From 46ee193cd8374576abf78b68caba395794e0a9da Mon Sep 17 00:00:00 2001
From: Chocobo1 <Chocobo1@users.noreply.github.com>
Date: Thu, 27 Jun 2019 20:33:05 +0800
Subject: [PATCH] Restrict QLocalServer access

The default is world access which means even even unprivileged local
accounts can connect to it too.
---
 src/app/qtsingleapplication/qtlocalpeer.cpp | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/app/qtsingleapplication/qtlocalpeer.cpp b/src/app/qtsingleapplication/qtlocalpeer.cpp
index cb4c57492..d8a1bce31 100644
--- a/src/app/qtsingleapplication/qtlocalpeer.cpp
+++ b/src/app/qtsingleapplication/qtlocalpeer.cpp
@@ -101,6 +101,7 @@ QtLocalPeer::QtLocalPeer(QObject* parent, const QString &appId)
 #endif
 
     server = new QLocalServer(this);
+    server->setSocketOptions(QLocalServer::UserAccessOption);
     QString lockName = QDir(QDir::tempPath()).absolutePath()
                        + QLatin1Char('/') + socketName
                        + QLatin1String("-lockfile");