mirror/flatpak
1
0
Fork 0
mirror of https://github.com/flatpak/flatpak.git synced 2026-04-03 23:04:49 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
dcd24941c7087c5f7e8033abe50b178ac02a34af
flatpak/common
History
Simon McVittie dcd24941c7 run: Convert all environment variables into bwrap arguments 
This avoids some of them being filtered out by a setuid bwrap. It also
means that if they came from an untrusted source, they cannot be used
to inject arbitrary code into a non-setuid bwrap via mechanisms like
LD_PRELOAD.

Because they get bundled into a memfd or temporary file, they do not
actually appear in argv, ensuring that they remain inaccessible to
processes running under a different uid (which is important if their
values are tokens or other secrets).

Signed-off-by: Simon McVittie <smcv@collabora.com>
Part-of: https://github.com/flatpak/flatpak/security/advisories/GHSA-4ppf-fxf6-vxg2
2021-01-14 09:33:24 +01:00
..
flatpak-appdata-private.h
flatpak-appdata: Add support for extracting app content ratings
2019-10-03 10:42:04 +02:00
flatpak-appdata.c
appdata: Fix leak of id string.
2019-12-19 16:52:58 +01:00
flatpak-auth-private.h
authenticator: Fix sandboxed authenticators
2019-12-19 10:33:21 +01:00
flatpak-auth.c
By default, always try to auth to OCI remotes
2020-05-04 16:32:22 +02:00
flatpak-bundle-ref.c
Remove extra newlines in variable definiton blocks
2019-02-25 18:12:30 +00:00
flatpak-bundle-ref.h
Merge lib/* into common
2018-05-24 11:59:52 +00:00
flatpak-bwrap-private.h
run: Convert all environment variables into bwrap arguments
2021-01-14 09:33:24 +01:00
flatpak-bwrap.c
run: Convert all environment variables into bwrap arguments
2021-01-14 09:33:24 +01:00
flatpak-chain-input-stream-private.h
Don't use deprecated g_type_class_add_private API
2019-09-19 16:53:11 +00:00
flatpak-chain-input-stream.c
Don't use deprecated g_type_class_add_private API
2019-09-19 16:53:11 +00:00
flatpak-common-types-private.h
flatpak run: Add --parent-pid=$pid --parent-expose-pids
2019-11-27 14:21:25 +01:00
flatpak-context-private.h
Add --device=shm permission
2020-01-17 11:47:04 +01:00
flatpak-context.c
exports: Add host-etc and host-os keywords
2020-02-14 15:41:59 +01:00
flatpak-dir-private.h
dir: Change find_remote_auto_install_refs to get_remote_auto_install_authenticator_ref
2020-06-22 10:51:36 +02:00
flatpak-dir.c
dir: Fix caching of summary files
2020-11-17 13:19:50 +01:00
flatpak-enum-types.c.template
Merge lib/* into common
2018-05-24 11:59:52 +00:00
flatpak-enum-types.h.template
Merge lib/* into common
2018-05-24 11:59:52 +00:00
flatpak-error.c
Run uncrustify
2019-02-25 18:12:30 +00:00
flatpak-error.h
Add AUTHENTICATION_FAILED and NOT_AUTHORIZED error codes
2020-06-09 14:52:00 +02:00
flatpak-exports-private.h
exports: Add host-etc and host-os keywords
2020-02-14 15:41:59 +01:00
flatpak-exports.c
exports: Try harder to export usrmerge symlinks as symlinks
2020-08-21 13:14:16 +02:00
flatpak-installation-private.h
Export (private) flatpak_installation_get_dir()
2019-10-02 14:57:11 +02:00
flatpak-installation.c
portal: Add SpawnStarted and notify-start
2020-06-09 13:51:02 +02:00
flatpak-installation.h
installation: Formally deprecate deprecated methods
2020-03-25 12:56:56 +00:00
flatpak-installed-ref-private.h
flatpak-installed-ref: Add support for storing app content ratings
2019-10-03 10:42:04 +02:00
flatpak-installed-ref.c
Drop xa.sideload-collection remote option in favour of regular collection-id
2020-03-23 17:58:04 +01:00
flatpak-installed-ref.h
flatpak-installed-ref: Add support for storing app content ratings
2019-10-03 10:42:04 +02:00
flatpak-instance-private.h
Clean up duplicated instance collection code
2020-06-05 16:36:13 +02:00
flatpak-instance.c
Clean up duplicated instance collection code
2020-06-05 16:36:13 +02:00
flatpak-instance.h
Run uncrustify
2019-02-25 18:12:30 +00:00
flatpak-json-oci-private.h
oci: Add helpers to parse OCI delta index and manifest
