mirror of
https://github.com/RGBCube/serenity
synced 2025-05-31 07:08:10 +00:00
b968d44375
Some of these were using 660 permissions which meant that other users in the "users" group could connect to anon's service processes. Let's tighten things up by not allowing that. :^)
174 lines
2.8 KiB
INI
174 lines
2.8 KiB
INI
[RequestServer]
|
|
Socket=/tmp/portal/request
|
|
SocketPermissions=600
|
|
Lazy=1
|
|
Priority=low
|
|
User=anon
|
|
BootModes=text,graphical,self-test
|
|
MultiInstance=1
|
|
AcceptSocketConnections=1
|
|
|
|
[WebContent]
|
|
Socket=/tmp/portal/webcontent
|
|
SocketPermissions=600
|
|
Lazy=1
|
|
User=anon
|
|
BootModes=graphical
|
|
MultiInstance=1
|
|
AcceptSocketConnections=1
|
|
|
|
[ImageDecoder]
|
|
Socket=/tmp/portal/image
|
|
SocketPermissions=600
|
|
Lazy=1
|
|
User=anon
|
|
BootModes=graphical
|
|
MultiInstance=1
|
|
AcceptSocketConnections=1
|
|
|
|
[WebSocket]
|
|
Socket=/tmp/portal/websocket
|
|
SocketPermissions=600
|
|
Lazy=1
|
|
Priority=low
|
|
User=anon
|
|
BootModes=text,graphical,self-test
|
|
MultiInstance=1
|
|
AcceptSocketConnections=1
|
|
|
|
[LookupServer]
|
|
Socket=/tmp/portal/lookup
|
|
SocketPermissions=660
|
|
Priority=low
|
|
KeepAlive=1
|
|
User=lookup
|
|
BootModes=text,graphical,self-test
|
|
|
|
[DHCPClient]
|
|
Priority=low
|
|
KeepAlive=1
|
|
User=root
|
|
BootModes=text,graphical,self-test
|
|
|
|
[NotificationServer]
|
|
Socket=/tmp/portal/notify
|
|
SocketPermissions=600
|
|
Lazy=1
|
|
Priority=low
|
|
KeepAlive=1
|
|
User=anon
|
|
|
|
[LaunchServer]
|
|
Socket=/tmp/portal/launch
|
|
SocketPermissions=600
|
|
Lazy=1
|
|
User=anon
|
|
BootModes=text,graphical
|
|
|
|
[WindowServer]
|
|
Socket=/tmp/portal/window,/tmp/portal/wm
|
|
SocketPermissions=660
|
|
Priority=high
|
|
KeepAlive=1
|
|
User=window
|
|
|
|
[InspectorServer]
|
|
Socket=/tmp/portal/inspector,/tmp/portal/inspectables
|
|
SocketPermissions=600,666
|
|
KeepAlive=1
|
|
User=anon
|
|
|
|
[Clipboard]
|
|
Socket=/tmp/portal/clipboard
|
|
SocketPermissions=600
|
|
Priority=low
|
|
User=anon
|
|
|
|
[ResourceGraph.Applet]
|
|
Arguments=--cpu=CPUGraph,#00bb00 --memory=MemoryGraph,#00bbbb
|
|
Priority=low
|
|
KeepAlive=1
|
|
User=anon
|
|
|
|
[Audio.Applet]
|
|
Priority=low
|
|
KeepAlive=1
|
|
User=anon
|
|
|
|
[Network.Applet]
|
|
Arguments=--name=Network
|
|
Priority=low
|
|
KeepAlive=1
|
|
User=anon
|
|
|
|
[ClipboardHistory.Applet]
|
|
Priority=low
|
|
KeepAlive=1
|
|
User=anon
|
|
|
|
[AudioServer]
|
|
# TODO: It would be nice to make this lazy, but Audio.Applet connects to it immediately on startup anyway.
|
|
Socket=/tmp/portal/audio
|
|
Priority=high
|
|
KeepAlive=1
|
|
User=anon
|
|
|
|
[Taskbar]
|
|
KeepAlive=1
|
|
User=anon
|
|
|
|
[Desktop]
|
|
Executable=/bin/FileManager
|
|
Arguments=--desktop
|
|
KeepAlive=1
|
|
User=anon
|
|
|
|
[Terminal]
|
|
User=anon
|
|
WorkingDirectory=/home/anon
|
|
|
|
[Shell@tty0]
|
|
Executable=/bin/Shell
|
|
StdIO=/dev/tty0
|
|
Environment=TERM=xterm
|
|
KeepAlive=1
|
|
BootModes=text
|
|
|
|
[Shell@tty1]
|
|
Executable=/bin/Shell
|
|
StdIO=/dev/tty1
|
|
Environment=TERM=xterm
|
|
KeepAlive=1
|
|
BootModes=text
|
|
|
|
[CppLanguageServer]
|
|
Socket=/tmp/portal/language/cpp
|
|
SocketPermissions=600
|
|
Lazy=1
|
|
User=anon
|
|
MultiInstance=1
|
|
AcceptSocketConnections=1
|
|
|
|
[ShellLanguageServer]
|
|
Socket=/tmp/portal/language/shell
|
|
SocketPermissions=600
|
|
Lazy=1
|
|
User=anon
|
|
MultiInstance=1
|
|
AcceptSocketConnections=1
|
|
|
|
[CrashDaemon]
|
|
KeepAlive=1
|
|
User=anon
|
|
|
|
[KeyboardPreferenceLoader]
|
|
KeepAlive=0
|
|
User=anon
|
|
|
|
[TestRunner@ttyS0]
|
|
Executable=/home/anon/tests/run-tests-and-shutdown.sh
|
|
StdIO=/dev/ttyS0
|
|
Environment=DO_SHUTDOWN_AFTER_TESTS=1 TERM=xterm PATH=/bin:/usr/bin:/usr/local/bin TESTS_ONLY=1
|
|
User=anon
|
|
WorkingDirectory=/home/anon
|
|
BootModes=self-test
|