mirror/flatpak
1
0
Fork 0
mirror of https://github.com/flatpak/flatpak.git synced 2026-01-23 07:08:17 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
417f3ca47ca2f620e6489b2a2cb437dbc803a37f
flatpak/common
History
Alexander Larsson 6bd603f683 persist directories: Pass using new bwrap --bind-fd option 
Instead of passing a /proc/self/fd bind mount we use --bind-fd, which
has two advantages:
 * bwrap closes the fd when used, so it doesn't leak into the started app
 * bwrap ensures that what was mounted was the passed in fd (same dev/ino),
   as there is a small (required) gap between symlink resolve and mount
   where the target path could be replaced.

Please note that this change requires an updated version of bubblewrap.

Resolves: CVE-2024-42472, GHSA-7hgv-f2j8-xw87
[smcv: Make whitespace consistent]
Co-authored-by: Simon McVittie <smcv@collabora.com>
Signed-off-by: Simon McVittie <smcv@collabora.com>
2024-08-12 19:33:33 +01:00
..
flatpak-appdata-private.h
flatpak-appdata.c
appdata: exclude <name> element inside <developer>
2024-03-12 08:31:08 -05:00
flatpak-auth-private.h
flatpak-auth.c
Add a vim modeline and .editorconfig
2022-08-22 19:48:10 -07:00
flatpak-bundle-ref.c
utils: Move remaining direct ostree dependencies to repo-utils
2024-07-09 17:12:55 -03:00
flatpak-bundle-ref.h
Add G_BEGIN_DECLS/G_END_DECLS to public headers
2021-02-12 15:58:09 +01:00
flatpak-bwrap-private.h
Always allow app to inherit redirected fds from flatpak-run(1)
2024-02-13 13:48:38 +00:00
flatpak-bwrap.c
Fix missing declaration for g_fdwalk_set_cloexec() with GLib 2.80.x
2024-03-21 20:20:15 +00:00
flatpak-chain-input-stream-private.h
flatpak-chain-input-stream.c
flatpak-common-types-private.h
Add an option to share the pid namespace with the parent flatpak
2021-01-12 09:55:23 +01:00
flatpak-context-private.h
common: Move flatpak_context_get_allowed_exports to FlatpakContext
2024-05-03 13:21:29 +01:00
flatpak-context.c
persist directories: Pass using new bwrap --bind-fd option
2024-08-12 19:33:33 +01:00
flatpak-dir-private.h
common: Break out the parts of flatpak-utils that deal with FlatpakDir
2024-07-09 17:12:55 -03:00
flatpak-dir-utils-private.h
common: Break out the parts of flatpak-utils that deal with FlatpakDir
2024-07-09 17:12:55 -03:00
flatpak-dir-utils.c
common: Break out the parts of flatpak-utils that deal with FlatpakDir
2024-07-09 17:12:55 -03:00
flatpak-dir.c
dir: Use same mechanism for get_system/user_default_base_dir_location
2024-08-03 11:12:31 -05:00
flatpak-enum-types.c.template
enum-types: Make generated files more reproducible
2022-09-07 09:21:58 +02:00
flatpak-enum-types.h.template
enum-types: Make generated files more reproducible
2022-09-07 09:21:58 +02:00
flatpak-error.c
flatpak-error.h
common: Tweak error code docs
2021-02-09 09:36:59 +01:00
flatpak-exports-private.h
common: Move flatpak_abs_usrmerged_dirs to FlatpakExports
2023-07-03 20:07:57 +02:00
flatpak-exports.c
exports: Remove unused headers
2024-05-03 13:21:29 +01:00
flatpak-glib-backports-private.h
glib-backports: Use g_ascii_string_to_unsigned if GLib is new enough
2023-05-17 11:35:44 +01:00
flatpak-glib-backports.c
glib-backports: Use g_ascii_string_to_unsigned if GLib is new enough
2023-05-17 11:35:44 +01:00
flatpak-installation-private.h
flatpak-installation.c
update: Make autopruned refs automatically removed
2024-01-07 18:51:46 -06:00
flatpak-installation.h
