SystemServer: Make service sockets owned by the configured user

Also make the sockets readable and writable only by that user.

This fixes a bug where anyone could connect to anyone else's services,
most obviously WindowServer.

1 files changed, 14 insertions, 4 deletions

diff --git a/Servers/SystemServer/Service.cpp b/Servers/SystemServer/Service.cpp
index cc17353638..f15a277325 100644
--- a/Servers/SystemServer/Service.cpp
+++ b/Servers/SystemServer/Service.cpp
@@ -86,6 +86,16 @@ void Service::setup_socket()
         ASSERT_NOT_REACHED();
     }
 
+    if (fchown(m_socket_fd, m_uid, m_gid) < 0) {
+        perror("fchown");
+        ASSERT_NOT_REACHED();
+    }
+
+    if (fchmod(m_socket_fd, 0600) < 0) {
+        perror("fchmod");
+        ASSERT_NOT_REACHED();
+    }
+
     auto socket_address = CSocketAddress::local(m_socket_path);
     auto un = socket_address.to_sockaddr_un();
     int rc = bind(m_socket_fd, (const sockaddr*)&un, sizeof(un));
@@ -225,14 +235,14 @@ Service::Service(const CConfigFile& config, const StringView& name)
     m_keep_alive = config.read_bool_entry(name, "KeepAlive");
     m_lazy = config.read_bool_entry(name, "Lazy");
 
+    m_user = config.read_entry(name, "User");
+    if (!m_user.is_null())
+        resolve_user();
+
     m_socket_path = config.read_entry(name, "Socket");
     if (!m_socket_path.is_null()) {
         setup_socket();
     }
-
-    m_user = config.read_entry(name, "User");
-    if (!m_user.is_null())
-        resolve_user();
 }
 
 void Service::save_to(JsonObject& json)