From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from atuin.qyliss.net (localhost [IPv6:::1]) by atuin.qyliss.net (Postfix) with ESMTP id 02C6F276F2; Mon, 28 Jul 2025 23:14:47 +0000 (UTC) Received: by atuin.qyliss.net (Postfix, from userid 993) id 77E1B27773; Mon, 28 Jul 2025 23:14:45 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on atuin.qyliss.net X-Spam-Level: X-Spam-Status: No, score=-0.1 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DMARC_PASS,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE autolearn=unavailable autolearn_force=no version=4.0.1 Received: from mail-qk1-x730.google.com (mail-qk1-x730.google.com [IPv6:2607:f8b0:4864:20::730]) by atuin.qyliss.net (Postfix) with ESMTPS id 0C6EB276E3 for ; Mon, 28 Jul 2025 23:14:45 +0000 (UTC) Received: by mail-qk1-x730.google.com with SMTP id af79cd13be357-7e62a1cbf81so724793285a.0 for ; Mon, 28 Jul 2025 16:14:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1753744484; x=1754349284; darn=spectrum-os.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=erJdTVVFI531ffsGbXumfF7WKHOMr7QmEnNaW/FD/L4=; b=MuLRPjNQPN5h3B47CA7VQRvpk6vgQyWBjEn0ZfGIUzXetQ6fh2IA2In7W1wTrCR6Fs IZ92jzYc5p83tA7gjpSQUwcB9VLyuRMPx6DB8bs+9QecGCjNlb9wDJLoCXxuSfRZpc3K NvEz7Ve5vf/NarmsROT2j2S4ya1PCLV+/N0hDUy+y1x9mHvSbFj8hQCe320uRrs1OCO9 skoRFL3tLqZOTVhWWQNwtcwB4CXJBvYcGgA0q8qAMcbT+pN91xZR5Xsm85vYTQVj3Gmw TzL/HFdKWgekNXXwHj0nSAy+oJlBT0qSiezuzSBBb+MMdlZb42Q0FZTF9wQFeU37CLhB i+Aw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1753744484; x=1754349284; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=erJdTVVFI531ffsGbXumfF7WKHOMr7QmEnNaW/FD/L4=; b=epZorB9mkodBKn0DG7UYmiGHQoVgEF0BrpMLTy+zvnD9Y5cVHUyS5Hwh51VugquOTm O3hE5Zn8l60KfZ/YiNQkPPtCpP/vZnqHY14dY1xToFBe3h81fE6BNE7Jc9iz2QXeOjb3 qlC1WqOe32Hwon+FHXgJef0RSp46kyfNBdhbD9DZnh/pMGIE2k0mFl9ZOKwukUnQqTkL KEvrTI2rpAXO8BdIDWaGFfue/ZaxqPX4xZk8bfdT6CMZD95oEO5jpGUghWPpx1WQ0bFM imiFtyCz7m2wUD/6A81oyIMsKaBTD+sZzs7bskLKIlq1jOtNNJaZ0RXbWMLJhe1QynL/ uoTg== X-Gm-Message-State: AOJu0YyWQZn6zCS1tqVvVqFZvEU1vKfxWJR0AF+FLE1maXWmr2/FqNkx yRnwl5f1evT5TUZTPYmowlSgMuiavAyZECBeMBSAHJvX4YF0J+XKjSu2zBrsnQ== X-Gm-Gg: ASbGncusB4SNr28749AtlhzIwQFWGyDAToknbgGvM5QIBeDUwDaQE3e/84mS8TU+l/l D3uCmwa76tdOTQFRcX5SAAiveIYgDXH9cG88roGlRL/L1JCjwpZbSr40GjBjpG2gZP1OUGF/m+d lal3xZ+D1JIGCvPVyTu8SzLngw5jwqsgAgkUIS4/TKntlKKm/1qex+7cg0cJFNusEeOqRMIBnbc nPkbCD4OfMf/2tMQZ+bogYQVhG3CbNTY726v6zEHhMbcGT5qoKD6BqTRud1YkjVFgeGulVwV1Tt aJeXf48F8MnHiGjVkE2TjVAVMj5px50M2wavn02xwyqXz9CpJabnjQdULmk9SeA0kcOuZxlb/Fp FCKx4/aum9osMxwQNjYYbEz+8z5k4FzmCIxu1xw== X-Google-Smtp-Source: AGHT+IEzMD3/cITS+nwMpobZPxUK9wJuPUQN/3ximwjxfKJQJnHd6NNsA6Y+HKdLJf5N5EODZk2k3Q== X-Received: by 2002:a05:620a:43a6:b0:7e3:2ae6:ce8c with SMTP id af79cd13be357-7e63c1bbfb9mr2055113485a.55.1753744483811; Mon, 28 Jul 2025 16:14:43 -0700 (PDT) Received: from very-personal ([89.187.178.201]) by smtp.gmail.com with ESMTPSA id af79cd13be357-7e6431ddec9sm349337485a.0.2025.07.28.16.14.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 28 Jul 2025 16:14:43 -0700 (PDT) From: Demi Marie Obenour To: Spectrum OS Development Subject: [PATCH v8 1/2] img/app: Create needed directories in early boot Date: Mon, 28 Jul 2025 19:13:01 -0400 Message-ID: <20250728231303.2416-2-demiobenour@gmail.com> X-Mailer: git-send-email 2.50.1 In-Reply-To: <263f81f2-9e86-4bb1-be80-41f7731a9a63@gmail.com> References: <263f81f2-9e86-4bb1-be80-41f7731a9a63@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Message-ID-Hash: NV2QUXOD4QVDC52IXEZAMPOJJW6IQG3T X-Message-ID-Hash: NV2QUXOD4QVDC52IXEZAMPOJJW6IQG3T X-MailFrom: demiobenour@gmail.