mirror/flatpak
1
0
Fork 0
mirror of https://github.com/flatpak/flatpak.git synced 2026-03-06 16:20:58 -05:00
Code Issues Packages Projects Releases Wiki Activity

run: Pass environment variables via bwrap --setenv when running ldconfig

Browse Source 
This means we can systematically pass the environment variables
through bwrap(1), even if it is setuid and thus is filtering out
security-sensitive environment variables. bwrap ends up being
run with an empty environment instead.

This did not regress in 6d1773d "run: Convert all environment variables
into bwrap arguments", because the LD_LIBRARY_PATH special case in
flatpak_run_add_environment_args() was already not used here; but it's
a bug fix along the same lines as fixing the regression.

Signed-off-by: Simon McVittie <smcv@collabora.com>
This commit is contained in:
Simon McVittie
2021-01-18 17:53:31 +00:00
committed by Alexander Larsson
parent fb473cad80
commit baa5affb5e
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
common/flatpak-run.c
View File

@@ -3437,6 +3437,7 @@ regenerate_ld_cache (GPtrArray *base_argv_array,
"--dev", "/dev",
"--bind", flatpak_file_get_path_cached (ld_so_dir), "/run/ld-so-cache-dir",
NULL);
flatpak_bwrap_envp_to_args (bwrap);
if (!flatpak_bwrap_bundle_args (bwrap, 1, -1, FALSE, error))
return -1;