Package: gtkgreet Version: gtkgreet_0.8-1 Severity: normal Tags: patch X-Debbugs-Cc: [email protected]
Dear Maintainer, This greeter allows unauthenticated arbitrary commands to be executed from the login screen as the greeter user by simply typing them into the drop down box. Although this greeter does allow for loading a list of valid commands from /etc/greetd/environments, loading that file does not disable the ability to input arbitrary commands. Rather, it just adds them to a drop down of commands to be potentially executed on the login screen in addition to the ability to add arbitrary commands. As this is a security hole that could potentially allow for exploitation of the running system, I've made a patch that introduces a command line argument to disable the ability to input those arbitrary commands. Only allowing the existing commands from /etc/greetd/environments to be used. Rationale for making the patch: Unfortunately due to my use-case for one of my systems, I'm not able to avoid using this package as it is one of the few packages that actually allows that system to work as intended. sddm, gdm, lightdm, etc. All of them fail to work properly with the gamescope package (Which was removed from trixie, but is still in sid.) which segfaults when used under those display managers. greetd was the only login manager that would allow gamescope to work as intended while retaining a user login requirement, and gamescope was a hard dependency for my use-case. (Avoiding gamescope would require a massive rewrite of another app (opengamepadui) which is not currently available in Debian, but I've got working regardless.) -- System Information: Debian Release: 12.12 APT prefers oldstable-updates APT policy: (500, 'oldstable-updates'), (500, 'oldstable-security'), (500, 'oldstable') Architecture: amd64 (x86_64) Foreign Architectures: i386, arm64 Kernel: Linux 6.1.0-40-amd64 (SMP w/8 CPU threads; PREEMPT) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
Description: allow-disabling-custom-commands Allows disabling the text entry for the command box. Limiting the commands that can be run to the values in the environments file. Author: Patrick Hibbs <[email protected]> --- --- gtkgreet-0.8/gtkgreet/gtkgreet.h 2025-11-08 14:51:05.056868116 -0500 +++ gtkgreet-0.8/gtkgreet/gtkgreet.h 2025-11-08 14:51:33.693375535 -0500 @@ -27,6 +27,7 @@ gboolean use_layer_shell; #endif char* command; + gboolean disable_custom_commands; char* selected_command; enum QuestionType question_type; --- gtkgreet-0.8/gtkgreet/main.c 2025-11-08 14:47:28.017040230 -0500 +++ gtkgreet-0.8/gtkgreet/main.c 2025-11-08 14:50:36.988371232 -0500 @@ -19,6 +19,8 @@ static gboolean use_layer_shell = FALSE; #endif +static gboolean disable_custom_commands = FALSE; + static GOptionEntry entries[] = { @@ -28,6 +30,7 @@ { "command", 'c', 0, G_OPTION_ARG_STRING, &command, "Command to run", "sway"}, { "background", 'b', 0, G_OPTION_ARG_STRING, &background, "Background image to use", NULL}, { "style", 's', 0, G_OPTION_ARG_FILENAME, &style, "CSS style to use", NULL }, + { "disable-custom-commands", 'x', 0, G_OPTION_ARG_NONE, &disable_custom_commands, "Disable custom command entry", NULL}, { NULL } }; @@ -142,6 +145,7 @@ gtkgreet->use_layer_shell = use_layer_shell; #endif gtkgreet->command = command; + gtkgreet->disable_custom_commands = disable_custom_commands; if (background != NULL) { gtkgreet->background = gdk_pixbuf_new_from_file(background, &error); --- gtkgreet-0.8/gtkgreet/window.c 2025-11-08 14:54:53.492927324 -0500 +++ gtkgreet-0.8/gtkgreet/window.c 2025-11-08 15:10:46.630013038 -0500 @@ -113,7 +113,7 @@ gtk_container_add(GTK_CONTAINER(ctx->input_box), question_box); if (type == QuestionTypeInitial) { - ctx->command_selector = gtk_combo_box_text_new_with_entry(); + ctx->command_selector = (gtkgreet->disable_custom_commands == FALSE) ? gtk_combo_box_text_new_with_entry() : gtk_combo_box_text_new(); gtk_widget_set_name(ctx->command_selector, "command-selector"); gtk_widget_set_size_request(ctx->command_selector, 384, -1); config_update_command_selector(ctx->command_selector);