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-devel.spectrum-os.org-0; header-match-devel.spectrum-os.org-1; header-match-devel.spectrum-os.org-2; header-match-devel.spectrum-os.org-3; header-match-devel.spectrum-os.org-4; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Demi Marie Obenour , Alyssa Ross X-Mailman-Version: 3.3.9 Precedence: list List-Id: Patches and low-level development discussion Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: This moves various calls to mkdir(1) to very early boot, before any services are running. This has two advantages: 1. These directories are guaranteed to exist. Code can just assume that they are there without checking for them. 2. Malicious code running as an unprivileged user cannot create directories under /tmp before legitimate code has done so. The following directories are created under /tmp: - /tmp/.font-unix (used by obsolete X Font Server) is created with mode 0000. - The directories used by X11 are created with 1700 permissions: - /tmp/.X11-unix (X server) - /tmp/.ICE-unix (Inter-Client Exchange) - /tmp/.XIM-unix (X Input Methods) - $XDG_RUNTIME_DIR (/run/user/0) is created with 0700 permissions, as expected by the XDG specification. The copyright notice for directory creation is not kept because making one directories with well-known names and permissions is not copyrightable and the code has been rewritten. Signed-off-by: Demi Marie Obenour --- Changes since v6: - Add missing S-o-b - Add comments explaining why each directory needs to be created. - Fix spelling errors in commit messages. Changes since v5: - Remove "directories" service in favor of creating the directories from rc.init. --- img/app/etc/s6-linux-init/scripts/rc.init | 13 +++++++++++++ img/app/etc/s6-rc/wayland-proxy-virtwl/run | 10 ---------- 2 files changed, 13 insertions(+), 10 deletions(-) diff --git a/img/app/etc/s6-linux-init/scripts/rc.init b/img/app/etc/s6-linux-init/scripts/rc.init index c5a59245ff3761e94acb974edde967806fb3b234..7744286d0282bb8e0cc40973c6a6eae4c9401630 100755 --- a/img/app/etc/s6-linux-init/scripts/rc.init +++ b/img/app/etc/s6-linux-init/scripts/rc.init @@ -1,10 +1,23 @@ #!/bin/execlineb -P # SPDX-License-Identifier: EUPL-1.2+ # SPDX-FileCopyrightText: 2020-2022 Alyssa Ross +# SPDX-FileCopyrightText: 2025 Demi Marie Obenour if { s6-rc-init -c /etc/s6-rc /run/service } if { modprobe overlay } if { mount -a --mkdir } +# X Font Server is obsolete +if { mkdir -m 0000 /tmp/.font-unix } + +# /tmp/.X11-unix: X11 server +# /tmp/.ICE-unix: X11 Inter-Client Exchange +# /tmp/.XIM-unix: X11 input methods +# Some documentation states sticky bit is required. +if { mkdir -m 1700 /tmp/.X11-unix /tmp/.ICE-unix /tmp/.XIM-unix } + +# /run/user/0: "$XDG_RUNTIME_DIR" +if { mkdir -m 0700 /run/user/0 } + s6-rc change ok-all diff --git a/img/app/etc/s6-rc/wayland-proxy-virtwl/run b/img/app/etc/s6-rc/wayland-proxy-virtwl/run index 0715d912953c8a1d326059dfd37c29799fcbb053..c1e0e088c789ab8c5fde7e50c9f4b856fff0e477 100755 --- a/img/app/etc/s6-rc/wayland-proxy-virtwl/run +++ b/img/app/etc/s6-rc/wayland-proxy-virtwl/run @@ -1,16 +1,6 @@ #!/bin/execlineb -P # SPDX-License-Identifier: EUPL-1.2+ # SPDX-FileCopyrightText: 2023-2024 Alyssa Ross -# -# Directory creation (if it's copyrightable): -# SPDX-License-Identifier: MIT -# SPDX-FileCopyrightText: 2022 Unikie - -foreground { mkdir /tmp/.X11-unix } -foreground { - umask 077 - mkdir /run/user/0 -} s6-ipcserver-socketbinder -B /run/user/0/wayland-0 fdmove -c 3 0 -- Sincerely, Demi Marie Obenour (she/her/hers)