diff options
author | psykose <alice@ayaya.dev> | 2022-10-02 16:20:58 +0000 |
---|---|---|
committer | psykose <alice@ayaya.dev> | 2022-10-02 18:38:24 +0200 |
commit | 8999388e0b95a2747fdc456ee4980bf20a68ad49 (patch) | |
tree | 0c978894f8b18ee052621832ad69754b110b8b39 | |
parent | 94f1f477c73c1f586a886a54abb4c544f9b4faa4 (diff) |
community/webkit2gtk-5.0: fix dbus socket sandboxing
-rw-r--r-- | community/webkit2gtk-5.0/APKBUILD | 7 | ||||
-rw-r--r-- | community/webkit2gtk-5.0/dbus-sandbox.patch | 16 |
2 files changed, 21 insertions, 2 deletions
diff --git a/community/webkit2gtk-5.0/APKBUILD b/community/webkit2gtk-5.0/APKBUILD index 716b19f5d2e..1425657433b 100644 --- a/community/webkit2gtk-5.0/APKBUILD +++ b/community/webkit2gtk-5.0/APKBUILD @@ -4,7 +4,7 @@ # Maintainer: knuxify <knuxify@gmail.com> pkgname=webkit2gtk-5.0 pkgver=2.38.0 -pkgrel=0 +pkgrel=1 pkgdesc="Portable web rendering engine WebKit for GTK+ - GTK4 version" url="https://webkitgtk.org/" # s390x: no desktop @@ -56,7 +56,9 @@ makedepends=" " options="!check" # upstream doesn't package them in release tarballs: Tools/Scripts/run-gtk-tests: Command not found subpackages="$pkgname-dev $pkgname-lang $pkgname-dbg" -source="https://webkitgtk.org/releases/webkitgtk-$pkgver.tar.xz" +source="https://webkitgtk.org/releases/webkitgtk-$pkgver.tar.xz + dbus-sandbox.patch + " builddir="$srcdir/webkitgtk-$pkgver" # secfixes: @@ -125,4 +127,5 @@ package() { sha512sums=" 8380d11eedec3c4eedf3a0f5591fd279ee42b28a38aaa13d7eb88f8a004cbe8aac7dc8f19409440e5c1272ad1555a781f1242bca6c89beed2dc5fd2de5f3d525 webkitgtk-2.38.0.tar.xz +4304de753de6dfca5ac7efcf7d902b14aa48a7f69841a9c493c34e419b273f832a4085ce4456ca6b5400caab220937fd9c6ef2f544d2aeb9e0d111e1943d1e33 dbus-sandbox.patch " diff --git a/community/webkit2gtk-5.0/dbus-sandbox.patch b/community/webkit2gtk-5.0/dbus-sandbox.patch new file mode 100644 index 00000000000..09782aee948 --- /dev/null +++ b/community/webkit2gtk-5.0/dbus-sandbox.patch @@ -0,0 +1,16 @@ +Patch-Source: https://gitlab.gnome.org/GNOME/epiphany/-/issues/1852#note_1565161 +--- a/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp ++++ b/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp +@@ -206,9 +206,10 @@ static void bindDBusSession(Vector<CStri + { + static std::unique_ptr<XDGDBusProxy> proxy = makeUnique<XDGDBusProxy>(XDGDBusProxy::Type::SessionBus, allowPortals); + +- if (!proxy->proxyPath().isNull() && !proxy->path().isNull()) { ++ if (!proxy->proxyPath().isNull()) { + args.appendVector(Vector<CString>({ +- "--bind", proxy->proxyPath(), proxy->path(), ++ "--bind", proxy->proxyPath(), "/run/webkitgtk/bus", ++ "--setenv", "DBUS_SESSION_BUS_ADDRESS", "unix:path=/run/webkitgtk/bus", + })); + } + } |