib, cairo, and libx11.
> I still have no clue where the reference to that mysterious old version
> (/gnu/store/a4r6q1fbfqapy5hrrxap1yg96rjgln6q-ibus-1.5.22) is coming
> from.
> 
> Are other people seeing this?  Here's an easy way to check:
> 
> [...]
> 
> If you run this command, do you also see different 'ibus' store items
> used by the daemon and its subprocesses?

I also see different store items:

$ ps axf | grep -e -ibus-
> 1141 tty7     Sl     0:00  |           |   \_ /gnu/store/a7lxf1i35yqil6pxwxhzvr5q3xcqldyq-ibus-1.5.22/bin/ibus-daemon --panel disable -r
--xim
> 1146 tty7     Sl     0:00  |           |       \_ /gnu/store/7m04iv3pks6m6p8czw1mj58194rnfjyy-ibus-1.5.22/libexec/ibus-dconf
> 1269 tty7     Sl     0:00  |           |       \_ /gnu/store/7m04iv3pks6m6p8czw1mj58194rnfjyy-ibus-1.5.22/libexec/ibus-engine-simple
> 1148 tty7     Sl     0:00 /gnu/store/a7lxf1i35yqil6pxwxhzvr5q3xcqldyq-ibus-1.5.22/libexec/ibus-x11 --kill-daemon
> 25649 pts/5    S+     0:00      \_ grep --color=auto -e -ibus-

FWIW, this is on MATE.  (TODO to self: investigate why GNOME Shell crashes
after a few seconds.)

Greetings,
Maxime.

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 260 bytes --]

^ permalink raw reply	[flat|nested] 10+ messages in thread

* bug#47576: [security] ibus-daemon launches ungrafted subprocesses
  2021-04-03 11:29     ` Julien Lepiller
@ 2021-04-03 21:10       ` Mark H Weaver
  0 siblings, 0 replies; 10+ messages in thread
From: Mark H Weaver @ 2021-04-03 21:10 UTC (permalink / raw)
  To: Julien Lepiller, 47576

Hi Julien,

Julien Lepiller <julien@lepiller.eu> writes:
> We should probably fix ibus so it regenerates its cache when it's a
> different process. It could be as simple as using a subdirectory
> computed from the absolute name of the ibus binary, maybe.

Would you like to try?

I won't be able to work more on this bug anytime soon, but I hope that
others will pick it up.

     Thanks,
       Mark




^ permalink raw reply	[flat|nested] 10+ messages in thread

* bug#47576: [security] ibus-daemon launches ungrafted subprocesses
  2021-04-03  7:31   ` Mark H Weaver
  2021-04-03 11:29     ` Julien Lepiller
@ 2021-04-09  9:06     ` Ludovic Courtès
  1 sibling, 0 replies; 10+ messages in thread
From: Ludovic Courtès @ 2021-04-09  9:06 UTC (permalink / raw)
  To: Mark H Weaver; +Cc: 47576

[-- Attachment #1: Type: text/plain, Size: 3296 bytes --]

Hi,

Mark H Weaver <mhw@netris.org> skribis:

> I found them:
>
>   ~/.cache/ibus/bus/registry
>   /var/lib/gdm/.cache/ibus/bus/registry
>
> On my system, those files include absolute pathnames to programs in
> /gnu/store/a4r6q1fbfqapy5hrrxap1yg96rjgln6q-ibus-1.5.22, which I
> compiled last December.

Looks like <https://issues.guix.gnu.org/22707>.

The problem seems to generally affect GLib/GNOME-ish caches.

