From b29327c8badf9463c9dc3f4335ac78ab523b3b28 Mon Sep 17 00:00:00 2001 From: Michael Catanzaro Date: Mon, 15 Jun 2020 09:26:56 -0500 Subject: [PATCH] Enable web process sandbox This will make it a lot harder for Mozilla Corporation to hack our users via its privacy policy webpage! ;) --- gnome-initial-setup/gis-driver.c | 4 ++++ gnome-initial-setup/meson.build | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/gnome-initial-setup/gis-driver.c b/gnome-initial-setup/gis-driver.c index ae42d52c..a73442e8 100644 --- a/gnome-initial-setup/gis-driver.c +++ b/gnome-initial-setup/gis-driver.c @@ -26,6 +26,7 @@ #include #include #include +#include #include "cc-common-language.h" #include "gis-assistant.h" @@ -884,9 +885,12 @@ gis_driver_startup (GApplication *app) { GisDriver *driver = GIS_DRIVER (app); GisDriverPrivate *priv = gis_driver_get_instance_private (driver); + WebKitWebContext *context = webkit_web_context_get_default (); G_APPLICATION_CLASS (gis_driver_parent_class)->startup (app); + webkit_web_context_set_sandbox_enabled (context, TRUE); + if (priv->mode == GIS_DRIVER_MODE_NEW_USER) connect_to_gdm (driver); diff --git a/gnome-initial-setup/meson.build b/gnome-initial-setup/meson.build index 9a721dfa..c071d757 100644 --- a/gnome-initial-setup/meson.build +++ b/gnome-initial-setup/meson.build @@ -48,7 +48,7 @@ dependencies = [ dependency ('krb5'), dependency ('libsecret-1', version: '>= 0.18.8'), dependency ('pwquality'), - dependency ('webkit2gtk-4.0'), + dependency ('webkit2gtk-4.0', version: '>= 2.26.0'), cheese_dep, cheese_gtk_dep, ibus_dep, -- GitLab