From c8fa5e7299940792a1c4f5255150a4ce8aac7c54 Mon Sep 17 00:00:00 2001 From: Alexander Kanavin Date: Tue, 1 May 2018 21:06:44 +0300 Subject: gtk+: do not look into $HOME when looking for modules Signed-off-by: Alexander Kanavin Signed-off-by: Ross Burton --- ...ok-into-HOME-when-looking-for-gtk-modules.patch | 29 ++++++++++++++++++++++ meta/recipes-gnome/gtk+/gtk+_2.24.32.bb | 3 ++- 2 files changed, 31 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-gnome/gtk+/gtk+/0001-Do-not-look-into-HOME-when-looking-for-gtk-modules.patch (limited to 'meta/recipes-gnome') diff --git a/meta/recipes-gnome/gtk+/gtk+/0001-Do-not-look-into-HOME-when-looking-for-gtk-modules.patch b/meta/recipes-gnome/gtk+/gtk+/0001-Do-not-look-into-HOME-when-looking-for-gtk-modules.patch new file mode 100644 index 0000000000..9201e45c39 --- /dev/null +++ b/meta/recipes-gnome/gtk+/gtk+/0001-Do-not-look-into-HOME-when-looking-for-gtk-modules.patch @@ -0,0 +1,29 @@ +From 34ce93e1c50bfb88f92a687d4f82de55584f3f6a Mon Sep 17 00:00:00 2001 +From: Alexander Kanavin +Date: Wed, 11 Apr 2018 14:20:39 +0300 +Subject: [PATCH] Do not look into $HOME when looking for gtk modules + +On the host it causes host contamination, on the target it's a +potential security issue. Gtk+3 has already removed this. + +Upstream-Status: Inapproriate [gtk2 is in maintenance mode] +Signed-off-by: Alexander Kanavin +--- + gtk/gtkmodules.c | 4 ---- + 1 file changed, 4 deletions(-) + +diff --git a/gtk/gtkmodules.c b/gtk/gtkmodules.c +index 50729b6..e09b583 100644 +--- a/gtk/gtkmodules.c ++++ b/gtk/gtkmodules.c +@@ -65,10 +65,6 @@ get_module_path (void) + if (result) + return result; + +- home_dir = g_get_home_dir(); +- if (home_dir) +- home_gtk_dir = g_build_filename (home_dir, ".gtk-2.0", NULL); +- + module_path_env = g_getenv ("GTK_PATH"); + exe_prefix = g_getenv ("GTK_EXE_PREFIX"); + diff --git a/meta/recipes-gnome/gtk+/gtk+_2.24.32.bb b/meta/recipes-gnome/gtk+/gtk+_2.24.32.bb index 20703588c3..89fca736b2 100644 --- a/meta/recipes-gnome/gtk+/gtk+_2.24.32.bb +++ b/meta/recipes-gnome/gtk+/gtk+_2.24.32.bb @@ -10,7 +10,8 @@ SRC_URI = "http://ftp.gnome.org/pub/gnome/sources/gtk+/2.24/gtk+-${PV}.tar.xz \ file://toggle-font.diff;striplevel=0 \ file://doc-fixes.patch \ file://strict-prototypes.patch \ - " + file://0001-Do-not-look-into-HOME-when-looking-for-gtk-modules.patch \ + " SRC_URI[md5sum] = "d5742aa42275203a499b59b4c382a784" SRC_URI[sha256sum] = "b6c8a93ddda5eabe3bfee1eb39636c9a03d2a56c7b62828b359bf197943c582e" -- cgit 1.2.3-korg