From 02c64c25d241f79404a9807291f2dd334a9c05ce Mon Sep 17 00:00:00 2001
From: Colin Walters <walters@verbum.org>
Date: Wed, 23 Sep 2015 14:07:21 -0400
Subject: [PATCH] libgirepository: Refuse to run in setuid applications

We know of at least one privilege escalation path via
`GI_TYPELIB_PATH`.  I don't want to audit for others.  If someone
shows up with a use case we can talk.

https://bugzilla.gnome.org/show_bug.cgi?id=755472
---
 girepository.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/girepository.c b/girepository.c
index 4723c951f..97074a8ce 100644
--- a/girepository.c
+++ b/girepository.c
@@ -27,6 +27,10 @@
 #include <string.h>
 #include <stdlib.h>
 
+#ifdef HAVE_GETAUXVAL
+#include <sys/auxv.h>
+#endif
+
 #include <glib.h>
 #include <glib/gprintf.h>
 #include <gmodule.h>
@@ -147,6 +151,14 @@ init_globals (void)
   if (!g_once_init_enter (&initialized))
     return;
 
+#ifdef HAVE_GETAUXVAL
+  if (getauxval (AT_SECURE))
+    {
+      g_printerr ("error: libgirepository.so (gobject-introspection) is not audited for use in setuid applications\nSee https://bugzilla.gnome.org/show_bug.cgi?id=755472\n");
+      _exit (1);
+    }
+#endif
+
   if (default_repository == NULL)
     default_repository = g_object_new (G_TYPE_IREPOSITORY, NULL);