Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

flatpak-spawn: don't use locale conversion for env and sandbox-expose #65

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
+6 −4
Open

flatpak-spawn: don't use locale conversion for env and sandbox-expose #65

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
2d1cfb4
flatpak-spawn: don't use locale conversion for env and sandbox-expose
2-www Apr 26, 2023
bf340a1
flatpak-spawn: fix flags
2-www Apr 26, 2023
4935555
flatpak-spawn: explain the FILENAME flag
2-www Apr 26, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 6 additions & 4 deletions src/flatpak-spawn.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -796,14 +796,16 @@ main (int argc,
{ "watch-bus", 0, 0, G_OPTION_ARG_NONE, &opt_watch_bus, "Make the spawned command exit if we do", NULL },
{ "expose-pids", 0, 0, G_OPTION_ARG_NONE, &opt_expose_pids, "Expose sandbox pid in calling sandbox", NULL },
{ "share-pids", 0, 0, G_OPTION_ARG_NONE, &opt_share_pids, "Use same pid namespace as calling sandbox", NULL },
{ "env", 0, 0, G_OPTION_ARG_CALLBACK, &opt_env_cb, "Set environment variable", "VAR=VALUE" },
{ "unset-env", 0, 0, G_OPTION_ARG_CALLBACK, &opt_unset_env_cb, "Unset environment variable", "VAR=VALUE" },
// G_OPTION_FLAG_FILENAME is what we use to tell glib to treat the argument as an opaque string rather than try to convert it between locales
// see https://gitlab.gnome.org/GNOME/glib/-/blob/68ad8334b6c3ec51f9c3630123a54e9c79ed06a1/glib/goption.c#L1439
{ "env", 0, G_OPTION_FLAG_FILENAME, G_OPTION_ARG_CALLBACK, &opt_env_cb, "Set environment variable", "VAR=VALUE" },
{ "unset-env", 0, G_OPTION_FLAG_FILENAME, G_OPTION_ARG_CALLBACK, &opt_unset_env_cb, "Unset environment variable", "VAR=VALUE" },
Comment on lines +801 to +802
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

At least you would want to add a comment explaining why you use the FILENAME flag, because otherwise somebody is going to come along and "fix" it because it doesn't look like a filename.

{ "env-fd", 0, 0, G_OPTION_ARG_CALLBACK, &option_env_fd_cb, "Read environment variables in env -0 format from FD", "FD" },
{ "latest-version", 0, 0, G_OPTION_ARG_NONE, &opt_latest_version, "Run latest version", NULL },
{ "sandbox", 0, 0, G_OPTION_ARG_NONE, &opt_sandbox, "Run sandboxed", NULL },
{ "no-network", 0, 0, G_OPTION_ARG_NONE, &opt_no_network, "Run without network access", NULL },
{ "sandbox-expose", 0, 0, G_OPTION_ARG_STRING_ARRAY, &opt_sandbox_expose, "Expose access to named file", "NAME" },
{ "sandbox-expose-ro", 0, 0, G_OPTION_ARG_STRING_ARRAY, &opt_sandbox_expose_ro, "Expose readonly access to named file", "NAME" },
{ "sandbox-expose", 0, 0, G_OPTION_ARG_FILENAME_ARRAY, &opt_sandbox_expose, "Expose access to named file", "NAME" },
{ "sandbox-expose-ro", 0, 0, G_OPTION_ARG_FILENAME_ARRAY, &opt_sandbox_expose_ro, "Expose readonly access to named file", "NAME" },
{ "sandbox-expose-path", 0, 0, G_OPTION_ARG_FILENAME_ARRAY, &opt_sandbox_expose_path, "Expose access to path", "PATH" },
{ "sandbox-expose-path-ro", 0, 0, G_OPTION_ARG_FILENAME_ARRAY, &opt_sandbox_expose_path_ro, "Expose readonly access to path", "PATH" },
{ "sandbox-expose-path-try", 0, 0, G_OPTION_ARG_FILENAME_ARRAY, &opt_sandbox_expose_path_try, "Expose access to path if it exists", "PATH" },
Expand Down