Base: Run WindowServer as a separate "window" user

This was actually rather painless and straightforward. WindowServer now
runs as the "window" user. Users in the "window" group can connect to
it via the socket in /tmp/portal/window as usual.

4 files changed, 11 insertions, 2 deletions

diff --git a/Base/etc/SystemServer.ini b/Base/etc/SystemServer.ini
index 1dcfe862a8..f5fd678a3a 100644
--- a/Base/etc/SystemServer.ini
+++ b/Base/etc/SystemServer.ini
@@ -22,9 +22,10 @@ User=lookup
 
 [WindowServer]
 Socket=/tmp/portal/window
+SocketPermissions=660
 Priority=high
 KeepAlive=1
-User=anon
+User=window
 
 [Clock.MenuApplet]
 KeepAlive=1
diff --git a/Base/etc/group b/Base/etc/group
index e41861da50..847883e3da 100644
--- a/Base/etc/group
+++ b/Base/etc/group
@@ -1,8 +1,9 @@
 root:x:0:
 wheel:x:1:anon
 tty:x:2:
-phys:x:3:anon
+phys:x:3:window
 audio:x:4:anon
 lookup:x:10:protocol,anon
 protocol:x:11:anon
+window:x:13:anon
 users:x:100:anon
diff --git a/Base/etc/passwd b/Base/etc/passwd
index e23a6d09d3..78f60742f2 100644
--- a/Base/etc/passwd
+++ b/Base/etc/passwd
@@ -1,5 +1,6 @@
 root:x:0:0:root:/:/bin/sh
 lookup:x:10:10:LookupServer,,,:/:/bin/false
 protocol:x:11:11:ProtocolServer,,,:/:/bin/false
+window:x:13:13:WindowServer,,,:/:/bin/false
 anon:x:100:100:Anonymous,,,:/home/anon:/bin/sh
 nona:x:200:200:Nona,,,:/home/nona:/bin/sh
diff --git a/Kernel/build-root-filesystem.sh b/Kernel/build-root-filesystem.sh
index 837b8d04d9..31daa843a6 100755
--- a/Kernel/build-root-filesystem.sh
+++ b/Kernel/build-root-filesystem.sh
@@ -6,6 +6,8 @@ wheel_gid=1
 tty_gid=2
 phys_gid=3
 audio_gid=4
+window_uid=13
+window_gid=13
 
 die() {
     echo "die: $*"
@@ -83,6 +85,10 @@ cp -R ../Base/* mnt/
 cp -R ../Root/* mnt/
 cp kernel.map mnt/res/
 chmod 400 mnt/res/kernel.map
+
+chmod 660 mnt/etc/WindowServer/WindowServer.ini
+chown $window_uid:$window_gid mnt/etc/WindowServer/WindowServer.ini
+
 echo "done"
 
 printf "installing users... "