Base: Make anon's helper services run with 600 socket permissions

Some of these were using 660 permissions which meant that other users
in the "users" group could connect to anon's service processes.

Let's tighten things up by not allowing that. :^)

1 files changed, 7 insertions, 7 deletions

diff --git a/Base/etc/SystemServer.ini b/Base/etc/SystemServer.ini
index c062518617..163acb4572 100644
--- a/Base/etc/SystemServer.ini
+++ b/Base/etc/SystemServer.ini
@@ -1,6 +1,6 @@
 [RequestServer]
 Socket=/tmp/portal/request
-SocketPermissions=660
+SocketPermissions=600
 Lazy=1
 Priority=low
 User=anon
@@ -10,7 +10,7 @@ AcceptSocketConnections=1
 
 [WebContent]
 Socket=/tmp/portal/webcontent
-SocketPermissions=660
+SocketPermissions=600
 Lazy=1
 User=anon
 BootModes=graphical
@@ -19,7 +19,7 @@ AcceptSocketConnections=1
 
 [ImageDecoder]
 Socket=/tmp/portal/image
-SocketPermissions=660
+SocketPermissions=600
 Lazy=1
 User=anon
 BootModes=graphical
@@ -28,7 +28,7 @@ AcceptSocketConnections=1
 
 [WebSocket]
 Socket=/tmp/portal/websocket
-SocketPermissions=660
+SocketPermissions=600
 Lazy=1
 Priority=low
 User=anon
@@ -80,7 +80,7 @@ User=anon
 
 [Clipboard]
 Socket=/tmp/portal/clipboard
-SocketPermissions=660
+SocketPermissions=600
 Priority=low
 User=anon
 
@@ -143,7 +143,7 @@ BootModes=text
 
 [CppLanguageServer]
 Socket=/tmp/portal/language/cpp
-SocketPermissions=660
+SocketPermissions=600
 Lazy=1
 User=anon
 MultiInstance=1
@@ -151,7 +151,7 @@ AcceptSocketConnections=1
 
 [ShellLanguageServer]
 Socket=/tmp/portal/language/shell
-SocketPermissions=660
+SocketPermissions=600
 Lazy=1
 User=anon
 MultiInstance=1