From 3dc1787306c2708d1b47761c601ec2c022e123cb Mon Sep 17 00:00:00 2001 From: Andreas Kling Date: Sun, 6 Jun 2021 16:11:06 +0200 Subject: [PATCH] NotificationServer: Remove unnecessary UID separation This process is already sandboxed to the point where the UID doesn't matter, so let's just stop having the separate "notify" user. --- Base/etc/SystemServer.ini | 4 ++-- Base/etc/group | 5 ++--- Base/etc/passwd | 1 - Base/etc/shadow | 1 - 4 files changed, 4 insertions(+), 7 deletions(-) diff --git a/Base/etc/SystemServer.ini b/Base/etc/SystemServer.ini index bae775f3fc..fb2c6aab29 100644 --- a/Base/etc/SystemServer.ini +++ b/Base/etc/SystemServer.ini @@ -52,11 +52,11 @@ BootModes=text,graphical,self-test [NotificationServer] Socket=/tmp/portal/notify -SocketPermissions=660 +SocketPermissions=600 Lazy=1 Priority=low KeepAlive=1 -User=notify +User=anon [LaunchServer] Socket=/tmp/portal/launch diff --git a/Base/etc/group b/Base/etc/group index d3a423bfbb..e27697f9b7 100644 --- a/Base/etc/group +++ b/Base/etc/group @@ -5,7 +5,6 @@ phys:x:3:window,anon audio:x:4:anon utmp:x:5: lookup:x:10:anon -notify:x:12:anon -window:x:13:anon,notify -clipboard:x:14:anon,notify +window:x:13:anon +clipboard:x:14:anon users:x:100:anon diff --git a/Base/etc/passwd b/Base/etc/passwd index 6033717d22..cf689bcc9c 100644 --- a/Base/etc/passwd +++ b/Base/etc/passwd @@ -1,6 +1,5 @@ root::0:0:root:/root:/bin/sh lookup:!:10:10:LookupServer,,,:/:/bin/false -notify:!:12:12:NotificationServer,,,:/:/bin/false window:!:13:13:WindowServer,,,:/:/bin/false clipboard:!:14:14:Clipboard,,,:/:/bin/false sshd:!:19:19:OpenSSH privsep,,,:/:/bin/false diff --git a/Base/etc/shadow b/Base/etc/shadow index 4a2bccece0..9dca754c2f 100644 --- a/Base/etc/shadow +++ b/Base/etc/shadow @@ -1,6 +1,5 @@ root::18727:::::: lookup:!*:18727:::::: -notify:!*:18727:::::: window:!*:18727:::::: clipboard:!*:18727:::::: sshd:!*:18727::::::