From f7e9fd076ddd53d1ac20a11890348572406e4832 Mon Sep 17 00:00:00 2001
From: Arjan Molenaar <gaphor@gmail.com>
Date: Thu, 30 Nov 2023 17:46:35 +0100
Subject: [PATCH] macos: Implement delegate method to silence secure-restore
 message

Fix process injection vulnerability on macOS.

See https://sector7.computest.nl/post/2022-08-process-injection-breaking-all-macos-security-layers-with-a-single-vulnerability/.
---
 gtk/gtkapplication-quartz.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/gtk/gtkapplication-quartz.c b/gtk/gtkapplication-quartz.c
index efa88b4b5d..fbb82a99ad 100644
--- a/gtk/gtkapplication-quartz.c
+++ b/gtk/gtkapplication-quartz.c
@@ -68,6 +68,7 @@ G_DEFINE_TYPE (GtkApplicationImplQuartz, gtk_application_impl_quartz, GTK_TYPE_A
 - (id)initWithImpl:(GtkApplicationImplQuartz*)impl;
 - (NSApplicationTerminateReply) applicationShouldTerminate:(NSApplication *)sender;
 - (void)application:(NSApplication *)theApplication openFiles:(NSArray *)filenames;
+- (BOOL)applicationSupportsSecureRestorableState:(NSApplication *)app;
 @end
 
 @implementation GtkApplicationQuartzDelegate
@@ -123,6 +124,11 @@ G_DEFINE_TYPE (GtkApplicationImplQuartz, gtk_application_impl_quartz, GTK_TYPE_A
 
   [theApplication replyToOpenOrPrint:NSApplicationDelegateReplySuccess];
 }
+
+-(BOOL)applicationSupportsSecureRestorableState:(NSApplication *)app
+{
+  return YES;
+}
 @end
 
 /* these exist only for accel handling */