Annother approach would be to unify all the input method pathnames, so that
there is only one pathname. That might require a lot of ports surgery,
I don't know how much.
But consider the benefit of such a plan. If there is only one pathname,
containing only input mechanism, then it can be unveil'd by default.
Rather than using numerous unveil paths, it could use a total of 1 or 2.
Bryan Linton <b...@shoshoni.info> wrote:
> Hello ports@
>
> After upgrading to Firefox 71, I was no longer able to input
> Japanese due to the newly-added unveil and pledge support. After
> some debugging, I found that adding the following lines to
> /etc/firefox/unveil.main allowed me to input Japanese as usual.
>
> ---------8<----------
> --- /usr/local/lib/firefox/browser/defaults/preferences/unveil.main Sat Dec
> 21 15:08:23 2019
> +++ /etc/firefox/unveil.main Fri Jan 3 12:25:53 2020
> @@ -3,6 +3,12 @@
> /dev/video rw
> /dev/video0 rw
>
> +# for launching the anthy input method from uim
> +/etc/anthy-conf r
> +~/.anthy r
> +~/.tomoe r
> +~/.uim.d r
> +
> /etc/fonts r
> /etc/machine-id r
> ---------8<----------
>
> However, this raises some interesting questions. How far down
> this path do we want to go? The above patch enables the UIM+Anthy
> combination to work again, but what about SCIM+Anthy? Ibus+Anthy?
> SCIM+Pinyin? There are 26 ports in ports/inputmethods; do all of
> them get added to unveil.main?
>
> While I'm aware that adding every possible contingency to unveil
> largely defeats its purpose, I'm also concerned that the
> alternative would be users simply disabling pledge+unveil
> entirely if they find that they can no longer input CJK text.
>
> Which then brings us full circle to the security model of unveil
> being defeated...
>
> That being the case, perhaps adding a short blurb like the
> following to Firefox's pkg-readme would be a better way to go.
>
> ---------8<----------
> --- README Sat Jan 4 11:22:21 2020
> +++ README.new Sat Jan 4 11:25:11 2020
> @@ -28,6 +28,23 @@
> Each file can be overridden by copying it to ${SYSCONFDIR}/firefox/
> and modifying it.
>
> +CJK IMEs
> +========
> +Due to unveil(2) limiting filesystem access, CJK IMEs will not
> +work with the default unveil permissions. To enable the use of
> +CJK IMEs, one must first identify which files in /etc and /home
> +that the IME uses, and then add them to unveil.main by following
> +the instructions in the above section.
> +
> +For example, the UIM+Anthy combination needs the following lines
> +added to unveil.main:
> +
> + # for launching the anthy input method from uim
> + /etc/anthy-conf r
> + ~/.anthy r
> + ~/.tomoe r
> + ~/.uim.d r
> +
> 3rd-Party MIME Handlers
> =======================
> Due to unveil(2) limiting filesystem access, only the default MIME
> ---------8<----------
>
> This would give users a hint of where and what to look for if they
> find their IME no longer working, but would avoid going down the
> rabbit hole of adding dozens upon dozens of exceptions to unveil.
>
> Either way, I'm definitely grateful for all the work the
> developers have put in to get pledge+unveil support added to
> mainline Firefox.
>
> Thank you for all the hard work!
>
> --
> Bryan
>
