aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorpsykose <alice@ayaya.dev>2022-10-02 16:20:58 +0000
committerpsykose <alice@ayaya.dev>2022-10-02 18:38:24 +0200
commit8999388e0b95a2747fdc456ee4980bf20a68ad49 (patch)
tree0c978894f8b18ee052621832ad69754b110b8b39
parent94f1f477c73c1f586a886a54abb4c544f9b4faa4 (diff)
community/webkit2gtk-5.0: fix dbus socket sandboxing
-rw-r--r--community/webkit2gtk-5.0/APKBUILD7
-rw-r--r--community/webkit2gtk-5.0/dbus-sandbox.patch16
2 files changed, 21 insertions, 2 deletions
diff --git a/community/webkit2gtk-5.0/APKBUILD b/community/webkit2gtk-5.0/APKBUILD
index 716b19f5d2e..1425657433b 100644
--- a/community/webkit2gtk-5.0/APKBUILD
+++ b/community/webkit2gtk-5.0/APKBUILD
@@ -4,7 +4,7 @@
# Maintainer: knuxify <knuxify@gmail.com>
pkgname=webkit2gtk-5.0
pkgver=2.38.0
-pkgrel=0
+pkgrel=1
pkgdesc="Portable web rendering engine WebKit for GTK+ - GTK4 version"
url="https://webkitgtk.org/"
# s390x: no desktop
@@ -56,7 +56,9 @@ makedepends="
"
options="!check" # upstream doesn't package them in release tarballs: Tools/Scripts/run-gtk-tests: Command not found
subpackages="$pkgname-dev $pkgname-lang $pkgname-dbg"
-source="https://webkitgtk.org/releases/webkitgtk-$pkgver.tar.xz"
+source="https://webkitgtk.org/releases/webkitgtk-$pkgver.tar.xz
+ dbus-sandbox.patch
+ "
builddir="$srcdir/webkitgtk-$pkgver"
# secfixes:
@@ -125,4 +127,5 @@ package() {
sha512sums="
8380d11eedec3c4eedf3a0f5591fd279ee42b28a38aaa13d7eb88f8a004cbe8aac7dc8f19409440e5c1272ad1555a781f1242bca6c89beed2dc5fd2de5f3d525 webkitgtk-2.38.0.tar.xz
+4304de753de6dfca5ac7efcf7d902b14aa48a7f69841a9c493c34e419b273f832a4085ce4456ca6b5400caab220937fd9c6ef2f544d2aeb9e0d111e1943d1e33 dbus-sandbox.patch
"
diff --git a/community/webkit2gtk-5.0/dbus-sandbox.patch b/community/webkit2gtk-5.0/dbus-sandbox.patch
new file mode 100644
index 00000000000..09782aee948
--- /dev/null
+++ b/community/webkit2gtk-5.0/dbus-sandbox.patch
@@ -0,0 +1,16 @@
+Patch-Source: https://gitlab.gnome.org/GNOME/epiphany/-/issues/1852#note_1565161
+--- a/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp
++++ b/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp
+@@ -206,9 +206,10 @@ static void bindDBusSession(Vector<CStri
+ {
+ static std::unique_ptr<XDGDBusProxy> proxy = makeUnique<XDGDBusProxy>(XDGDBusProxy::Type::SessionBus, allowPortals);
+
+- if (!proxy->proxyPath().isNull() && !proxy->path().isNull()) {
++ if (!proxy->proxyPath().isNull()) {
+ args.appendVector(Vector<CString>({
+- "--bind", proxy->proxyPath(), proxy->path(),
++ "--bind", proxy->proxyPath(), "/run/webkitgtk/bus",
++ "--setenv", "DBUS_SESSION_BUS_ADDRESS", "unix:path=/run/webkitgtk/bus",
+ }));
+ }
+ }