Base: Add a "lookup" user+group that runs LookupServer

LookupServer now runs as lookup:lookup, allowing connections from other
members of the "lookup" group.

This is enforced through file system permissions by having the service
socket (/tmp/portal/lookup) be mode 0660.

Now the LookupServer program can't overwrite other people's files if it
starts misbehaving. That's pretty cool :^)

3 files changed, 4 insertions, 1 deletions

diff --git a/Base/etc/SystemServer.ini b/Base/etc/SystemServer.ini
index d112f3e8d1..c31b61f1c0 100644
--- a/Base/etc/SystemServer.ini
+++ b/Base/etc/SystemServer.ini
@@ -13,10 +13,11 @@ User=anon
 
 [LookupServer]
 Socket=/tmp/portal/lookup
+SocketPermissions=660
 Lazy=1
 Priority=low
 KeepAlive=1
-User=anon
+User=lookup
 
 [WindowServer]
 Socket=/tmp/portal/window
diff --git a/Base/etc/group b/Base/etc/group
index e1bd20f29a..840a9dae5c 100644
--- a/Base/etc/group
+++ b/Base/etc/group
@@ -3,4 +3,5 @@ wheel:x:1:anon
 tty:x:2:
 phys:x:3:anon
 audio:x:4:anon
+lookup:x:10:anon
 users:x:100:anon
diff --git a/Base/etc/passwd b/Base/etc/passwd
index 987589b5e8..159f969ede 100644
--- a/Base/etc/passwd
+++ b/Base/etc/passwd
@@ -1,3 +1,4 @@
 root:x:0:0:root:/:/bin/sh
+lookup:x:10:10:LookupServer,,,:/:/bin/false
 anon:x:100:100:Anonymous,,,:/home/anon:/bin/sh
 nona:x:200:200:Nona,,,:/home/nona:/bin/sh