From 320d45a3f5fe40fe928bbce5792e0c8ed46ae95f Mon Sep 17 00:00:00 2001
From: Kovid Goyal <kovid@kovidgoyal.net>
Date: Sun, 3 Jul 2022 15:19:17 +0530
Subject: [PATCH] Only use prewarm socket if uid and gid match

---
 kitty/child.py     |  2 +-
 prewarm-launcher.h | 23 ++++++++++++++++++++++-
 2 files changed, 23 insertions(+), 2 deletions(-)

diff --git a/kitty/child.py b/kitty/child.py
index aa1854f8e..90e600e0d 100644
--- a/kitty/child.py
+++ b/kitty/child.py
@@ -250,7 +250,7 @@ class Child:
         env['COLORTERM'] = 'truecolor'
         env['KITTY_PID'] = getpid()
         if not self.is_prewarmed:
-            env['KITTY_PREWARM_SOCKET'] = fast_data_types.get_boss().prewarm.unix_socket_name
+            env['KITTY_PREWARM_SOCKET'] = f'{os.geteuid()}:{os.getegid()}:{fast_data_types.get_boss().prewarm.unix_socket_name}'
         if self.cwd:
             # needed in case cwd is a symlink, in which case shells
             # can use it to display the current directory name rather
diff --git a/prewarm-launcher.h b/prewarm-launcher.h
index 56375a86d..6441729b9 100644
--- a/prewarm-launcher.h
+++ b/prewarm-launcher.h
@@ -452,10 +452,31 @@ loop(void) {
 #undef fail
 }
 
+static char*
+check_socket_addr(char *addr) {
+    char *p = strchr(addr, ':');
+    if (!p) return NULL;
+    *p = 0;
+    long val = -1;
+    bool ok = parse_long(addr, &val);
+    *p = ':';
+    if (!ok || val != geteuid()) return NULL;
+    addr = p + 1;
+    p = strchr(addr, ':');
+    if (!p) return NULL;
+    *p = 0;
+    ok = parse_long(addr, &val);
+    *p = ':';
+    if (!ok || val != getegid()) return NULL;
+    return p + 1;
+}
+
 static void
 use_prewarmed_process(int argc, char *argv[]) {
-    const char *env_addr = getenv("KITTY_PREWARM_SOCKET");
+    char *env_addr = getenv("KITTY_PREWARM_SOCKET");
     if (!env_addr || !*env_addr || !is_prewarmable(argc, argv)) return;
+    env_addr = check_socket_addr(env_addr);
+    if (!env_addr) return;
     self_ttyfd = safe_open(ctermid(NULL), O_RDWR | O_NONBLOCK, 0);
 #define fail(s) { print_error(s, errno); cleanup(); return; }
     if (self_ttyfd == -1) fail("Failed to open controlling terminal");