environment: Disallow all GDK backends

There is only a very limited subset of GTK that is usable from
within the compositor, and by now we should have replacements
for all of them in place.

On the other hands there is plenty that can go catastrophically
wrong in the rest. In particular on wayland, GTK must never open
a wayland display connection.

Make sure that extensions don't do anything silly, by disallowing
all GDK backends.

Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/2680>
This commit is contained in:
Florian Müllner 2023-03-06 16:06:33 +01:00
parent e702641f41
commit 7a1b8f82e0

View File

@ -9,6 +9,7 @@ imports.gi.versions.Atspi = '2.0';
imports.gi.versions.Clutter = Config.LIBMUTTER_API_VERSION; imports.gi.versions.Clutter = Config.LIBMUTTER_API_VERSION;
imports.gi.versions.Cogl = Config.LIBMUTTER_API_VERSION; imports.gi.versions.Cogl = Config.LIBMUTTER_API_VERSION;
imports.gi.versions.Gcr = '4'; imports.gi.versions.Gcr = '4';
imports.gi.versions.Gdk = '4.0';
imports.gi.versions.Gdm = '1.0'; imports.gi.versions.Gdm = '1.0';
imports.gi.versions.Geoclue = '2.0'; imports.gi.versions.Geoclue = '2.0';
imports.gi.versions.Gio = '2.0'; imports.gi.versions.Gio = '2.0';
@ -42,7 +43,7 @@ try {
_injectSoup3Compat(Soup); _injectSoup3Compat(Soup);
} }
const { Clutter, Gio, GLib, GObject, Meta, Polkit, Shell, St } = imports.gi; const {Clutter, Gdk, Gio, GLib, GObject, Meta, Polkit, Shell, St} = imports.gi;
const Gettext = imports.gettext; const Gettext = imports.gettext;
const System = imports.system; const System = imports.system;
const SignalTracker = imports.misc.signalTracker; const SignalTracker = imports.misc.signalTracker;
@ -453,6 +454,9 @@ function init() {
Math.clamp = function (x, lower, upper) { Math.clamp = function (x, lower, upper) {
return Math.min(Math.max(x, lower), upper); return Math.min(Math.max(x, lower), upper);
}; };
// Prevent extensions from opening a display connection to ourselves
Gdk.set_allowed_backends('');
} }
// adjustAnimationTime: // adjustAnimationTime: