SpiceAgent: Don't pledge cpath or open SPICE_DEVICE as rwc

Core::File's new `DontCreate` open mode removes the need for these
capabilities on SpiceAgent. We shouldn't have to create this file,
as if it doesn't exist, QEMU never initiated a spice connection!

Userland/Services/SpiceAgent/SpiceAgent.cpp

@@ -15,7 +15,7 @@ namespace SpiceAgent {
 
 ErrorOr<NonnullOwnPtr<SpiceAgent>> SpiceAgent::create(StringView device_path)
 {
-    auto device = TRY(Core::File::open(device_path, Core::File::OpenMode::ReadWrite | Core::File::OpenMode::Nonblocking));
+    auto device = TRY(Core::File::open(device_path, Core::File::OpenMode::ReadWrite | Core::File::OpenMode::DontCreate | Core::File::OpenMode::Nonblocking));
     return try_make<SpiceAgent>(move(device), Vector { Capability::ClipboardByDemand });
 }
 

Userland/Services/SpiceAgent/main.cpp

@@ -26,11 +26,8 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
     TRY(Desktop::Launcher::add_allowed_url(URL::create_with_file_scheme(Core::StandardPaths::downloads_directory())));
     TRY(Desktop::Launcher::seal_allowlist());
 
-    // FIXME: Make Core::File support reading and writing, but without creating:
-    //        By default, Core::File opens the file descriptor with O_CREAT when using OpenMode::Write (and subsequently, OpenMode::ReadWrite).
-    //        To minimise confusion for people that have already used Core::File, we can probably just do `OpenMode::ReadWrite | OpenMode::DontCreate`.
-    TRY(Core::System::pledge("unix rpath wpath stdio sendfd recvfd cpath"));
-    TRY(Core::System::unveil(SPICE_DEVICE, "rwc"sv));
+    TRY(Core::System::pledge("unix rpath wpath stdio sendfd recvfd"));
+    TRY(Core::System::unveil(SPICE_DEVICE, "rw"sv));
     TRY(Core::System::unveil(Core::StandardPaths::downloads_directory(), "rwc"sv));
     TRY(Core::System::unveil(nullptr, nullptr));