From a quick look at ibusregistry.c & co, I think the values that end up
in the cache are taken from these XML files:

--8<---------------cut here---------------start------------->8---
$ grep /gnu/store $(find $(guix build ibus) -name \*.xml)
/gnu/store/a7lxf1i35yqil6pxwxhzvr5q3xcqldyq-ibus-1.5.22/share/ibus/component/gtkpanel.xml:	<exec>/gnu/store/a7lxf1i35yqil6pxwxhzvr5q3xcqldyq-ibus-1.5.22/libexec/ibus-ui-gtk3</exec>
/gnu/store/a7lxf1i35yqil6pxwxhzvr5q3xcqldyq-ibus-1.5.22/share/ibus/component/dconf.xml:	<exec>/gnu/store/a7lxf1i35yqil6pxwxhzvr5q3xcqldyq-ibus-1.5.22/libexec/ibus-dconf</exec>
/gnu/store/a7lxf1i35yqil6pxwxhzvr5q3xcqldyq-ibus-1.5.22/share/ibus/component/simple.xml:	<exec>/gnu/store/a7lxf1i35yqil6pxwxhzvr5q3xcqldyq-ibus-1.5.22/libexec/ibus-engine-simple</exec>
/gnu/store/a7lxf1i35yqil6pxwxhzvr5q3xcqldyq-ibus-1.5.22/share/ibus/component/gtkextension.xml:	<exec>/gnu/store/a7lxf1i35yqil6pxwxhzvr5q3xcqldyq-ibus-1.5.22/libexec/ibus-extension-gtk3</exec>
--8<---------------cut here---------------end--------------->8---

It’s the ‘components’ field of _IBusRegistryPrivate:

--8<---------------cut here---------------start------------->8---
struct _IBusRegistryPrivate {
    /* a list of IBusObservedPath objects. */
    GList *observed_paths;

    /* a list of IBusComponent objects that are created from component XML
     * files (or from the cache of them). */
    GList *components;

    gboolean changed;

    /* a mapping from GFile to GFileMonitor. */
    GHashTable *monitor_table;

    guint monitor_timeout_id;
};
--8<---------------cut here---------------end--------------->8---

The attached patch does the following:

  1. change the above <exec> file names in XML files to relative file
     names;

  2. change ibuscomponent.c to automatically prepend $libexecdir to
     <exec> items that are relative file names.

That way, XML files and thus caches should only contain relative file
names for ibus’ own executables.

The attached patch builds with:

  guix build ibus --with-patch=ibus=/tmp/ibus.patch

… but I don’t know if it actually works.  Testing welcome.  :-)

Unfortunately this strategy doesn’t help with IBus extensions:

--8<---------------cut here---------------start------------->8---
$ grep exec $(find $(guix build ibus-anthy) -name \*.xml)
/gnu/store/d3mfffz41as1blfb28m8n461j42i6zjr-ibus-anthy-1.5.9/share/ibus/component/anthy.xml:	<exec>/gnu/store/d3mfffz41as1blfb28m8n461j42i6zjr-ibus-anthy-1.5.9/libexec/ibus-engine-anthy --ibus</exec>
/gnu/store/d3mfffz41as1blfb28m8n461j42i6zjr-ibus-anthy-1.5.9/share/ibus/component/anthy.xml:	<engines exec="/gnu/store/d3mfffz41as1blfb28m8n461j42i6zjr-ibus-anthy-1.5.9/libexec/ibus-engine-anthy --xml" />
--8<---------------cut here---------------end--------------->8---

Thoughts?

Ludo’.


[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: the patch --]
[-- Type: text/x-patch, Size: 4383 bytes --]

