[PATCH] Firefox - Fix Japanese input by expanding unveiled directories

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

[PATCH] Firefox - Fix Japanese input by expanding unveiled directories

Bryan Linton
Hello ports@

After upgrading to Firefox 71, I was no longer able to input
Japanese due to the newly-added unveil and pledge support.  After
some debugging, I found that adding the following lines to
/etc/firefox/unveil.main allowed me to input Japanese as usual.

---------8<----------
--- /usr/local/lib/firefox/browser/defaults/preferences/unveil.main Sat Dec 21 15:08:23 2019
+++ /etc/firefox/unveil.main Fri Jan  3 12:25:53 2020
@@ -3,6 +3,12 @@
 /dev/video rw
 /dev/video0 rw
 
+# for launching the anthy input method from uim
+/etc/anthy-conf r
+~/.anthy r
+~/.tomoe r
+~/.uim.d r
+
 /etc/fonts r
 /etc/machine-id r
---------8<----------

However, this raises some interesting questions.  How far down
this path do we want to go?  The above patch enables the UIM+Anthy
combination to work again, but what about SCIM+Anthy?  Ibus+Anthy?
SCIM+Pinyin?  There are 26 ports in ports/inputmethods; do all of
them get added to unveil.main?

While I'm aware that adding every possible contingency to unveil
largely defeats its purpose, I'm also concerned that the
alternative would be users simply disabling pledge+unveil
entirely if they find that they can no longer input CJK text.

Which then brings us full circle to the security model of unveil
being defeated...

That being the case, perhaps adding a short blurb like the
following to Firefox's pkg-readme would be a better way to go.

---------8<----------
--- README Sat Jan  4 11:22:21 2020
+++ README.new Sat Jan  4 11:25:11 2020
@@ -28,6 +28,23 @@
 Each file can be overridden by copying it to ${SYSCONFDIR}/firefox/
 and modifying it.
 
+CJK IMEs
+========
+Due to unveil(2) limiting filesystem access, CJK IMEs will not
+work with the default unveil permissions.  To enable the use of
+CJK IMEs, one must first identify which files in /etc and /home
+that the IME uses, and then add them to unveil.main by following
+the instructions in the above section.
+
+For example, the UIM+Anthy combination needs the following lines
+added to unveil.main:
+
+ # for launching the anthy input method from uim
+ /etc/anthy-conf r
+ ~/.anthy r
+ ~/.tomoe r
+ ~/.uim.d r
+
 3rd-Party MIME Handlers
 =======================
 Due to unveil(2) limiting filesystem access, only the default MIME
---------8<----------

This would give users a hint of where and what to look for if they
find their IME no longer working, but would avoid going down the
rabbit hole of adding dozens upon dozens of exceptions to unveil.

Either way, I'm definitely grateful for all the work the
developers have put in to get pledge+unveil support added to
mainline Firefox.

Thank you for all the hard work!

--
Bryan

Reply | Threaded
Open this post in threaded view
|

Re: [PATCH] Firefox - Fix Japanese input by expanding unveiled directories

Landry Breuil-5
On Sat, Jan 04, 2020 at 12:53:23PM +0900, Bryan Linton wrote:

> Hello ports@
>
> After upgrading to Firefox 71, I was no longer able to input
> Japanese due to the newly-added unveil and pledge support.  After
> some debugging, I found that adding the following lines to
> /etc/firefox/unveil.main allowed me to input Japanese as usual.
>
> ---------8<----------
> --- /usr/local/lib/firefox/browser/defaults/preferences/unveil.main Sat Dec 21 15:08:23 2019
> +++ /etc/firefox/unveil.main Fri Jan  3 12:25:53 2020
> @@ -3,6 +3,12 @@
>  /dev/video rw
>  /dev/video0 rw
>  
> +# for launching the anthy input method from uim
> +/etc/anthy-conf r
> +~/.anthy r
> +~/.tomoe r
> +~/.uim.d r
> +
>  /etc/fonts r
>  /etc/machine-id r
> ---------8<----------
>
> However, this raises some interesting questions.  How far down
> this path do we want to go?  The above patch enables the UIM+Anthy
> combination to work again, but what about SCIM+Anthy?  Ibus+Anthy?
> SCIM+Pinyin?  There are 26 ports in ports/inputmethods; do all of
> them get added to unveil.main?
>
> While I'm aware that adding every possible contingency to unveil
> largely defeats its purpose, I'm also concerned that the
> alternative would be users simply disabling pledge+unveil
> entirely if they find that they can no longer input CJK text.
>
> Which then brings us full circle to the security model of unveil
> being defeated...
>
> That being the case, perhaps adding a short blurb like the
> following to Firefox's pkg-readme would be a better way to go.

I dont have a preference between those, and i'm fine with each of them.

