Base: Run ProtocolServer as a separate "protocol" user

This is probably not the final design we'll want for this, but for now let's run the HTTP client code as a separate user to reduce exposure for the standard "anon" user account. Note that "protocol" is also added to the "lookup" group, in order to allow ProtocolServer to contact LookupServer for DNS requests.
abyesilyurt · Jan 11, 2020 · d0a708f · d0a708f
1 parent 83f5941
commit d0a708f
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 2 deletions.
diff --git a/Base/etc/SystemServer.ini b/Base/etc/SystemServer.ini
@@ -6,10 +6,11 @@ Priority=high
 
 [ProtocolServer]
 Socket=/tmp/portal/protocol
+SocketPermissions=660
 Lazy=1
 Priority=low
 KeepAlive=1
-User=anon
+User=protocol
 
 [LookupServer]
 Socket=/tmp/portal/lookup

diff --git a/Base/etc/group b/Base/etc/group
@@ -3,5 +3,6 @@ wheel:x:1:anon
 tty:x:2:
 phys:x:3:anon
 audio:x:4:anon
-lookup:x:10:anon
+lookup:x:10:protocol,anon
+protocol:x:11:anon
 users:x:100:anon
diff --git a/Base/etc/passwd b/Base/etc/passwd
@@ -1,4 +1,5 @@
 root:x:0:0:root:/:/bin/sh
 lookup:x:10:10:LookupServer,,,:/:/bin/false
+protocol:x:11:11:ProtocolServer,,,:/:/bin/false
 anon:x:100:100:Anonymous,,,:/home/anon:/bin/sh
 nona:x:200:200:Nona,,,:/home/nona:/bin/sh