From: Liliana Marie Prikler <liliana.prikler@gmail.com>
To: Maxim Cournoyer <maxim.cournoyer@gmail.com>,
Jack Hill <jackhill@jackhill.us>
Cc: 53676@debbugs.gnu.org
Subject: [bug#53676] [PATCH 0/5] *** PulseAudio service improvements ***
Date: Tue, 08 Feb 2022 06:21:26 +0100 [thread overview]
Message-ID: <c94d187cfd689413c311e694ace4d62b32b0ad66.camel@gmail.com> (raw)
In-Reply-To: <87mtj2z4xe.fsf_-_@gmail.com>
Hi,
Am Montag, dem 07.02.2022 um 17:29 -0500 schrieb Maxim Cournoyer:
> Thanks for this! I wasn't aware of the history; I tried it and it
> failed the same. The following fix I attempted in webkitgtk did not
> seem to do anything:
>
> --8<---------------cut here---------------start------------->8---
> modified
> Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp
> @@ -24,6 +24,7 @@
> #include <fcntl.h>
> #include <glib.h>
> #include <seccomp.h>
> +#include <string.h>
> #include <sys/ioctl.h>
> #include <sys/mman.h>
> #include <unistd.h>
> @@ -337,7 +338,16 @@ static void bindIfExists(Vector<CString>& args,
> const char* path, BindFlags bind
> bindType = "--ro-bind-try";
> else
> bindType = "--bind-try";
> - args.appendVector(Vector<CString>({ bindType, path, path }));
> +
> + // Canonicalize the source path, otherwise a symbolic link could
> + // point to a location outside of the namespace.
> + char canonicalPath[PATH_MAX];
> + if (!realpath(path, canonicalPath)) {
> + if (strlen(path) + 1 > PATH_MAX)
> + return; // too long of a path
> + strcpy(path, canonicalPath); // no-op
> + }
> + args.appendVector(Vector<CString>({ bindType, canonicalPath,
> path }));
> }
Apart from raw char arrays and string.h looking funny (and wrong) in
C++, what is strcpy supposed to do here? Would it work if we mapped
canonicalPath to path (i.e. `ls path' in the container would be `ls
canonicalPath' under the hood)?
Cheers
next prev parent reply other threads:[~2022-02-08 5:22 UTC|newest]
Thread overview: 52+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-01 4:13 [bug#53676] [PATCH 0/5] *** PulseAudio service improvements *** Maxim Cournoyer
2022-02-01 4:19 ` [bug#53676] [PATCH 1/5] doc: Fix typo Maxim Cournoyer
2022-02-01 4:19 ` [bug#53676] [PATCH 2/5] services/sound: Normalize pulseaudio-configuration accessor names Maxim Cournoyer
2022-02-01 19:48 ` Liliana Marie Prikler
2022-02-01 20:18 ` Maxim Cournoyer
2022-02-01 21:29 ` Liliana Marie Prikler
2022-02-01 4:19 ` [bug#53676] [PATCH 3/5] gnu: pulseaudio: Graft to adjust configuration Maxim Cournoyer
2022-02-01 19:45 ` Liliana Marie Prikler
2022-02-01 20:20 ` Maxim Cournoyer
2022-02-01 21:37 ` Liliana Marie Prikler
2022-02-02 4:30 ` Maxim Cournoyer
2022-02-02 20:43 ` Liliana Marie Prikler
2022-02-06 6:30 ` [bug#53676] [PATCH 0/5] *** PulseAudio service improvements *** Maxim Cournoyer
2022-02-06 9:07 ` Liliana Marie Prikler
2022-02-24 16:31 ` Maxim Cournoyer
2022-02-24 20:26 ` Liliana Marie Prikler
2022-02-01 4:19 ` [bug#53676] [PATCH 4/5] services: pulseaudio: Add an extra-script-files configuration field Maxim Cournoyer
2022-02-01 19:56 ` Liliana Marie Prikler
2022-02-01 20:27 ` Maxim Cournoyer
2022-02-01 21:26 ` Liliana Marie Prikler
2022-02-02 3:44 ` Maxim Cournoyer
2022-02-02 20:07 ` Liliana Marie Prikler
2022-02-06 7:25 ` Maxim Cournoyer
2022-02-06 8:02 ` Liliana Marie Prikler
2022-02-24 16:25 ` Maxim Cournoyer
2022-02-01 4:19 ` [bug#53676] [PATCH 5/5] services: pulseaudio: Deploy the configuration files to /etc/pulse Maxim Cournoyer
2022-02-01 19:43 ` Liliana Marie Prikler
2022-02-02 22:43 ` Jack Hill
2022-02-07 22:29 ` [bug#53676] [PATCH 0/5] *** PulseAudio service improvements *** Maxim Cournoyer
2022-02-08 5:21 ` Liliana Marie Prikler [this message]
2022-02-08 14:25 ` Maxim Cournoyer
2022-02-08 19:31 ` Liliana Marie Prikler
2022-02-08 14:29 ` Maxim Cournoyer
2022-02-08 10:12 ` Maxime Devos
2022-02-08 14:27 ` Maxim Cournoyer
2022-02-24 16:36 ` Maxim Cournoyer
2022-02-24 14:42 ` [bug#53676] [PATCH 5/5] services: pulseaudio: Deploy the configuration files to /etc/pulse Maxim Cournoyer
2022-02-01 19:49 ` [bug#53676] [PATCH 1/5] doc: Fix typo Liliana Marie Prikler
2022-02-01 4:24 ` [bug#53676] [PATCH 0/5] *** PulseAudio service improvements *** Leo Famulari
2022-02-01 20:15 ` Maxim Cournoyer
2022-02-24 16:38 ` [bug#53676] [PATCH v2 1/4] services/sound: Normalize pulseaudio-configuration accessor names Maxim Cournoyer
2022-02-24 16:38 ` [bug#53676] [PATCH v2 2/4] gnu: pulseaudio: Graft to adjust configuration Maxim Cournoyer
2022-02-24 19:47 ` Liliana Marie Prikler
2022-02-24 22:00 ` Maxim Cournoyer
2022-02-25 5:20 ` Liliana Marie Prikler
2022-02-26 6:21 ` Maxim Cournoyer
2022-02-26 13:19 ` Liliana Marie Prikler
2022-02-26 14:14 ` bug#53676: " Maxim Cournoyer
2022-02-24 16:38 ` [bug#53676] [PATCH v2 3/4] services: pulseaudio: Add an extra-script-files configuration field Maxim Cournoyer
2022-02-24 18:53 ` Maxime Devos
2022-02-24 22:20 ` Maxim Cournoyer
2022-02-24 16:38 ` [bug#53676] [PATCH v2 4/4] services: pulseaudio: Deploy the configuration files to /etc/pulse Maxim Cournoyer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=c94d187cfd689413c311e694ace4d62b32b0ad66.camel@gmail.com \
--to=liliana.prikler@gmail.com \
--cc=53676@debbugs.gnu.org \
--cc=jackhill@jackhill.us \
--cc=maxim.cournoyer@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.