We use cookies to ensure you get the best experience on our website
Home Explore Help
Register Sign In
0ct0pu5
/
ladybird
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Base: Add a "lookup" user+group that runs LookupServer

LookupServer now runs as lookup:lookup, allowing connections from other
members of the "lookup" group.

This is enforced through file system permissions by having the service
socket (/tmp/portal/lookup) be mode 0660.

Now the LookupServer program can't overwrite other people's files if it
starts misbehaving. That's pretty cool :^)
Andreas Kling 5 years ago
parent
7dd03b46ee
commit
f5d9f11e52
3 changed files with 4 additions and 1 deletions
Unified View Show Diff Stats
  1. 2 1
      Base/etc/SystemServer.ini
  2. 1 0
      Base/etc/group
  3. 1 0
      Base/etc/passwd

+ 2 - 1
Base/etc/SystemServer.ini
View File 

@@ -13,10 +13,11 @@ User=anon
 
 
 
 [LookupServer]
 
 [LookupServer]
 
 Socket=/tmp/portal/lookup
 
 Socket=/tmp/portal/lookup
 
+SocketPermissions=660
 
 Lazy=1
 
 Lazy=1
 
 Priority=low
 
 Priority=low
 
 KeepAlive=1
 
 KeepAlive=1
 
-User=anon
 
+User=lookup
 
 
 
 [WindowServer]
 
 [WindowServer]
 
 Socket=/tmp/portal/window
 
 Socket=/tmp/portal/window

+ 1 - 0
Base/etc/group
View File 

@@ -3,4 +3,5 @@ wheel:x:1:anon
 
 tty:x:2:
 
 tty:x:2:
 
 phys:x:3:anon
 
 phys:x:3:anon
 
 audio:x:4:anon
 
 audio:x:4:anon
 
+lookup:x:10:anon
 
 users:x:100:anon
 
 users:x:100:anon

+ 1 - 0
Base/etc/passwd
View File 

@@ -1,3 +1,4 @@
 
 root:x:0:0:root:/:/bin/sh
 
 root:x:0:0:root:/:/bin/sh
 
+lookup:x:10:10:LookupServer,,,:/:/bin/false
 
 anon:x:100:100:Anonymous,,,:/home/anon:/bin/sh
 
 anon:x:100:100:Anonymous,,,:/home/anon:/bin/sh
 
 nona:x:200:200:Nona,,,:/home/nona:/bin/sh
 
 nona:x:200:200:Nona,,,:/home/nona:/bin/sh

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5