Le Wed, Nov 08, 2023 at 02:20:22PM +0000, Klemens Nanni a écrit :
> On Wed, Nov 08, 2023 at 03:11:33PM +0100, Landry Breuil wrote:
> > Le Wed, Nov 08, 2023 at 02:56:53PM +0100, Landry Breuil a écrit :
> > > if you want to go down that road, barring any glib madness about various
> > > ~/.cache or .local stuff, upower itself should only need wc on
> > > /var/db/upower/
> >
> > bah, spoke too fast, it also needs var/run/dbus to talk to the
> > systemwide dbus daemon:
> >
> > + if (unveil("/", "r") == -1)
> > + err(1, "unveil /");
> > + if (unveil("/var/run/dbus/", "rw") == -1)
> > + err(1, "unveil /var/run/dbus");
> > + if (unveil("/var/db/upower", "rwc") == -1)
> > + err(1, "unveil /var/db/upower");
> > + if (unveil(NULL, NULL) == -1)
> > + err(1, "unveil NULL");
> >
> > with that it seems to work here.
>
> I welcome this direction, but haven't gone through the code yet wrt.
> read/write/create file access -- not as easy as hunting for x bits,
> as you also demonstrated.
>
> If consense is to use unveil() here, I'd be happy to start with a diff
> like mine and iterate.
we're not the first ones to go this way :)
https://gitlab.freedesktop.org/upower/upower/-/blob/master/src/upower.service.in?ref_type=heads#L11
im pretty confident that rwc on /var/db/upower + rw on /var/run/dbus
should be enough for regular use.
we create /var/db/upower in the package, the code tries to recreate
it/set modes in
https://gitlab.freedesktop.org/upower/upower/-/blob/master/src/up-history.c?ref_type=heads#L413
and then the history files are written/overwritten/created as needed in
https://gitlab.freedesktop.org/upower/upower/-/blob/master/src/up-history.c?ref_type=heads#L545
it might be possible to tighten the unveil by calling it later on but
for now it seems better than nothing.
