diff --git a/src/appspawn_server.cpp b/src/appspawn_server.cpp
index 04064e3e9148b60d88356977bf61787c0bc55fb3..0d77d2018ad5f7f8123c35a367e2cb49b0f4b728 100644
--- a/src/appspawn_server.cpp
+++ b/src/appspawn_server.cpp
@@ -27,6 +27,7 @@
 #include <sys/prctl.h>
 #include <sys/capability.h>
 #include <sys/syscall.h>
+#include <sys/socket.h>
 #include <thread>
 #include <string>
 #include <map>
@@ -261,6 +262,19 @@ void AppSpawnServer::ConnectionPeer()
             continue;
         }
 
+        struct ucred cred = {-1, -1, -1};
+        socklen_t credSize  = sizeof(struct ucred);
+        if (getsockopt(connectFd, SOL_SOCKET, SO_PEERCRED, &cred, &credSize) < 0) {
+            APPSPAWN_LOGE("get cred failed!");
+            continue;
+        }
+
+        APPSPAWN_LOGE("OnConnection client uid is %d!", cred.uid);
+        if (cred.uid != FOUNDATION_UID) {
+            APPSPAWN_LOGE("OnConnection client fd %d is nerverallow!", connectFd);
+            continue;
+        }
+
         mut_.lock();  // Ensure that mutex in SaveConnection is unlocked before being forked
         socket_->SaveConnection(connectFd);
         mut_.unlock();
@@ -637,7 +651,7 @@ int32_t AppSpawnServer::SetProcessName(
     }
 
     // set long process name
-    if (strncpy_s(longProcName, len, processName, len) != EOK) {
+    if (strncpy_s(longProcName, longProcNameLen, processName, len) != EOK) {
         HiLog::Error(LABEL, "strncpy_s long name error: %{public}d", errno);
         return -EINVAL;
     }
diff --git a/src/include/appspawn_server.h b/src/include/appspawn_server.h
index 2ec656cfc9d768088f634f4db91397ca807caaf8..d874187ad19de253b7613883e3ffd1540b5c30f0 100644
--- a/src/include/appspawn_server.h
+++ b/src/include/appspawn_server.h
@@ -24,6 +24,7 @@
 #include "server_socket.h"
 #include "nocopyable.h"
 
+#define FOUNDATION_UID 5523
 namespace OHOS {
 namespace AppSpawn {
 class AppSpawnServer {
diff --git a/src/socket/client_socket.cpp b/src/socket/client_socket.cpp
index 308f389c8cfe4ff81912de40121bec9c9d633d8c..df91a59bebceaefcce4407ebaea18e08b4e0f169 100644
--- a/src/socket/client_socket.cpp
+++ b/src/socket/client_socket.cpp
@@ -39,7 +39,12 @@ int ClientSocket::CreateClient()
             return socketFd_;
         }
     }
-
+    int opt = 1;
+    int ret = setsockopt(socketFd_, SOL_SOCKET, SO_PASSCRED, &opt, sizeof(opt));
+    if (ret < 0) {
+        HiLog::Error(LABEL, "Client: setsockopt failed!");
+        return -1;
+    }
     HiLog::Debug(LABEL, "Client: CreateClient socket fd %d", socketFd_);
     return 0;
 }