diff options
| author | Andreas Kling <kling@serenityos.org> | 2020-01-20 22:23:18 +0100 |
|---|---|---|
| committer | Andreas Kling <kling@serenityos.org> | 2020-01-20 22:23:18 +0100 |
| commit | 17e5fc301be1d30cb18e2f0b22ada84485ecd1c3 (patch) | |
| tree | acb25903fce73c2828a0eaa7e418d43b44165b2a | |
| parent | cec0268ffab8a2e9d9b5b2ad742310d629f2fe60 (diff) | |
| download | serenity-17e5fc301be1d30cb18e2f0b22ada84485ecd1c3.zip | |
WindowServer: Use unveil()
WindowServer needs persistent access to a few things:
- /res (for themes, fonts, cursors, apps, wallpapers, etc.)
- /etc/passwd (for username lookup, not sure this is actually needed..)
- /home/anon/WindowManager.ini (FIXME: this should not be hard-coded..)
These things are unveiled temporarily, and then dropped:
- /tmp (for setting up sockets)
- /dev (for opening input and framebuffer devices)
This leaves WindowServer running with a very limited view of the file
system, how neat is that!
| -rw-r--r-- | Servers/WindowServer/main.cpp | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/Servers/WindowServer/main.cpp b/Servers/WindowServer/main.cpp index 34e95df599..48323e39ff 100644 --- a/Servers/WindowServer/main.cpp +++ b/Servers/WindowServer/main.cpp @@ -41,6 +41,34 @@ int main(int, char**) return 1; } + if (unveil("/res", "r") < 0) { + perror("unveil"); + return 1; + } + + if (unveil("/etc/passwd", "r") < 0) { + perror("unveil"); + return 1; + } + + if (unveil("/tmp", "cw") < 0) { + perror("unveil"); + return 1; + } + + // FIXME: WindowServer should obviously not hardcode this. + // Instead, we should have a ConfigServer or similar that allows programs + // to get/set user settings over IPC without giving them access to any files. + if (unveil("/home/anon/WindowManager.ini", "rwc") < 0) { + perror("unveil"); + return 1; + } + + if (unveil("/dev", "rw") < 0) { + perror("unveil"); + return 1; + } + struct sigaction act; memset(&act, 0, sizeof(act)); act.sa_flags = SA_NOCLDWAIT; @@ -72,6 +100,21 @@ int main(int, char**) auto wm = WSWindowManager::construct(*palette); auto mm = WSMenuManager::construct(); + if (unveil("/tmp", "") < 0) { + perror("unveil"); + return 1; + } + + if (unveil("/dev", "") < 0) { + perror("unveil"); + return 1; + } + + if (unveil(nullptr, nullptr) < 0) { + perror("unveil"); + return 1; + } + dbgprintf("Entering WindowServer main loop.\n"); loop.exec(); ASSERT_NOT_REACHED(); |