After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 662220 - would like way to whitelist plugins
would like way to whitelist plugins
Status: RESOLVED FIXED
Product: gnome-settings-daemon
Classification: Core
Component: plugins
unspecified
Other Linux
: Normal normal
: ---
Assigned To: gnome-settings-daemon-maint
gnome-settings-daemon-maint
Depends on:
Blocks:
 
 
Reported: 2011-10-19 17:03 UTC by Ray Strode [halfline]
Modified: 2012-11-15 18:03 UTC
See Also:
GNOME target: 3.8
GNOME version: ---


Attachments
main: Add settings key to whitelist plugins (4.20 KB, patch)
2012-11-13 10:47 UTC, Bastien Nocera
committed Details | Review
data: use new g-s-d's plugin whitelist (5.43 KB, patch)
2012-11-13 22:33 UTC, Ray Strode [halfline]
committed Details | Review

Description Ray Strode [halfline] 2011-10-19 17:03:15 UTC
gdm only starts a subset of the gnome-settings-daemon plugins.  Right now we have a hard coded list, but if g-s-d gains a new one it will get started "automatically" without getting vetted for the login screen first.

It would be good if there was a whitelist gsettings key that can optionally limit the list of plugins to a pre-defined subset of the available ones.
Comment 1 Bastien Nocera 2011-10-19 17:05:44 UTC
Agreed.
Comment 2 Josselin Mouette 2011-10-20 21:36:27 UTC
Alternatively plugins could register themselves as “safe” (meaning safe to run as anonymous user), and a single boolean key could exclude all “unsafe“ plugins at once.
Comment 3 Bastien Nocera 2012-11-13 10:47:17 UTC
Created attachment 228869 [details] [review]
main: Add settings key to whitelist plugins

Rather than having gdm load all the new plugins by default,
especially when gnome-settings-daemon gets updated and gdm doesn't,
keep a list of whitelisted plugins. Only those can be enabled, others
will be unknown and ignored.

By default, all plugins are whitelisted.
Comment 4 Bastien Nocera 2012-11-13 10:50:38 UTC
(note, not run-time tested)
Comment 5 Ray Strode [halfline] 2012-11-13 17:40:20 UTC
Review of attachment 228869 [details] [review]:

Looks good.  Will do some testing and report back.

::: gnome-settings-daemon/gnome-settings-manager.c
@@ +208,3 @@
+	if (whitelist == NULL ||
+	    whitelist[0] == NULL ||
+	    g_strcmp0 (whitelist[0], "all") == 0)

can just use strcmp here since you already check for NULL. Alternatively, can drop the whitelist[0] check for NULL

@@ +409,1 @@
 

So this definitely won't work for changes at runtime.  I guess that's actually a good thing though.  We don't want to start loading a new plugin in an existing process when the old version of the plugin hasn't been made "safe" yet.
Comment 6 Bastien Nocera 2012-11-13 17:42:37 UTC
(In reply to comment #5)
> Review of attachment 228869 [details] [review]:
> 
> Looks good.  Will do some testing and report back.
> 
> ::: gnome-settings-daemon/gnome-settings-manager.c
> @@ +208,3 @@
> +    if (whitelist == NULL ||
> +        whitelist[0] == NULL ||
> +        g_strcmp0 (whitelist[0], "all") == 0)
> 
> can just use strcmp here since you already check for NULL. Alternatively, can
> drop the whitelist[0] check for NULL

Noted.

> So this definitely won't work for changes at runtime.  I guess that's actually
> a good thing though.  We don't want to start loading a new plugin in an
> existing process when the old version of the plugin hasn't been made "safe"
> yet.

Yep. As documented in the schema. I don't think it makes any sort of sense otherwise.
Comment 7 Ray Strode [halfline] 2012-11-13 19:20:54 UTC
Also, you inserted a bunch of tabs into a file that's using spaces.

Tested things, though, and after I spell whitelisted right (ahem) it works great!

thanks, much
Comment 8 Ray Strode [halfline] 2012-11-13 22:33:30 UTC
Created attachment 228938 [details] [review]
data: use new g-s-d's plugin whitelist

GDM tries to manually turn off unvetted or unwanted
gnome-settings-daemon plugins explicitly.  This requires
close coordination between gdm and gnome-settings-daemon to
make sure the lists down get out of sync.

gnome-settings-daemon now supports having an explicit whitelist,
which is a much more robust way to handle our needs.

This commit changes GDM's dconf configuration to use the new whitelist
setting, instead of expliciting turning off each unwanted plugin.
Comment 9 Ray Strode [halfline] 2012-11-13 22:34:09 UTC
(i've put the GDM half as attachment 228938 [details] [review] for safe keeping here until the settings-daemon stuff lands)
Comment 10 Bastien Nocera 2012-11-14 09:51:18 UTC
Attachment 228869 [details] pushed as 1dc03f2 - main: Add settings key to whitelist plugins
Comment 11 Ray Strode [halfline] 2012-11-15 18:03:40 UTC
Comment on attachment 228938 [details] [review]
data: use new g-s-d's plugin whitelist

Attachment 228938 [details] pushed as 4571d48 - data: use new g-s-d's plugin whitelist