SystemServer: Allow specifying per-service socket file permissions

Servers/SystemServer/Service.cpp

@@ -104,7 +104,7 @@ void Service::setup_socket()
         ASSERT_NOT_REACHED();
     }
 
-    if (fchmod(m_socket_fd, 0600) < 0) {
+    if (fchmod(m_socket_fd, m_socket_permissions) < 0) {
         perror("fchmod");
         ASSERT_NOT_REACHED();
     }
@@ -270,6 +270,8 @@ Service::Service(const CConfigFile& config, const StringView& name)
 
     m_socket_path = config.read_entry(name, "Socket");
     if (!m_socket_path.is_null()) {
+        auto socket_permissions_string = config.read_entry(name, "SocketPermissions", "0600");
+        m_socket_permissions = strtol(socket_permissions_string.characters(), nullptr, 8) & 04777;
         setup_socket();
     }
 }

Servers/SystemServer/Service.h

@@ -38,6 +38,8 @@ private:
     bool m_keep_alive { false };
     // Path to the socket to create and listen on on behalf of this service.
     String m_socket_path;
+    // File system permissions for the socket.
+    mode_t m_socket_permissions { 0 };
     // Whether we should only spawn this service once somebody connects to the socket.
     bool m_lazy;
     // The name of the user we should run this service as.