mirror of
https://github.com/RGBCube/serenity
synced 2025-07-25 19:37:35 +00:00
SystemServer: Create accounts with Account::Read::PasswdOnly
This prevents non-root instances of SystemServer to try to open `/etc/shadow`.
This commit is contained in:
parent
a3b8a9a142
commit
f0012c2162
1 changed files with 2 additions and 2 deletions
|
@ -299,7 +299,7 @@ Service::Service(Core::ConfigFile const& config, StringView name)
|
|||
|
||||
m_user = config.read_entry(name, "User");
|
||||
if (!m_user.is_null()) {
|
||||
auto result = Core::Account::from_name(m_user.characters());
|
||||
auto result = Core::Account::from_name(m_user.characters(), Core::Account::Read::PasswdOnly);
|
||||
if (result.is_error())
|
||||
warnln("Failed to resolve user {}: {}", m_user, result.error());
|
||||
else
|
||||
|
@ -417,7 +417,7 @@ ErrorOr<void> Service::determine_account(int fd)
|
|||
auto const directory_name = String::formatted("/proc/{}/", creds.pid);
|
||||
auto const stat = TRY(Core::System::stat(directory_name));
|
||||
|
||||
m_account = TRY(Core::Account::from_uid(stat.st_uid));
|
||||
m_account = TRY(Core::Account::from_uid(stat.st_uid, Core::Account::Read::PasswdOnly));
|
||||
return {};
|
||||
}
|
||||
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue