From ff98adf1a6b605ab88eaa07cdc07c234f2e70ba0 Mon Sep 17 00:00:00 2001 From: Fred Boniface Date: Tue, 16 Apr 2024 19:20:19 +0100 Subject: [PATCH] Prevent running as root user --- Dockerfile | 1 + main.go | 25 +++++++++++++++++++++++-- 2 files changed, 24 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index da62302..9ce43ca 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,4 +5,5 @@ RUN go build . FROM scratch COPY --from=builder /source/timetable-mgr /bin/timetable-mgr +USER nobody CMD [ "/bin/timetable-mgr" ] \ No newline at end of file diff --git a/main.go b/main.go index 726b4a9..c654042 100644 --- a/main.go +++ b/main.go @@ -19,9 +19,19 @@ import ( "go.uber.org/zap" ) +const ( + bold = "\033[1m" + redB = "\033[1;31m" + blue = "\033[32m" //Actually green! + cyan = "\033[36m" + reset = "\033[0m" +) + func init() { printStartupBanner() - fmt.Printf("Version %s \n\n", helpers.Version) + fmt.Printf("%sVersion %s \n\n%s", bold+blue, helpers.Version, reset) + + checkRunAsRoot() } func main() { @@ -110,5 +120,16 @@ func printStartupBanner() { |___/ ` - fmt.Println(art) + fmt.Println(cyan + art + reset) +} + +func checkRunAsRoot() { + uid := os.Getuid() + if uid != 0 { + return + } + + fmt.Println(redB + "This program must not be run as the root user" + reset) + fmt.Println("") + os.Exit(1) }