diff --git a/conf/dconf/dconf.xml.in b/conf/dconf/dconf.xml.in
index 4205cb0..538f500 100644
--- a/conf/dconf/dconf.xml.in
+++ b/conf/dconf/dconf.xml.in
@@ -3,7 +3,7 @@
 <component>
 	<name>org.freedesktop.IBus.Config</name>
 	<description>Dconf Config Component</description>
-	<exec>@libexecdir@/ibus-dconf</exec>
+	<exec>ibus-dconf</exec>
 	<version>@VERSION@</version>
 	<author>Daiki Ueno &lt;ueno@unixuser.org&gt;</author>
 	<license>GPL</license>
diff --git a/conf/memconf/memconf.xml.in b/conf/memconf/memconf.xml.in
index d6ea690..9f51bcc 100644
--- a/conf/memconf/memconf.xml.in
+++ b/conf/memconf/memconf.xml.in
@@ -2,7 +2,7 @@
 <component>
 	<name>org.freedesktop.IBus.Config</name>
 	<description>On-memory Config Component</description>
-	<exec>@libexecdir@/ibus-memconf</exec>
+	<exec>ibus-memconf</exec>
 	<version>@VERSION@</version>
 	<author>Peng Huang &lt;shawn.p.huang@gmail.com&gt;, modified by the Chromium OS Authors</author>
 	<license>GPL</license>
diff --git a/engine/simple.xml.in b/engine/simple.xml.in
index fc1541e..47cbea1 100644
--- a/engine/simple.xml.in
+++ b/engine/simple.xml.in
@@ -2,7 +2,7 @@
 <component>
 	<name>org.freedesktop.IBus.Simple</name>
 	<description>A table based simple engine</description>
-	<exec>@libexecdir@/ibus-engine-simple</exec>
+	<exec>ibus-engine-simple</exec>
 	<version>@VERSION@</version>
 	<author>Peng Huang &lt;shawn.p.huang@gmail.com&gt;</author>
 	<license>GPL</license>
diff --git a/src/Makefile.am b/src/Makefile.am
index a8e3d07..2c461ee 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -49,6 +49,7 @@ AM_CPPFLAGS =                                           \
     @GLIB2_CFLAGS@                                      \
     @GOBJECT2_CFLAGS@                                   \
     @GIO2_CFLAGS@                                       \
+    -DLIBEXECDIR=\"$(libexecdir)\"			\
     -DIBUS_CACHE_DIR=\""$(localstatedir)/cache/ibus"\"  \
     -DIBUS_DATA_DIR=\"$(pkgdatadir)\"                   \
     -DIBUS_DISABLE_DEPRECATION_WARNINGS                 \
diff --git a/src/Makefile.in b/src/Makefile.in
index 2a9c2ab..c3dfd87 100644
--- a/src/Makefile.in
+++ b/src/Makefile.in
@@ -613,6 +613,7 @@ CLEANFILES = $(am__append_2) $(BUILT_SOURCES) stamp-ibusmarshalers.h \
 # C preprocessor flags
 AM_CPPFLAGS = -DG_LOG_DOMAIN=\"IBUS\" @GLIB2_CFLAGS@ @GOBJECT2_CFLAGS@ \
 	@GIO2_CFLAGS@ \
+	-DLIBEXECDIR=\"$(libexecdir)\" \
 	-DIBUS_CACHE_DIR=\""$(localstatedir)/cache/ibus"\" \
 	-DIBUS_DATA_DIR=\"$(pkgdatadir)\" \
 	-DIBUS_DISABLE_DEPRECATION_WARNINGS -DIBUS_COMPILATION \
diff --git a/src/ibuscomponent.c b/src/ibuscomponent.c
index 9837f47..4b55a66 100644
--- a/src/ibuscomponent.c
+++ b/src/ibuscomponent.c
@@ -614,6 +614,18 @@ ibus_component_parse_engines (IBusComponent *component,
 
