attachments, in order:
(1) 0...the proposed patch to sugar
(2) suga..9.1 sugar part of a draft patch for 9.1, only read it if you're
interested, scarcely tested.
(3) 0...s-l proposed patch for sugar-toolkit
(4) tool...9.1 the sugar-toolkit part of the draft 9.1 patch
(5) 0...fixes some minor pylint cleanup to sugar, to be applied after
patch 1 above.
So, the important parts here are (1) and (3). Patch (1) makes sugar registry
service not add bundles unless they're in ~/Activities. (The registry can
add such bundles, but the service will refuse to). Patch (3) makes
activitybundle.py refuse to install loopholed activities unless called with
securitycheck=False.
From 4db7faf72edc7eaa2aa4631a98aa29819f2e5ec8 Mon Sep 17 00:00:00 2001
From: Jameson Quinn <[EMAIL PROTECTED]>
Date: Mon, 4 Aug 2008 19:17:11 -0600
Subject: [PATCH] bug #5657 - don't add bundles to registry unless they're in ~/Activities
---
service/bundleregistry.py |7 +--
1 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/service/bundleregistry.py b/service/bundleregistry.py
index e7c30a8..5d3fec8 100644
--- a/service/bundleregistry.py
+++ b/service/bundleregistry.py
@@ -174,12 +174,15 @@ class BundleRegistry(gobject.GObject):
bundle_dirs.sort(lambda d1, d2: cmp(bundles[d1], bundles[d2]))
for folder in bundle_dirs:
try:
-self.add_bundle(folder)
+self.add_bundle(folder, securitycheck=False)
except Exception, e:
logging.error('Error while processing installed activity ' \
'bundle: %s, %s, %s' % (folder, e.__class__, e))
-def add_bundle(self, bundle_path):
+def add_bundle(self, bundle_path, securitycheck=True):
+if securitycheck and not bundle_path.startswith(
+os.path.expanduser("~/Activities")):
+return False
try:
bundle = ActivityBundle(bundle_path)
except MalformedBundleException:
--
1.5.2.5
diff --git a/service/activityregistryservice.py b/service/activityregistryservice.py
index 6ba5598..7b3415a 100644
--- a/service/activityregistryservice.py
+++ b/service/activityregistryservice.py
@@ -24,6 +24,11 @@ _ACTIVITY_REGISTRY_SERVICE_NAME = 'org.laptop.ActivityRegistry'
_ACTIVITY_REGISTRY_IFACE = 'org.laptop.ActivityRegistry'
_ACTIVITY_REGISTRY_PATH = '/org/laptop/ActivityRegistry'
+def log_it(s):
+f = file("/home/chema/.sugar/default/logs/hardcoded","ab")
+f.write(s+"\n")
+f.close()
+
class ActivityRegistry(dbus.service.Object):
def __init__(self):
bus = dbus.SessionBus()
@@ -64,11 +69,8 @@ class ActivityRegistry(dbus.service.Object):
@dbus.service.method(_ACTIVITY_REGISTRY_IFACE,
in_signature='', out_signature='aa{sv}')
def GetActivities(self):
-result = []
registry = bundleregistry.get_registry()
-for bundle in registry:
-result.append(self._bundle_to_dict(bundle))
-return result
+return (bundle for bundle in registry)
@dbus.service.method(_ACTIVITY_REGISTRY_IFACE,
in_signature='s', out_signature='a{sv}')
@@ -78,7 +80,8 @@ class ActivityRegistry(dbus.service.Object):
if not bundle:
return {}
-return self._bundle_to_dict(bundle)
+log_it("service about to return "+str(bundle))
+return bundle
@dbus.service.method(_ACTIVITY_REGISTRY_IFACE,
in_signature='s', out_signature='aa{sv}')
@@ -90,18 +93,15 @@ class ActivityRegistry(dbus.service.Object):
name = bundle.get_name().lower()
bundle_id = bundle.get_bundle_id().lower()
if name.find(key) != -1 or bundle_id.find(key) != -1:
-result.append(self._bundle_to_dict(bundle))
+result.append(bundle)
return result
@dbus.service.method(_ACTIVITY_REGISTRY_IFACE,
in_signature='s', out_signature='aa{sv}')
def GetActivitiesForType(self, mime_type):
-result = []
registry = bundleregistry.get_registry()
-for bundle in registry.get_activities_for_type(mime_type):
-result.append(self._bundle_to_dict(bundle))
-return result
+return registry.get_activities_for_type(mime_type)
@dbus.service.method(_ACTIVITY_REGISTRY_IFACE,
in_signature='sib', out_signature='')
@@ -127,32 +127,14 @@ class ActivityRegistry(dbus.service.Object):
def ActivityChanged(self, activity_info):
pass
-def _bundle_to_dict(self, bundle):
-registry = bundleregistry.get_registry()
-favorite = registry.is_bundle_favorite(bundle.get_bundle_id(),
- bundle.get_activity_version())
-x, y = registry.get_bundle_position(bundle.get_bundle_id(),
-bu