From 5f38f5500e082f1afa2ddae14409f16815b49198 Mon Sep 17 00:00:00 2001
From: Gunnar Beutner <gbeutner@serenityos.org>
Date: Sat, 22 Oct 2022 19:52:53 +0200
Subject: [PATCH] SystemServer: Fix race condition in
 Service::determine_account()

In theory our peer process could die between the call to getsockopt()
and Core::system::stat() and another process could end up with the same
PID which would result in us incorrectly launching the service as
another user (e.g. root).
---
 Userland/Services/SystemServer/Service.cpp | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/Userland/Services/SystemServer/Service.cpp b/Userland/Services/SystemServer/Service.cpp
index f82e29428e..20bcb83a2c 100644
--- a/Userland/Services/SystemServer/Service.cpp
+++ b/Userland/Services/SystemServer/Service.cpp
@@ -419,10 +419,7 @@ ErrorOr<void> Service::determine_account(int fd)
     socklen_t creds_size = sizeof(creds);
     TRY(Core::System::getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &creds, &creds_size));
 
-    auto const directory_name = String::formatted("/proc/{}/", creds.pid);
-    auto const stat = TRY(Core::System::stat(directory_name));
-
-    m_account = TRY(Core::Account::from_uid(stat.st_uid, Core::Account::Read::PasswdOnly));
+    m_account = TRY(Core::Account::from_uid(creds.uid, Core::Account::Read::PasswdOnly));
     return {};
 }