     if (exec != NULL) {
         gchar *output = NULL;
+
+        if (exec[0] != '/') {
+            /* EXEC is a relative file name, so assume it's the name of an
+               executable in $libexecdir and expand it.  */
+            GString *absolute = g_string_new (LIBEXECDIR);
+            g_string_append (absolute, "/");
+            g_string_append (absolute, exec);
+
+            g_free (exec);
+            exec = g_string_free (absolute, FALSE);
+        }
+
         if (g_spawn_command_line_sync (exec, &output, NULL, NULL, NULL)) {
             engines_node = ibus_xml_parse_buffer (output);
             g_free (output);
diff --git a/ui/gtk3/gtkextension.xml.in b/ui/gtk3/gtkextension.xml.in
index b8157c9..fc945ab 100644
--- a/ui/gtk3/gtkextension.xml.in
+++ b/ui/gtk3/gtkextension.xml.in
@@ -3,7 +3,7 @@
 <component>
 	<name>org.freedesktop.IBus.Panel.Extension</name>
 	<description>Gtk Panel Extension Component</description>
-	<exec>@libexecdir@/ibus-extension-gtk3</exec>
+	<exec>ibus-extension-gtk3</exec>
 	<version>@VERSION@</version>
 	<author>Takao Fujiwara &lt;takao.fujiwara1@gmail.com&gt;</author>
 	<license>GPL</license>
diff --git a/ui/gtk3/gtkpanel.xml.in b/ui/gtk3/gtkpanel.xml.in
index b61f400..2175b93 100644
--- a/ui/gtk3/gtkpanel.xml.in
+++ b/ui/gtk3/gtkpanel.xml.in
@@ -3,7 +3,7 @@
 <component>
 	<name>org.freedesktop.IBus.Panel</name>
 	<description>Gtk Panel Component</description>
-	<exec>@libexecdir@/ibus-ui-gtk3</exec>
+	<exec>ibus-ui-gtk3</exec>
 	<version>@VERSION@</version>
 	<author>Peng Huang &lt;shawn.p.huang@gmail.com&gt;</author>
 	<license>GPL</license>

^ permalink raw reply related	[flat|nested] 10+ messages in thread

* bug#47576: [security] ibus-daemon launches ungrafted subprocesses
  2021-04-03  4:44 bug#47576: [security] ibus-daemon launches ungrafted subprocesses Mark H Weaver
  2021-04-03  4:51 ` Mark H Weaver
  2021-04-03  7:12 ` Mark H Weaver
@ 2021-04-20 14:51 ` Ricardo Wurmus
  2021-04-20 21:26   ` Ludovic Courtès
  2 siblings, 1 reply; 10+ messages in thread
From: Ricardo Wurmus @ 2021-04-20 14:51 UTC (permalink / raw)
  To: 47576

merge 47576 22707
thanks

Ludo, the patch looks good to me.  However, many ibus input 
methods are not provided by the ibus package itself, so for 
ibus-anthy or ibus-libpinyin we would need a different mechanism.

Would it make sense to introduce another environment variable 
(e.g. GUIX_IBUS_COMPONENTS_PATH) that specifies a search path on 
which components are looked up?  I feel that this partially 
defeats the purpose of having a cache, so perhaps this is 
nonsensical.

What do you think?

-- 
Ricardo




^ permalink raw reply	[flat|nested] 10+ messages in thread

* bug#47576: [security] ibus-daemon launches ungrafted subprocesses
  2021-04-20 14:51 ` Ricardo Wurmus
@ 2021-04-20 21:26   ` Ludovic Courtès
  0 siblings, 0 replies; 10+ messages in thread
From: Ludovic Courtès @ 2021-04-20 21:26 UTC (permalink / raw)
  To: Ricardo Wurmus; +Cc: 47576

[-- Attachment #1: Type: text/plain, Size: 966 bytes --]

Ricardo Wurmus <rekado@elephly.net> skribis:

> Ludo, the patch looks good to me.  However, many ibus input methods
> are not provided by the ibus package itself, so for ibus-anthy or
> ibus-libpinyin we would need a different mechanism.

Right.

> Would it make sense to introduce another environment variable
> (e.g. GUIX_IBUS_COMPONENTS_PATH) that specifies a search path on 
> which components are looked up?  I feel that this partially defeats
> the purpose of having a cache, so perhaps this is nonsensical.

That makes sense to me.

Attached is a variant of the previous patch that supports
GUIX_IBUS_COMPONENTS_DIRECTORY (not PATH because… it’s complicated).
It would be set to $HOME/.guix-profile/libexec.

We then need to modify the XML files of ibus-anthy, ibus-libpinyin,
etc. so that their <exec> tags use relative file names.

Thoughts?

Ludo’.

