Hi, > On 25.03.2016, at 11:31, Lubomir I. Ivanov <[email protected]> wrote: > > hello, > > On 25 March 2016 at 10:27, Robert C. Helling <[email protected]> wrote: >> + if ((getegid() == 0) && !verbose) { >> + printf("You are running Subsurface as root. This is not >> recommended.\n"); >> + printf("If you insist to do so, run with option -v.\n"); >> + exit(0); >> + } > > there is no WINAPI (Windows) wrapper for the POSIX function getegid(), > as the SIDs on Windows work slightly differently that the Unix GIDs. > > i'd suggest the following function in all the platform specific files > (linux.c, windows.c...): > subsurface_user_is_root() > > where getegid() == 0 is used on Unix OSes and possibly IsUserAnAdmin() > on Windows. > i can send a patch later for that. > > lubomir > --
Here is an updated patch. Best Robert
From af51dc433ad45e06ec34a07d25a884deec2d8396 Mon Sep 17 00:00:00 2001 From: "Robert C. Helling" <[email protected]> Date: Fri, 25 Mar 2016 09:21:45 +0100 Subject: [PATCH] Prevent unintentionally running as root To: [email protected] Some users try to run Subsurface as root for example to get around permission problems with dive computer devices. This is a bad idea since config files get touched as root and then cannot be read as normal user anymore. This patch allows running as root only with verbose option on. We can assume if somebody manages to start subsurface as root this happens from the command line. For some reason, I couldn't get translation working at this stage. Windows version is a stub. Signed-off-by: Robert C. Helling <[email protected]> --- subsurface-core/dive.h | 1 + subsurface-core/linux.c | 6 ++++++ subsurface-core/macos.c | 5 +++++ subsurface-core/windows.c | 7 +++++++ subsurface-desktop-main.cpp | 5 +++++ 5 files changed, 24 insertions(+) diff --git a/subsurface-core/dive.h b/subsurface-core/dive.h index d52ef52..e84b2e6 100644 --- a/subsurface-core/dive.h +++ b/subsurface-core/dive.h @@ -697,6 +697,7 @@ extern struct zip *subsurface_zip_open_readonly(const char *path, int flags, int extern int subsurface_zip_close(struct zip *zip); extern void subsurface_console_init(bool dedicated); extern void subsurface_console_exit(void); +extern bool subsurface_user_is_root(void); extern void shift_times(const timestamp_t amount); extern timestamp_t get_times(); diff --git a/subsurface-core/linux.c b/subsurface-core/linux.c index a77f378..cf6e057 100644 --- a/subsurface-core/linux.c +++ b/subsurface-core/linux.c @@ -225,3 +225,9 @@ void subsurface_console_exit(void) { /* NOP */ } + +bool subsurface_user_is_root() +{ + return (geteuid() == 0); +} + diff --git a/subsurface-core/macos.c b/subsurface-core/macos.c index 70cfc08..500412c 100644 --- a/subsurface-core/macos.c +++ b/subsurface-core/macos.c @@ -211,3 +211,8 @@ void subsurface_console_exit(void) { /* NOP */ } + +bool subsurface_user_is_root() +{ + return (geteuid() == 0); +} diff --git a/subsurface-core/windows.c b/subsurface-core/windows.c index a2386fd..a9cca3e 100644 --- a/subsurface-core/windows.c +++ b/subsurface-core/windows.c @@ -446,3 +446,10 @@ void subsurface_console_exit(void) FreeConsole(); #endif } + +bool subsurface_user_is_root() +{ + /* FIXME: Detect admin rights */ + return (false); +} + diff --git a/subsurface-desktop-main.cpp b/subsurface-desktop-main.cpp index 2b7bf89..d26ad15 100644 --- a/subsurface-desktop-main.cpp +++ b/subsurface-desktop-main.cpp @@ -59,6 +59,11 @@ int main(int argc, char **argv) files.push_back(a); } } + if (subsurface_user_is_root() && !verbose) { + printf("You are running Subsurface as root. This is not recommended.\n"); + printf("If you insist to do so, run with option -v.\n"); + exit(0); + } #if !LIBGIT2_VER_MAJOR && LIBGIT2_VER_MINOR < 22 git_threads_init(); #else -- 2.5.4 (Apple Git-61)
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ subsurface mailing list [email protected] http://lists.subsurface-divelog.org/cgi-bin/mailman/listinfo/subsurface