2020-06-05 09:35:30 +02:00
flatpak-json-oci.c
OCI: Also look for the docker media type when looking manifests
2020-06-11 15:57:39 +02:00
flatpak-json-private.h
Cache the downloaded registry index in compressed form
2018-08-09 12:49:36 +00:00
flatpak-json.c
common: Don't shadow parameter variables
2020-03-16 09:29:31 +01:00
flatpak-oci-registry-private.h
oci: Handle io.github.containers.DeltaUrl in index
2020-06-05 09:35:30 +02:00
flatpak-oci-registry.c
OCI: extract appstream data for runtimes
2020-11-17 13:19:50 +01:00
flatpak-parental-controls-private.h
dir: Support filtering app installs/upgrades by user’s OARS settings
2019-10-03 10:42:04 +02:00
flatpak-parental-controls.c
parental-controls: fix read of uninitialized variable
2019-11-08 00:30:44 +09:00
flatpak-portal-error.c
common: Move flatpak-portal-error.[ch] back to common code
2018-04-26 07:41:17 +00:00
flatpak-portal-error.h
doc: Document FlatpakPortalError
2019-12-01 14:04:59 -05:00
flatpak-progress-private.h
FlatpakProgress: Clean up APIs for handling extra data
2020-03-27 17:23:13 +01:00
flatpak-progress.c
Fix extra-data progress reporting
2020-11-17 13:19:50 +01:00
flatpak-ref.c
ref: Fix a memory leak
2019-06-14 22:44:27 +00:00
flatpak-ref.h
Merge lib/* into common
2018-05-24 11:59:52 +00:00
flatpak-related-ref-private.h
Drop more collection_id use
2020-03-23 17:58:04 +01:00
flatpak-related-ref.c
Drop more collection_id use
2020-03-23 17:58:04 +01:00
flatpak-related-ref.h
Run uncrustify
2018-07-08 10:05:37 +00:00
flatpak-remote-private.h
lib: Only support FLATPAK_REMOTE_TYPE_STATIC remote types
2020-03-25 08:52:28 +01:00
flatpak-remote-ref-private.h
Drop xa.sideload-collection remote option in favour of regular collection-id
2020-03-23 17:58:04 +01:00
flatpak-remote-ref.c
dir: Add flatpak_remote_state_load_data() function
2020-03-24 16:15:23 +01:00
flatpak-remote-ref.h
Merge lib/* into common
2018-05-24 11:59:52 +00:00
flatpak-remote.c
lib: Only support FLATPAK_REMOTE_TYPE_STATIC remote types
2020-03-25 08:52:28 +01:00
flatpak-remote.h
lib Add flatpak_remote_new_from_file() to add remotes from flatpakrefs
2019-05-09 12:39:36 +00:00
flatpak-run-private.h
run: Add --instance-id-fd
2020-06-09 13:51:02 +02:00
flatpak-run.c
run: Convert all environment variables into bwrap arguments
2021-01-14 09:33:24 +01:00
flatpak-transaction-private.h
transaction: Change from installation_create_transaction() to transaction_new_for_installation()
2018-05-29 16:37:21 +02:00
flatpak-transaction.c
transaction: Don't crash on invalid ref names
2020-11-17 13:19:50 +01:00
flatpak-transaction.h
transaction: Add install-authenticator signal
2020-06-22 10:51:36 +02:00
flatpak-utils-base-private.h
common: Add a backport of G_DBUS_METHOD_INVOCATION_HANDLED
2021-01-14 09:33:24 +01:00
flatpak-utils-base.c
run: Always expose host /usr/share/zoneinfo (if possible)
2020-06-23 09:37:30 +02:00
flatpak-utils-http-private.h
Add content_type output to flatpak_load_uri()
2020-06-05 09:35:30 +02:00
flatpak-utils-http.c
Remove should-retry debug spew
2020-11-17 13:19:50 +01:00
flatpak-utils-private.h
Properly validate configured collection IDs
2020-08-21 13:14:16 +02:00
flatpak-utils.c
Properly validate configured collection IDs
2020-08-21 13:14:16 +02:00
flatpak-version-macros.h.in
doc: Fix a duplicate section
2019-12-02 07:45:51 -05:00
flatpak-zstd-decompressor-private.h
Add FlatpakZstdDecompressor converter (and libzstd dep)
2020-06-05 09:35:30 +02:00
flatpak-zstd-decompressor.c
oci: Make libzstd optional (and disable OCI deltas if not there)
2020-06-05 09:35:30 +02:00
flatpak.c
Merge lib/* into common
2018-05-24 11:59:52 +00:00
flatpak.h
Make FlatpakInstance api public
2018-10-08 08:36:23 +00:00
Makefile.am.inc
oci: Make libzstd optional (and disable OCI deltas if not there)
2020-06-05 09:35:30 +02:00
test-lib.c
installation: Formally deprecate deprecated methods
2020-03-25 12:56:56 +00:00
valgrind-private.h
Fix misspellings
2019-04-08 12:50:42 +00:00