Summary: | kwin_wayland blocks TMPDIR env variable inheritance in Plasma wayland session | ||
---|---|---|---|
Product: | [Plasma] kwin | Reporter: | Ardith Metz <itgvkxsd> |
Component: | wayland-generic | Assignee: | KWin default assignee <kwin-bugs-null> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | 1i5t5.duncan, notuxius, oxalicc |
Priority: | NOR | Keywords: | wayland |
Version: | unspecified | ||
Target Milestone: | --- | ||
Platform: | Other | ||
OS: | Linux | ||
Latest Commit: | Version Fixed In: | ||
Sentry Crash Report: | |||
Attachments: | missing TZDIR breaks clock widget |
Description
Ardith Metz
2018-10-29 16:58:54 UTC
Can reproduce Operating System: KDE neon Developer Edition KDE Plasma Version: 5.14.80 Qt Version: 5.11.2 KDE Frameworks Version: 5.52.0 This is unrelated to KWin - KWin does not care about any env directories. It belongs to startup which could be ksmserver. Overall it's questionable whether we want to support env variable loading at all in Wayland as this is a security risk (at least KWin should not). (In reply to Martin Flöser from comment #2) > This is unrelated to KWin - KWin does not care about any env directories. It > belongs to startup which could be ksmserver. Thx. I asked on IRC under which component should I open this and they recommended Kwin as a roughly choice. > Overall it's questionable whether we want to support env variable loading at > all in Wayland as this is a security risk (at least KWin should not). I'm not sure what do you mean here. Ignoring /etc/profile.d, .profile, .pam_environment, .config/plasma-workspace/env? How do you setup working session without exporting env variables? How do you set correct LANG, scale dpi? Do you want to make wayland-session unconfigurable? Is the user config part of security threat scenario in wayland but not in X? In this specific case ignoring TMPDIR (which is changed from common shared dir to private user dir) make security worse not better. I've found the cause. 'kwin_ayland' binary is installed with 'CAP_SYS_NICE' file capability[1] which blocks 'TMPDIR' inheritance across the runtime chain. Removing that capability makes 'TMPDIR' correctly exported again. This was introduced in[2] and caused env variables inheritance issue already in[3]. I think the fix should be similar to the above - if TMPDIR var exist then pass it explicitly to child processes [1] https://github.com/KDE/kwin/blob/988ca97c96f11912a856f36daf5f044845044f7b/CMakeLists.txt#L702 [2] https://github.com/KDE/kwin/commit/7c8003f7f6212ccad7de652943f94d501365d30f [3] https://github.com/KDE/kwin/commit/eb69e87288d37fdb13eca32ca807ed8279f912af _This_ is why I was losing TMPDIR! So plasma wayland support is coming along well enough that I'm in the process of reconfiguring my desktop and workflow for wayland, and I've been struggling with apps behaving incorrectly. I just spent a bunch of time tracing down the misbehavior in at least one case to an unset TMPDIR, then using htop to read environments to try to figure out where it went missing. Sure enough it was kwin_wayland. I was on my way to filing a bug when I found this in my pre-file existing-bugs search. Now I know why, and I wonder how many other apps' misbehavior is tracing to this, and what other missing environment vars are laying traps for future misbehavior, as well. Thanks for tracking it down and reporting. I'd have /never/ figured out it was CAPS-related restrictions on my own! Luckily I'm on Gentoo and there's the USE=caps flag I can easily turn off for kwin until this is fixed (two years and counting already, I see). X is obviously running without realtime so it shouldn't cause any problems I'm not used to by now, and it looks to save me at least a handful and very possibly a whole slew of other problems. Created attachment 143023 [details] missing TZDIR breaks clock widget Hit this issue on NixOS, which default to have TZDIR=/etc/zoneinfo in both PAM and shell environment. But kwin_wayland dropped it due to the capability flag. This leads to all downstream processes including `plasmashell` and autostarted programs failed to find timezone data. It breaks the clock widgets, which show nothing on panel and meaningless strings and numbers in calendar. https://github.com/NixOS/nixpkgs/issues/143272 As in Plasma 5.25 with the new systemd based startup it's no longer an issue, see https://invent.kde.org/plasma/kwin/-/merge_requests/1590#note_350977 |