diff options
| author | Alexander Larsson <alexl@redhat.com> | 2018-11-12 11:30:53 +0100 |
|---|---|---|
| committer | Alexander Larsson <alexander.larsson@gmail.com> | 2018-11-12 15:38:05 +0100 |
| commit | 787aae0c838a9714c31eab4e5b4133a01257bdf4 (patch) | |
| tree | 0c49a3cc948f42f64318d922c5e5749b2c341375 | |
| parent | 613fcfee5cbe9f40e3cbe35d3f8057b88d0a35fc (diff) | |
| download | flatpak-787aae0c838a9714c31eab4e5b4133a01257bdf4.tar.gz | |
Make per-app generated files read-only
We generate various configuration files for each sandbox instance,
and expose them to the sandbox using flatpak_bwrap_add_args_data,
which in the end passed --bind-data to bwrap. These files are not
sensitive or shared, but it still doesn't really make sense for
the sandbox to allow them to be modified, so lets switch them
to --ro-bind-data.
This affects these files in the sandbox:
$HOME/.var/app/$APPID/config/user-dirs.dirs
/etc/group
/etc/ld.so.conf
/etc/passwd
/etc/pkcs11/modules/p11-kit-trust.module
/etc/pkcs11/pkcs11.conf
/etc/timezone
/run/flatpak/ld.so.conf.d/*.conf
/run/user/$UID/pulse/config
/run/user/$UID/Xauthority
(cherry picked from commit a71f6ef13b95404d29a76ca1e4d3f4c40ec4e39b)
| -rw-r--r-- | common/flatpak-bwrap.c | 2 | ||||
| -rw-r--r-- | common/flatpak-run.c | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/common/flatpak-bwrap.c b/common/flatpak-bwrap.c index fb912515..826fd621 100644 --- a/common/flatpak-bwrap.c +++ b/common/flatpak-bwrap.c @@ -245,7 +245,7 @@ flatpak_bwrap_add_args_data (FlatpakBwrap *bwrap, if (!flatpak_buffer_to_sealed_memfd_or_tmpfile (&args_tmpf, name, content, content_size, error)) return FALSE; - flatpak_bwrap_add_args_data_fd (bwrap, "--bind-data", glnx_steal_fd (&args_tmpf.fd), path); + flatpak_bwrap_add_args_data_fd (bwrap, "--ro-bind-data", glnx_steal_fd (&args_tmpf.fd), path); return TRUE; } diff --git a/common/flatpak-run.c b/common/flatpak-run.c index 04b7c800..8b660997 100644 --- a/common/flatpak-run.c +++ b/common/flatpak-run.c @@ -207,7 +207,7 @@ flatpak_run_add_x11_args (FlatpakBwrap *bwrap, g_autofree char *dest = g_strdup_printf ("/run/user/%d/Xauthority", getuid ()); write_xauth (d, output); - flatpak_bwrap_add_args_data_fd (bwrap, "--bind-data", tmp_fd, dest); + flatpak_bwrap_add_args_data_fd (bwrap, "--ro-bind-data", tmp_fd, dest); flatpak_bwrap_set_env (bwrap, "XAUTHORITY", dest, TRUE); } |