From 05a2a0c4925a7921c78309bc6d8e56e94ea6c4f0 Mon Sep 17 00:00:00 2001
From: Andreas Kling <kling@serenityos.org>
Date: Tue, 21 Jan 2020 10:46:42 +0100
Subject: [PATCH] WindowServer: unveil("/bin", "x") so we can start
 applications

Without this, we can't start programs via the system menu. This begs
the question: should WindowServer really be allowed to fork and exec
in the first place?
---
 Servers/WindowServer/main.cpp | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/Servers/WindowServer/main.cpp b/Servers/WindowServer/main.cpp
index 48323e39ff..8f142fe8c1 100644
--- a/Servers/WindowServer/main.cpp
+++ b/Servers/WindowServer/main.cpp
@@ -110,6 +110,11 @@ int main(int, char**)
         return 1;
     }
 
+    if (unveil("/bin", "x") < 0) {
+        perror("unveil");
+        return 1;
+    }
+
     if (unveil(nullptr, nullptr) < 0) {
         perror("unveil");
         return 1;