flatpak-installation: Fix some typos in documentation comments
2021-06-14 15:30:59 +01:00
flatpak-installed-ref-private.h
flatpak-installed-ref.c
Revert "Add support for files generated by appstreamcli compose (#5277)"
2023-02-04 12:30:15 -06:00
flatpak-installed-ref.h
Add G_BEGIN_DECLS/G_END_DECLS to public headers
2021-02-12 15:58:09 +01:00
flatpak-instance-private.h
instance: Add flatpak_instance_get_run_environ()
2023-10-27 17:09:52 +01:00
flatpak-instance.c
instance: Add flatpak_instance_get_run_environ()
2023-10-27 17:09:52 +01:00
flatpak-instance.h
Add G_BEGIN_DECLS/G_END_DECLS to public headers
2021-02-12 15:58:09 +01:00
flatpak-json-backports-private.h
common: Move json-glib backports to their own file
2023-05-17 11:35:44 +01:00
flatpak-json-oci-private.h
flatpak-json-oci.c
common: Explicitly include ostree.h where needed
2024-07-09 17:12:55 -03:00
flatpak-json-private.h
flatpak-json.c
Add a vim modeline and .editorconfig
2022-08-22 19:48:10 -07:00
flatpak-locale-utils-private.h
common: Move locale utils to their own small translation unit
2023-11-14 18:39:22 +00:00
flatpak-locale-utils.c
locale-utils: Always get system locale languages from localed
2024-03-27 14:22:45 +00:00
flatpak-metadata-private.h
common: Move metadata to its own header
2023-07-03 20:07:57 +02:00
flatpak-oci-registry-private.h
common: Break out the parts of flatpak-utils that deal with FlatpakDir
2024-07-09 17:12:55 -03:00
flatpak-oci-registry.c
repo-utils: New header for some implementation details of a repository
2024-07-09 17:12:55 -03:00
flatpak-parental-controls-private.h
flatpak-parental-controls.c
common: Use g_info() for messages that will be shown by flatpak -v
2022-12-15 16:45:35 +00:00
flatpak-portal-error.c
flatpak-portal-error.h
flatpak-progress-private.h
flatpak-progress.c
common: Use g_info() for messages that will be shown by flatpak -v
2022-12-15 16:45:35 +00:00
flatpak-prune-private.h
common: Explicitly include ostree.h where needed
2024-07-09 17:12:55 -03:00
flatpak-prune.c
prune: Include flatpak-variant-private.h before its -impl-private.h
2024-07-09 17:12:55 -03:00
flatpak-ref-utils-private.h
common: Move declaration of get_compat_arch_reverse back to -utils
2023-07-03 20:07:57 +02:00
flatpak-ref-utils.c
ref-utils: Move flatpak_get_arch_for_ref() to here
2024-07-09 17:12:55 -03:00
flatpak-ref.c
utils: Remove unnecessary flatpak-ref-utils-private.h inclusion
2024-07-09 17:12:55 -03:00
flatpak-ref.h
Add G_BEGIN_DECLS/G_END_DECLS to public headers
2021-02-12 15:58:09 +01:00
flatpak-related-ref-private.h
flatpak-related-ref.c
Add a vim modeline and .editorconfig
2022-08-22 19:48:10 -07:00
flatpak-related-ref.h
Add G_BEGIN_DECLS/G_END_DECLS to public headers
2021-02-12 15:58:09 +01:00
flatpak-remote-private.h
flatpak-remote-ref-private.h
flatpak-remote-ref.c
repo-utils: New header for some implementation details of a repository
2024-07-09 17:12:55 -03:00
flatpak-remote-ref.h
Add G_BEGIN_DECLS/G_END_DECLS to public headers
2021-02-12 15:58:09 +01:00
flatpak-remote.c
utils: Move more repository functionality to repo-utils
2024-07-09 17:12:55 -03:00
flatpak-remote.h
Add G_BEGIN_DECLS/G_END_DECLS to public headers
2021-02-12 15:58:09 +01:00
flatpak-repo-utils-private.h
utils: Move remaining direct ostree dependencies to repo-utils
2024-07-09 17:12:55 -03:00
flatpak-repo-utils.c
repo-utils: Don't take ownership of the extra data source name
2024-08-03 11:12:31 -05:00
