Verified Commit bc581cf3 authored by Aral Balkan's avatar Aral Balkan
Browse files

Refactor to pull out running as root security check

And apply to enable command also.
parent e0290d02
......@@ -28,6 +28,8 @@ const Site = require('../../index')
function enable (args) {
Site.logAppNameAndVersion()
// Security
Util.refuseToRunAsRoot()
//
// Sanity checks.
......
......@@ -257,14 +257,7 @@ class Site {
// Introduce ourselves.
Site.logAppNameAndVersion()
// Refuse to run if this is the root account.
if (process.env.USER === 'root' && process.env.SUDO_USER === undefined) {
// This is an attempt to run Site.js from the root account.
// Reject for security reasons.
console.log(`\n ❌ ${clr('❨site.js❩ Error:', 'red')} Refusing to run from the root account for security reasons.\n`)
console.log(` ${clr('Please create and use an account with regular privileges to run Site.js.', 'yellow')}\n`)
process.exit(1)
}
Util.refuseToRunAsRoot()
this.eventEmitter = new EventEmitter()
......
......@@ -8,10 +8,22 @@
const os = require('os')
const path = require('path')
const process = require('process')
const clr = require('../lib/clr')
class Util {
static refuseToRunAsRoot () {
// Refuse to run if this is the root account.
if (process.env.USER === 'root' && process.env.SUDO_USER === undefined) {
// This is an attempt to run Site.js from the root account.
// Reject for security reasons.
console.log(`\n ❌ ${clr('❨site.js❩ Error:', 'red')} Refusing to run from the root account for security reasons.\n`)
console.log(` ${clr('Please create and use an account with regular privileges to run Site.js.', 'yellow')}\n`)
process.exit(1)
}
}
// It is a common mistake to start the server in a .dynamic folder (or subfolder)
// or a .hugo folder or subfolder, etc. In these cases, try to recover and do the right thing.
static magicallyRewritePathToServeIfNecessary (pathSpecified, pathToServe) {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment