From e244a78fbcbba3ab116f5a62f724a8f6cd926570 Mon Sep 17 00:00:00 2001 From: James Henstridge Date: Tue, 15 Jan 2019 15:59:46 +0800 Subject: [PATCH] gio: don't use O_PATH file descriptors with OpenURI portal This change relates to https://github.com/flatpak/xdg-desktop-portal/issues/167 The OpenURI portal requires the caller to pass a file descriptor as proof of access for local files. Old versions required this file descriptor to use the O_PATH mode. However, this does not prove access since you can create O_PATH descriptors for files that you can't read. Since xdg-desktop-portal 1.0.1, regular file descriptors are also accepted with O_PATH descriptors restricted to flatpaks for the transition. --- gio/gopenuriportal.c | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/gio/gopenuriportal.c b/gio/gopenuriportal.c index 38d60bf68..b798d7cd1 100644 --- a/gio/gopenuriportal.c +++ b/gio/gopenuriportal.c @@ -31,9 +31,6 @@ #include "gunixfdlist.h" #endif -#ifndef O_PATH -#define O_PATH 0 -#endif #ifndef O_CLOEXEC #define O_CLOEXEC 0 #else @@ -107,7 +104,7 @@ g_openuri_portal_open_uri (const char *uri, path = g_file_get_path (file); - fd = g_open (path, O_PATH | O_CLOEXEC); + fd = g_open (path, O_RDONLY | O_CLOEXEC); errsv = errno; if (fd == -1) { @@ -318,7 +315,7 @@ g_openuri_portal_open_uri_async (const char *uri, g_object_set_data (G_OBJECT (task), "open-file", GINT_TO_POINTER (TRUE)); path = g_file_get_path (file); - fd = g_open (path, O_PATH | O_CLOEXEC); + fd = g_open (path, O_RDONLY | O_CLOEXEC); errsv = errno; if (fd == -1) {