RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-25 20:37:35 +00:00
Code Issues Activity Actions

SystemServer: Make service sockets owned by the configured user

Browse source 
Also make the sockets readable and writable only by that user.

This fixes a bug where anyone could connect to anyone else's services,
most obviously WindowServer.
This commit is contained in:
Andreas Kling 2020-01-03 20:16:49 +01:00
parent d84299c7be
commit 15b57488d9
1 changed files with 14 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

18
Servers/SystemServer/Service.cpp
View file

@ -86,6 +86,16 @@ void Service::setup_socket()
ASSERT_NOT_REACHED(); ASSERT_NOT_REACHED();
} }
if (fchown(m_socket_fd, m_uid, m_gid) < 0) {
perror("fchown");
ASSERT_NOT_REACHED();
}
if (fchmod(m_socket_fd, 0600) < 0) {
perror("fchmod");
ASSERT_NOT_REACHED();
}
auto socket_address = CSocketAddress::local(m_socket_path); auto socket_address = CSocketAddress::local(m_socket_path);
auto un = socket_address.to_sockaddr_un(); auto un = socket_address.to_sockaddr_un();
int rc = bind(m_socket_fd, (const sockaddr*)&un, sizeof(un)); int rc = bind(m_socket_fd, (const sockaddr*)&un, sizeof(un));
@ -225,14 +235,14 @@ Service::Service(const CConfigFile& config, const StringView& name)
m_keep_alive = config.read_bool_entry(name, "KeepAlive"); m_keep_alive = config.read_bool_entry(name, "KeepAlive");
m_lazy = config.read_bool_entry(name, "Lazy"); m_lazy = config.read_bool_entry(name, "Lazy");
m_user = config.read_entry(name, "User");
if (!m_user.is_null())
resolve_user();
m_socket_path = config.read_entry(name, "Socket"); m_socket_path = config.read_entry(name, "Socket");
if (!m_socket_path.is_null()) { if (!m_socket_path.is_null()) {
setup_socket(); setup_socket();
} }
m_user = config.read_entry(name, "User");
if (!m_user.is_null())
resolve_user();
} }
void Service::save_to(JsonObject& json) void Service::save_to(JsonObject& json)