mirror of
https://github.com/RGBCube/serenity
synced 2025-07-27 16:07:46 +00:00
LibCore+LaunchServer: Move portal directory to /tmp/user/%uid
The `/tmp/user` directory is owned by root, this solution prevents malicious users to interfere with other users' portals. This commit also moves `launch`'s portal in the user directory.
This commit is contained in:
parent
f0012c2162
commit
c5b7c9f479
17 changed files with 25 additions and 20 deletions
|
@ -142,6 +142,15 @@ bool Account::authenticate(SecretString const& password) const
|
|||
|
||||
bool Account::login() const
|
||||
{
|
||||
auto const temporary_directory = String::formatted("/tmp/user/{}", m_uid);
|
||||
if (auto result = Core::Directory::create(temporary_directory, Core::Directory::CreateDirectories::Yes); result.is_error()) {
|
||||
dbgln("{}", result.release_error());
|
||||
return false;
|
||||
}
|
||||
|
||||
if (chown(temporary_directory.characters(), m_uid, m_gid) < 0)
|
||||
return false;
|
||||
|
||||
if (setgroups(m_extra_gids.size(), m_extra_gids.data()) < 0)
|
||||
return false;
|
||||
|
||||
|
@ -151,10 +160,6 @@ bool Account::login() const
|
|||
if (setuid(m_uid) < 0)
|
||||
return false;
|
||||
|
||||
auto const temporary_directory = String::formatted("/tmp/{}", m_uid);
|
||||
if (auto result = Core::Directory::create(temporary_directory, Core::Directory::CreateDirectories::No); result.is_error())
|
||||
dbgln("{}", result.release_error());
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue