util: Remove undesired variables from activation environment

Commit 646b9bc (included in 3.33.92) prevented one run of gnome-session from uploading environment variables into `systemd --user` that should not leak into a different login session, such as XDG_SESSION_ID. However, non-GNOME session managers (and in particular the forks of gnome-session found in Cinnamon and MATE) might still upload those environment variables. The other session managers should be fixed, similar to 646b9bc, but we can mitigate this for GNOME sessions by actively unsetting the undesired variables, instead of just not setting them. Signed-off-by: Simon McVittie <smcv@collabora.com> Resolves: https://gitlab.gnome.org/GNOME/gnome-session/-/issues/86
GNOME · Mar 29, 2021 · d44888f · d44888f
1 parent b519851
commit d44888f
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/gnome-session/gsm-util.c b/gnome-session/gsm-util.c
@@ -646,6 +646,8 @@ gsm_util_export_user_environment (GError     **error)
         g_variant_builder_open (&builder, G_VARIANT_TYPE ("as"));
         for (i = 0; variable_unsetlist[i] != NULL; i++)
                 g_variant_builder_add (&builder, "s", variable_unsetlist[i]);
+        for (i = 0; variable_blacklist[i] != NULL; i++)
+                g_variant_builder_add (&builder, "s", variable_blacklist[i]);
         g_variant_builder_close (&builder);
 
         g_variant_builder_open (&builder, G_VARIANT_TYPE ("as"));