1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-27 22:37:35 +00:00

LibCore+LaunchServer: Move portal directory to /tmp/user/%uid

The `/tmp/user` directory is owned by root, this solution prevents
malicious users to interfere with other users' portals.

This commit also moves `launch`'s portal in the user directory.
This commit is contained in:
Lucas CHOLLET 2022-08-07 18:10:26 +02:00 committed by Linus Groh
parent f0012c2162
commit c5b7c9f479
17 changed files with 25 additions and 20 deletions

View file

@ -142,6 +142,15 @@ bool Account::authenticate(SecretString const& password) const
bool Account::login() const
{
auto const temporary_directory = String::formatted("/tmp/user/{}", m_uid);
if (auto result = Core::Directory::create(temporary_directory, Core::Directory::CreateDirectories::Yes); result.is_error()) {
dbgln("{}", result.release_error());
return false;
}
if (chown(temporary_directory.characters(), m_uid, m_gid) < 0)
return false;
if (setgroups(m_extra_gids.size(), m_extra_gids.data()) < 0)
return false;
@ -151,10 +160,6 @@ bool Account::login() const
if (setuid(m_uid) < 0)
return false;
auto const temporary_directory = String::formatted("/tmp/{}", m_uid);
if (auto result = Core::Directory::create(temporary_directory, Core::Directory::CreateDirectories::No); result.is_error())
dbgln("{}", result.release_error());
return true;
}