Reply | Threaded
Open this post in threaded view
|

Re: [PATCH] Firefox - Fix Japanese input by expanding unveiled directories

Marc Espie-2
In reply to this post by Bryan Linton
On Sat, Jan 04, 2020 at 12:53:23PM +0900, Bryan Linton wrote:

> Hello ports@
>
> After upgrading to Firefox 71, I was no longer able to input
> Japanese due to the newly-added unveil and pledge support.  After
> some debugging, I found that adding the following lines to
> /etc/firefox/unveil.main allowed me to input Japanese as usual.
>
> ---------8<----------
> --- /usr/local/lib/firefox/browser/defaults/preferences/unveil.main Sat Dec 21 15:08:23 2019
> +++ /etc/firefox/unveil.main Fri Jan  3 12:25:53 2020
> @@ -3,6 +3,12 @@
>  /dev/video rw
>  /dev/video0 rw
>  
> +# for launching the anthy input method from uim
> +/etc/anthy-conf r
> +~/.anthy r
> +~/.tomoe r
> +~/.uim.d r
> +
>  /etc/fonts r
>  /etc/machine-id r
> ---------8<----------
>
> However, this raises some interesting questions.  How far down
> this path do we want to go?  The above patch enables the UIM+Anthy
> combination to work again, but what about SCIM+Anthy?  Ibus+Anthy?
> SCIM+Pinyin?  There are 26 ports in ports/inputmethods; do all of
> them get added to unveil.main?
>
> While I'm aware that adding every possible contingency to unveil
> largely defeats its purpose, I'm also concerned that the
> alternative would be users simply disabling pledge+unveil
> entirely if they find that they can no longer input CJK text.
>
> Which then brings us full circle to the security model of unveil
> being defeated...

Let's be practical here.

It's already a pain in the ass to figure out how to input non-european
scripts into programs. So if you add one more step, people are very
likely to just disable unveil.

I say we should go for what people actually use AND can test.

So, you're using one specific method to input japanese characters.
Let's start with adding THAT one.

And let's tell people (on this ml, or possibly in the README) to
chime in with whatever method they are using.

That way, we get a set of unveil that actually gets tested by
actual users.

Reply | Threaded
Open this post in threaded view
|

Re: [PATCH] Firefox - Fix Japanese input by expanding unveiled directories

Theo de Raadt-2
In reply to this post by Bryan Linton
Annother approach would be to unify all the input method pathnames, so that
there is only one pathname.  That might require a lot of ports surgery,
I don't know how much.

But consider the benefit of such a plan.  If there is only one pathname,
containing only input mechanism, then it can be unveil'd by default.

Rather than using numerous unveil paths, it could use a total of 1 or 2.


Bryan Linton <[hidden email]> wrote:

> Hello ports@
>
> After upgrading to Firefox 71, I was no longer able to input
> Japanese due to the newly-added unveil and pledge support.  After
> some debugging, I found that adding the following lines to
> /etc/firefox/unveil.main allowed me to input Japanese as usual.
>
> ---------8<----------
> --- /usr/local/lib/firefox/browser/defaults/preferences/unveil.main Sat Dec 21 15:08:23 2019
> +++ /etc/firefox/unveil.main Fri Jan  3 12:25:53 2020
> @@ -3,6 +3,12 @@
>  /dev/video rw
>  /dev/video0 rw
>  
> +# for launching the anthy input method from uim
> +/etc/anthy-conf r
> +~/.anthy r
> +~/.tomoe r
> +~/.uim.d r
> +
>  /etc/fonts r
>  /etc/machine-id r
> ---------8<----------
>
> However, this raises some interesting questions.  How far down
> this path do we want to go?  The above patch enables the UIM+Anthy
> combination to work again, but what about SCIM+Anthy?  Ibus+Anthy?
> SCIM+Pinyin?  There are 26 ports in ports/inputmethods; do all of
> them get added to unveil.main?
>
> While I'm aware that adding every possible contingency to unveil
> largely defeats its purpose, I'm also concerned that the
> alternative would be users simply disabling pledge+unveil
> entirely if they find that they can no longer input CJK text.
>
> Which then brings us full circle to the security model of unveil
> being defeated...
>
> That being the case, perhaps adding a short blurb like the
> following to Firefox's pkg-readme would be a better way to go.
>
> ---------8<----------
> --- README Sat Jan  4 11:22:21 2020
> +++ README.new Sat Jan  4 11:25:11 2020
> @@ -28,6 +28,23 @@
>  Each file can be overridden by copying it to ${SYSCONFDIR}/firefox/
>  and modifying it.
>  
> +CJK IMEs
> +========
> +Due to unveil(2) limiting filesystem access, CJK IMEs will not
> +work with the default unveil permissions.  To enable the use of
> +CJK IMEs, one must first identify which files in /etc and /home
> +that the IME uses, and then add them to unveil.main by following
> +the instructions in the above section.
> +
> +For example, the UIM+Anthy combination needs the following lines
> +added to unveil.main:
> +
> + # for launching the anthy input method from uim
> + /etc/anthy-conf r
> + ~/.anthy r
> + ~/.tomoe r
> + ~/.uim.d r
> +
>  3rd-Party MIME Handlers
>  =======================
>  Due to unveil(2) limiting filesystem access, only the default MIME
> ---------8<----------
>
> This would give users a hint of where and what to look for if they
> find their IME no longer working, but would avoid going down the
> rabbit hole of adding dozens upon dozens of exceptions to unveil.
>
> Either way, I'm definitely grateful for all the work the
> developers have put in to get pledge+unveil support added to
> mainline Firefox.
>
> Thank you for all the hard work!
>
> --
> Bryan
>