flatpak-run-cups-private.h
common: Split up socket setup from flatpak-run into multiple files
2023-05-15 19:54:51 +01:00
flatpak-run-cups.c
common: Split up socket setup from flatpak-run into multiple files
2023-05-15 19:54:51 +01:00
flatpak-run-dbus-private.h
common: Split up socket setup from flatpak-run into multiple files
2023-05-15 19:54:51 +01:00
flatpak-run-dbus.c
flatpak-run-dbus: Allow two AT-SPI Registry signals in
2024-07-09 09:23:32 -03:00
flatpak-run-private.h
utils: Remove unnecessary flatpak-ref-utils-private.h inclusion
2024-07-09 17:12:55 -03:00
flatpak-run-pulseaudio-private.h
common: Split up socket setup from flatpak-run into multiple files
2023-05-15 19:54:51 +01:00
flatpak-run-pulseaudio.c
common: Split up socket setup from flatpak-run into multiple files
2023-05-15 19:54:51 +01:00
flatpak-run-sockets-private.h
common: add support for Wayland security context
2023-08-24 12:17:53 +02:00
flatpak-run-sockets.c
Limit the usage of WAYLAND_SOCKET to an opt-in feature
2024-02-14 19:39:50 +00:00
flatpak-run-wayland-private.h
Limit the usage of WAYLAND_SOCKET to an opt-in feature
2024-02-14 19:39:50 +00:00
flatpak-run-wayland.c
Limit the usage of WAYLAND_SOCKET to an opt-in feature
2024-02-14 19:39:50 +00:00
flatpak-run-x11-private.h
common: Split up socket setup from flatpak-run into multiple files
2023-05-15 19:54:51 +01:00
flatpak-run-x11.c
Use g_steal_fd()
2023-09-04 13:25:32 +01:00
flatpak-run.c
run: Test whether sysfs mountpoints are accessible before mounting them
2024-07-16 17:54:27 +01:00
flatpak-syscalls-private.h
common: Add a list of recently-added Linux syscalls
2021-10-08 12:53:20 +02:00
flatpak-transaction-private.h
Transaction: Ensure we download the subsummary for the arch of added refs
2021-05-19 09:49:30 +02:00
flatpak-transaction.c
repo-utils: New header for some implementation details of a repository
2024-07-09 17:12:55 -03:00
flatpak-transaction.h
transaction: Add new flatpak_transaction_add_rebase_and_uninstall() API
2023-03-30 14:54:18 +02:00
flatpak-uri-private.h
uri: Don't do scheme-based normalization with GLib 2.66.x
2022-09-06 13:20:05 +02:00
flatpak-uri.c
uri: Don't rely on g_time_zone_new_offset()
2022-09-07 09:21:19 +02:00
flatpak-utils-base-private.h
common: Add flatpak_get_tzdir() helper
2024-06-21 11:12:57 -03:00
flatpak-utils-base.c
common: Simplify tzdir logic in flatpak_get_timezone
2024-06-21 11:12:57 -03:00
flatpak-utils-http-private.h
Move all use of soup APIs into flatpak-utils-http
2022-06-16 13:49:45 +02:00
flatpak-utils-http.c
utils-http: Add transfer speed timeout for libcurl HTTP downloads
2023-09-15 12:36:25 +01:00
flatpak-utils-private.h
utils: Remove flatpak-variant-private.h, no longer necessary
2024-07-09 17:12:55 -03:00
flatpak-utils.c
utils: Move remaining direct ostree dependencies to repo-utils
2024-07-09 17:12:55 -03:00
flatpak-version-macros.h.in
flatpak-xml-utils-private.h
xml-utils: Don't expose symbols that don't need to be visble
2024-05-03 13:21:29 +01:00
flatpak-xml-utils.c
xml-utils: Don't expose symbols that don't need to be visble
2024-05-03 13:21:29 +01:00
flatpak-zstd-decompressor-private.h
flatpak-zstd-decompressor.c
flatpak.c
flatpak.h
meson.build
utils: Move OstreeRepo configuration accessors to a new translation unit
2024-07-09 17:12:55 -03:00
test-lib.c
build: Consistently include libglnx header as "libglnx.h"
2022-04-11 10:32:34 +02:00
valgrind-private.h