PS: IBus still builds with the patch, but that’s all I can say.  :-)


[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: the patch --]
[-- Type: text/x-patch, Size: 5613 bytes --]

diff --git a/conf/dconf/dconf.xml.in b/conf/dconf/dconf.xml.in
index 4205cb0..538f500 100644
--- a/conf/dconf/dconf.xml.in
+++ b/conf/dconf/dconf.xml.in
@@ -3,7 +3,7 @@
 <component>
 	<name>org.freedesktop.IBus.Config</name>
 	<description>Dconf Config Component</description>
-	<exec>@libexecdir@/ibus-dconf</exec>
+	<exec>ibus-dconf</exec>
 	<version>@VERSION@</version>
 	<author>Daiki Ueno &lt;ueno@unixuser.org&gt;</author>
 	<license>GPL</license>
diff --git a/conf/memconf/memconf.xml.in b/conf/memconf/memconf.xml.in
index d6ea690..9f51bcc 100644
--- a/conf/memconf/memconf.xml.in
+++ b/conf/memconf/memconf.xml.in
@@ -2,7 +2,7 @@
 <component>
 	<name>org.freedesktop.IBus.Config</name>
 	<description>On-memory Config Component</description>
-	<exec>@libexecdir@/ibus-memconf</exec>
+	<exec>ibus-memconf</exec>
 	<version>@VERSION@</version>
 	<author>Peng Huang &lt;shawn.p.huang@gmail.com&gt;, modified by the Chromium OS Authors</author>
 	<license>GPL</license>
diff --git a/engine/simple.xml.in b/engine/simple.xml.in
index fc1541e..47cbea1 100644
--- a/engine/simple.xml.in
+++ b/engine/simple.xml.in
@@ -2,7 +2,7 @@
 <component>
 	<name>org.freedesktop.IBus.Simple</name>
 	<description>A table based simple engine</description>
-	<exec>@libexecdir@/ibus-engine-simple</exec>
+	<exec>ibus-engine-simple</exec>
 	<version>@VERSION@</version>
 	<author>Peng Huang &lt;shawn.p.huang@gmail.com&gt;</author>
 	<license>GPL</license>
diff --git a/src/Makefile.am b/src/Makefile.am
index a8e3d07..2c461ee 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -49,6 +49,7 @@ AM_CPPFLAGS =                                           \
     @GLIB2_CFLAGS@                                      \
     @GOBJECT2_CFLAGS@                                   \
     @GIO2_CFLAGS@                                       \
+    -DLIBEXECDIR=\"$(libexecdir)\"			\
     -DIBUS_CACHE_DIR=\""$(localstatedir)/cache/ibus"\"  \
     -DIBUS_DATA_DIR=\"$(pkgdatadir)\"                   \
     -DIBUS_DISABLE_DEPRECATION_WARNINGS                 \
diff --git a/src/Makefile.in b/src/Makefile.in
index 2a9c2ab..c3dfd87 100644
--- a/src/Makefile.in
+++ b/src/Makefile.in
@@ -613,6 +613,7 @@ CLEANFILES = $(am__append_2) $(BUILT_SOURCES) stamp-ibusmarshalers.h \
 # C preprocessor flags
 AM_CPPFLAGS = -DG_LOG_DOMAIN=\"IBUS\" @GLIB2_CFLAGS@ @GOBJECT2_CFLAGS@ \
 	@GIO2_CFLAGS@ \
+	-DLIBEXECDIR=\"$(libexecdir)\" \
 	-DIBUS_CACHE_DIR=\""$(localstatedir)/cache/ibus"\" \
 	-DIBUS_DATA_DIR=\"$(pkgdatadir)\" \
 	-DIBUS_DISABLE_DEPRECATION_WARNINGS -DIBUS_COMPILATION \
diff --git a/src/ibuscomponent.c b/src/ibuscomponent.c
index 9837f47..ca875bd 100644
--- a/src/ibuscomponent.c
+++ b/src/ibuscomponent.c
@@ -613,16 +613,45 @@ ibus_component_parse_engines (IBusComponent *component,
     }
 
