Move socket into separate directory

This is mostly to ease setup and configuration with sandboxed browsers. The socket currently existing in `$XDG_RUNTIME_DIR`. When sandboxing a browser, it would be unsafe to mount this directory inside the sandbox. Mounting the socket into the sandbox's filesystem is also not possible in cases where KeePassXC is [re]started after the browser has started. This commit moves the socket into its own isolated subdirectory, which can be safely mounted into sandboxes. Sandbox engines can create the directory themselves (in case the browser starts before KeePassXC). Both Flatpak and Firejail support this configuration. A symlink is also created, linking the previous location to the new location. This is meant for backwards compatibility and should eventually be dropped. The directory can't be named `org.keepassxc.KeePassXC.BrowserServer`, since that would collide with the symlink. Instead, the directory has been created to match the format used for Flatpak builds, which make it a bit less of a snowflake build, while following accepted conventions. Closes: #8018 References: #6741
keepassxreboot · May 8, 2022 · 736517f · 736517f
1 parent a4d4adb
commit 736517f
Showing 1 changed file with 20 additions and 4 deletions.
diff --git a/src/browser/BrowserShared.cpp b/src/browser/BrowserShared.cpp
@@ -20,6 +20,7 @@
 #include "config-keepassx.h"
 
 #include <QStandardPaths>
+#include <QDir>
 #if defined(KEEPASSXC_DIST_SNAP)
 #include <QProcessEnvironment>
 #endif
@@ -35,10 +36,25 @@ namespace BrowserShared
         return QStandardPaths::writableLocation(QStandardPaths::RuntimeLocation) + "/app/" + "org.keepassxc.KeePassXC"
                + serverName;
 #elif defined(Q_OS_UNIX) && !defined(Q_OS_MACOS)
-        // Use XDG_RUNTIME_DIR instead of /tmp if it's available
-        QString path = QStandardPaths::writableLocation(QStandardPaths::RuntimeLocation);
-        return path.isEmpty() ? QStandardPaths::writableLocation(QStandardPaths::TempLocation) + serverName
-                              : path + serverName;
+        // Use XDG_RUNTIME_DIR if available, else use /tmp.
+        QString xdgRuntimeDir = QStandardPaths::writableLocation(QStandardPaths::RuntimeLocation);
+        if (xdgRuntimeDir.isEmpty()) {
+                return QStandardPaths::writableLocation(QStandardPaths::TempLocation) + serverName;
+        }
+
+        QDir dir = QDir(xdgRuntimeDir);
+
+        // Put the socket in a dedicated directory.
+        // This directory will be easily mountable by sandbox containers.
+        QDir socketDir = dir.filePath("app/org.keepassxc.KeePassXC");
+        if (!socketDir.exists()) dir.mkpath("app/org.keepassxc.KeePassXC");
+
+        QString socketPath = socketDir.path() + "/BrowserServer.socket";
+
+        // Create a symlink at the legacy location for backwards compatibility.
+        QFile::link(socketPath, xdgRuntimeDir + serverName);
+
+        return socketPath;
 #elif defined(Q_OS_WIN)
         // Windows uses named pipes
         return serverName + "_" + qgetenv("USERNAME");