[GTK][WPE] Fix sandbox on distros with suid bubblewrap
https://bugs.webkit.org/show_bug.cgi?id=190616
Patch by Patrick Griffis <pgriffis@igalia.com> on 2018-10-16
Reviewed by Michael Catanzaro.
* UIProcess/Launcher/glib/BubblewrapLauncher.cpp:
(WebKit::bubblewrapSpawn):
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@237190 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/Source/WebKit/ChangeLog b/Source/WebKit/ChangeLog
index ad7e192..706b879 100644
--- a/Source/WebKit/ChangeLog
+++ b/Source/WebKit/ChangeLog
@@ -1,3 +1,13 @@
+2018-10-16 Patrick Griffis <pgriffis@igalia.com>
+
+ [GTK][WPE] Fix sandbox on distros with suid bubblewrap
+ https://bugs.webkit.org/show_bug.cgi?id=190616
+
+ Reviewed by Michael Catanzaro.
+
+ * UIProcess/Launcher/glib/BubblewrapLauncher.cpp:
+ (WebKit::bubblewrapSpawn):
+
2018-10-16 Alex Christensen <achristensen@webkit.org>
Replace HistoryItem* with HistoryItem& where possible
diff --git a/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp b/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp
index 6084d69..4ce73ef 100644
--- a/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp
+++ b/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp
@@ -666,6 +666,15 @@
// We would have to parse ld config files for more info.
bindPathVar(sandboxArgs, "LD_LIBRARY_PATH");
+ const char* libraryPath = g_getenv("LD_LIBRARY_PATH");
+ if (libraryPath && libraryPath[0]) {
+ // On distros using a suid bwrap it drops this env var
+ // so we have to pass it through to the children.
+ sandboxArgs.appendVector(Vector<CString>({
+ "--setenv", "LD_LIBRARY_PATH", libraryPath,
+ }));
+ }
+
bindSymlinksRealPath(sandboxArgs, "/etc/resolv.conf");
bindSymlinksRealPath(sandboxArgs, "/etc/localtime");