     if (exec != NULL) {
-        gchar *output = NULL;
-        if (g_spawn_command_line_sync (exec, &output, NULL, NULL, NULL)) {
-            engines_node = ibus_xml_parse_buffer (output);
-            g_free (output);
-
-            if (engines_node) {
-                if (g_strcmp0 (engines_node->name, "engines") == 0) {
-                    node = engines_node;
+        gint argc;
+        gchar **argv;
+
+        if (g_shell_parse_argv (exec, &argc, &argv, NULL)) {
+            gchar *output = NULL;
+            gchar *program = argv[0];
+
+            if (program[0] != '/') {
+                /* PROGRAM is a relative file name, so assume it's the name
+                   of an executable in LIBEXECDIR or
+                   $GUIX_IBUS_COMPONENTS_DIRECTORY and expand it.  */
+                const gchar *directory;
+                gchar *absolute;
+
+                directory = g_getenv ("GUIX_IBUS_COMPONENTS_DIRECTORY") ?: LIBEXECDIR;
+                absolute = g_malloc (strlen (directory) + strlen (program) + 2);
+                strcpy (absolute, directory);
+                strcat (absolute, "/");
+                strcat (absolute, program);
+
+                g_free (program);
+                argv[0] = absolute;
+            }
+
+            if (g_spawn_sync (NULL, argv, NULL,
+                              G_SPAWN_DEFAULT, NULL, NULL,
+                              &output, NULL,         /* stdout, stderr */
+                              NULL, NULL)) {
+                engines_node = ibus_xml_parse_buffer (output);
+                g_free (output);
+
+                if (engines_node) {
+                    if (g_strcmp0 (engines_node->name, "engines") == 0) {
+                        node = engines_node;
+                    }
                 }
             }
+
+            g_strfreev (argv);
         }
     }
 
diff --git a/ui/gtk3/gtkextension.xml.in b/ui/gtk3/gtkextension.xml.in
index b8157c9..fc945ab 100644
--- a/ui/gtk3/gtkextension.xml.in
+++ b/ui/gtk3/gtkextension.xml.in
@@ -3,7 +3,7 @@
 <component>
 	<name>org.freedesktop.IBus.Panel.Extension</name>
 	<description>Gtk Panel Extension Component</description>
-	<exec>@libexecdir@/ibus-extension-gtk3</exec>
+	<exec>ibus-extension-gtk3</exec>
 	<version>@VERSION@</version>
 	<author>Takao Fujiwara &lt;takao.fujiwara1@gmail.com&gt;</author>
 	<license>GPL</license>
diff --git a/ui/gtk3/gtkpanel.xml.in b/ui/gtk3/gtkpanel.xml.in
index b61f400..2175b93 100644
--- a/ui/gtk3/gtkpanel.xml.in
+++ b/ui/gtk3/gtkpanel.xml.in
@@ -3,7 +3,7 @@
 <component>
 	<name>org.freedesktop.IBus.Panel</name>
 	<description>Gtk Panel Component</description>
-	<exec>@libexecdir@/ibus-ui-gtk3</exec>
+	<exec>ibus-ui-gtk3</exec>
 	<version>@VERSION@</version>
 	<author>Peng Huang &lt;shawn.p.huang@gmail.com&gt;</author>
 	<license>GPL</license>

^ permalink raw reply related	[flat|nested] 10+ messages in thread

end of thread, other threads:[~2021-04-20 21:27 UTC | newest]

Thread overview: 10+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-04-03  4:44 bug#47576: [security] ibus-daemon launches ungrafted subprocesses Mark H Weaver
2021-04-03  4:51 ` Mark H Weaver
2021-04-03  7:12 ` Mark H Weaver
2021-04-03  7:31   ` Mark H Weaver
2021-04-03 11:29     ` Julien Lepiller
2021-04-03 21:10       ` Mark H Weaver
2021-04-09  9:06     ` Ludovic Courtès
2021-04-03 13:16   ` Maxime Devos
2021-04-20 14:51 ` Ricardo Wurmus
2021-04-20 21:26   ` Ludovic Courtès

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/guix.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).