diff options
author | Haru <haru@dotalux.com> | 2014-01-21 20:45:14 +0100 |
---|---|---|
committer | Haru <haru@dotalux.com> | 2016-07-04 14:14:55 +0200 |
commit | dbcd847d507afd3f256d0bd3953c4a297e5d9451 (patch) | |
tree | b2e3e29fb86ea14348249dbf5dd3d06561c590fc /src/common | |
parent | d2f666fc10eac20f70729176c088b2c81d233531 (diff) | |
download | hercules-dbcd847d507afd3f256d0bd3953c4a297e5d9451.tar.gz hercules-dbcd847d507afd3f256d0bd3953c4a297e5d9451.tar.bz2 hercules-dbcd847d507afd3f256d0bd3953c4a297e5d9451.tar.xz hercules-dbcd847d507afd3f256d0bd3953c4a297e5d9451.zip |
Added messages to discourage running Hercules as root.
- You should not run Hercules as root, period.
- If you understand all of the security implications, and still want to
do so (and you don't want to be bothered by the warning messages),
open core.c and uncomment the line:
"//#define I_AM_AWARE_OF_THE_RISK_AND_STILL_WANT_TO_RUN_HERCULES_AS_ROOT"
- If you're running Hercules as root because your provider forces (or
encourages) you to do so, it means they're really doing it wrong, so
please complain to them and ask them for an alternative.
- More info on the topic:
http://www.tldp.org/HOWTO/Security-HOWTO/local-security.html
https://wiki.debian.org/sudo
http://wiki.centos.org/TipsAndTricks/BecomingRoot
http://fedoraproject.org/wiki/Configuring_Sudo
https://help.ubuntu.com/community/RootSudo
http://www.freebsdwiki.net/index.php/Root
Signed-off-by: Haru <haru@dotalux.com>
Diffstat (limited to 'src/common')
-rw-r--r-- | src/common/core.c | 65 |
1 files changed, 61 insertions, 4 deletions
diff --git a/src/common/core.c b/src/common/core.c index ccd80c44b..08ed4b71b 100644 --- a/src/common/core.c +++ b/src/common/core.c @@ -33,6 +33,7 @@ #include "common/strlib.h" #include "common/sysinfo.h" #include "common/nullpo.h" +#include "common/utils.h" #ifndef MINICORE # include "common/HPM.h" @@ -42,7 +43,6 @@ # include "common/sql.h" # include "common/thread.h" # include "common/timer.h" -# include "common/utils.h" #endif #ifndef _WIN32 @@ -54,6 +54,28 @@ #include <stdio.h> #include <stdlib.h> +/* + * Uncomment the line below if you want to silence the root warning on startup + * (not recommended, as it opens the machine to security risks. You should + * never ever run software as root unless it requires the extra privileges + * (which Hercules does not.) + * More info: + * http://www.tldp.org/HOWTO/Security-HOWTO/local-security.html + * http://www.gentoo.org/doc/en/security/security-handbook.xml?style=printable&part=1&chap=1#doc_chap4 + * http://wiki.centos.org/TipsAndTricks/BecomingRoot + * http://fedoraproject.org/wiki/Configuring_Sudo + * https://help.ubuntu.com/community/RootSudo + * http://www.freebsdwiki.net/index.php/Root + * + * If your service provider forces (or encourages) you to run server software + * as root, please complain to them before and after uncommenting this line, + * since it is a very bad idea. + * Please note that NO SUPPORT will be given if you uncomment the following line. + */ +//#define I_AM_AWARE_OF_THE_RISK_AND_STILL_WANT_TO_RUN_HERCULES_AS_ROOT +// And don't complain to us if the XYZ plugin you installed wiped your hard disk, or worse. +// Note: This feature is deprecated, and should not be used. + /// Called when a terminate signal is received. void (*shutdown_callback)(void) = NULL; @@ -172,11 +194,45 @@ void signals_init (void) { /** * Warns the user if executed as superuser (root) + * + * @retval false if the check didn't pass and the program should be terminated. */ -void usercheck(void) { +bool usercheck(void) +{ +#ifndef _WIN32 if (sysinfo->is_superuser()) { - ShowWarning("You are running Hercules with root privileges, it is not necessary.\n"); + if (!isatty(fileno(stdin))) { + ShowFatalError("You are running Hercules with root privileges, it is not necessary, nor recommended. " + "Aborting.\n"); + return false; // Don't allow noninteractive execution regardless. + } + ShowError("You are running Hercules with root privileges, it is not necessary, nor recommended.\n"); +#ifdef I_AM_AWARE_OF_THE_RISK_AND_STILL_WANT_TO_RUN_HERCULES_AS_ROOT +#warning This Hercules build is not eligible to obtain support by the developers. +#warning The setting I_AM_AWARE_OF_THE_RISK_AND_STILL_WANT_TO_RUN_HERCULES_AS_ROOT is deprecated and should not be used. +#else // not I_AM_AWARE_OF_THE_RISK_AND_STILL_WANT_TO_RUN_HERCULES_AS_ROOT + ShowNotice("Execution will be paused for 60 seconds. Press Ctrl-C if you wish to quit.\n"); + ShowNotice("If you want to get rid of this message, please open %s and uncomment, near the top, the line saying:\n" + "\t\"//#define I_AM_AWARE_OF_THE_RISK_AND_STILL_WANT_TO_RUN_HERCULES_AS_ROOT\"\n", __FILE__); + ShowNotice("Note: In a near future, this courtesy notice will go away. " + "Please update your infrastructure not to require root privileges before then.\n"); + ShowWarning("It's recommended that you " CL_WHITE "press CTRL-C now!" CL_RESET "\n"); + { + int i; + for (i = 0; i < 60; i++) { + ShowMessage("\a *"); + HSleep(1); + } + } + ShowMessage("\n"); + ShowNotice("Resuming operations with root privileges. " + CL_RED "If anything breaks, you get to keep the pieces, " + "and the Hercules developers won't be able to help you." + CL_RESET "\n"); +#endif // I_AM_AWARE_OF_THE_RISK_AND_STILL_WANT_TO_RUN_HERCULES_AS_ROOT } +#endif // not _WIN32 + return true; } void core_defaults(void) { @@ -426,7 +482,8 @@ int main (int argc, char **argv) { if (!(showmsg->silent&0x1)) console->display_title(); - usercheck(); + if (!usercheck()) + return EXIT_FAILURE; #ifdef MINICORE // minimalist Core do_init(argc,argv); |