isa/gnome-shell
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
7298ee23e9
gnome-shell/js
History
Florian Müllner 7298ee23e9 shellDBus: Use MetaContext:unsafe-mode to restrict Eval() 
The Eval() method is unarguably the most sensitive D-Bus method
we expose, since it allows running arbitrary code in the compositor.

It is currently tied to the `development-tools` settings that is
enabled by default. As users have become accustomed to the built-in
commands that are enabled by the same setting (restart, lg, ...),
that default cannot easily be changed.

In order to restrict the method without affecting the rather harmless
commands, guard it by the new MetaContext:unsafe-mode property instead
of the setting.

https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/3943

Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1970>
2021-09-03 21:34:58 +00:00
..
dbusServices dbusServices/screencast: Handle pipeline failures gracefully 2021-06-09 15:21:35 +00:00
gdm gdm: Remove pending fingerprint verification failure 2021-04-28 17:23:01 +00:00
misc cleanup: Replace non-standard ByteArray module 2021-09-01 14:49:30 +00:00
perf perf: Add basic run tests 2020-08-12 15:43:39 +00:00
portalHelper portalHelper: Replace Soup.URI with GLib.Uri 2021-08-25 01:54:07 +02:00
ui shellDBus: Use MetaContext:unsafe-mode to restrict Eval() 2021-09-03 21:34:58 +00:00
js-resources.gresource.xml init: Set console log domain 2021-09-01 14:55:47 +00:00
meson.build
portal-resources.gresource.xml