On 12/11/25 07:19, Alyssa Ross wrote:
> Demi Marie Obenour <demiobenour@gmail.com> writes:
> 
>> On 12/10/25 07:47, Alyssa Ross wrote:
>>> Signed-off-by: Alyssa Ross <hi@alyssa.is>
>>> ---
>>>  host/rootfs/file-list.mk                      |  1 +
>>>  host/rootfs/image/etc/dbus-portal.conf.in     | 11 +++++++++++
>>>  .../template/data/service/dbus/run            |  8 +++++++-
>>>  .../xdg-desktop-portal-spectrum-host/run      |  2 ++
>>>  host/rootfs/image/usr/bin/run-appimage        |  1 +
>>>  host/rootfs/image/usr/bin/run-flatpak         |  1 +
>>>  host/rootfs/image/usr/bin/vm-import           |  1 +
>>>  host/rootfs/image/usr/bin/vm-start            | 19 ++++++++++++++++++-
>>>  8 files changed, 42 insertions(+), 2 deletions(-)
>>>  create mode 100644 host/rootfs/image/etc/dbus-portal.conf.in
>>>
>>> diff --git a/host/rootfs/file-list.mk b/host/rootfs/file-list.mk
>>> index f69775d2..59d83b7e 100644
>>> --- a/host/rootfs/file-list.mk
>>> +++ b/host/rootfs/file-list.mk
>>> @@ -2,6 +2,7 @@
>>>  # SPDX-FileCopyrightText: 2025 Demi Marie Obenour <demiobenour@gmail.com>
>>>  
>>>  FILES = \
>>> +	image/etc/dbus-portal.conf.in \
>>>  	image/etc/fonts/fonts.conf \
>>>  	image/etc/fstab \
>>>  	image/etc/init \
>>> diff --git a/host/rootfs/image/etc/dbus-portal.conf.in b/host/rootfs/image/etc/dbus-portal.conf.in
>>> new file mode 100644
>>> index 00000000..3e0e6725
>>> --- /dev/null
>>> +++ b/host/rootfs/image/etc/dbus-portal.conf.in
>>> @@ -0,0 +1,11 @@
>>> +<?xml version="1.0" encoding="UTF-8"?>
>>> +<!-- SPDX-License-Identifier: CC0-1.0 -->
>>> +<!-- SPDX-FileCopyrightText: 2025 Alyssa Ross <hi@alyssa.is> -->
>>> +<!DOCTYPE busconfig SYSTEM "busconfig.dtd">
>>> +<busconfig>
>>> +  <include>/usr/share/dbus-1/session.conf</include>
>>> +
>>> +  <policy context="default">
>>> +    <allow user="@XDP_SPECTRUM_USER@"/>
>>> +  </policy>
>>> +</busconfig>
>>> diff --git a/host/rootfs/image/etc/s6-linux-init/run-image/service/vm-services/template/data/service/dbus/run b/host/rootfs/image/etc/s6-linux-init/run-image/service/vm-services/template/data/service/dbus/run
>>> index 83e97c65..20f1daff 100755
>>> --- a/host/rootfs/image/etc/s6-linux-init/run-image/service/vm-services/template/data/service/dbus/run
>>> +++ b/host/rootfs/image/etc/s6-linux-init/run-image/service/vm-services/template/data/service/dbus/run
>>> @@ -4,11 +4,17 @@
>>>  
>>>  importas -i VM VM
>>>  
>>> +if {
>>> +  redirfd -w 1 data/dbus.conf
>>> +  sed "s/@XDP_SPECTRUM_USER@/xdp-spectrum-${VM}/g" /etc/dbus-portal.conf.in
>>> +}
>>
>> This makes me nervous.  I know that $VM is trusted, but I'd feel
>> better if this was validated with a case command.  There's a bug in
>> case that makes this not work properly, but that's fixed in execline
>> git right now.
> 
> I don't think this is necessary, because as you say it's trusted.  There
> shouldn't be any way to invoke this script with elevated permissions
> anyway, so it's not doing anything that whatever is invoking it couldn't
> just do themself.

It's more that I prefer to avoid unnecessary places where bad input
can lead to code execution.  Using awk to substitute would also make
this easy.
-- 
Sincerely,
Demi Marie Obenour (she/her/hers)