From 3854d15e12e588bd736f2952f9dbbd27ed560018 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Fri, 17 Feb 2012 17:36:18 +0400 Subject: [PATCH] sanity check: prevent running tt-rss as root --- include/sanity_check.php | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/include/sanity_check.php b/include/sanity_check.php index d1b2873ca..3de1593f3 100644 --- a/include/sanity_check.php +++ b/include/sanity_check.php @@ -11,6 +11,10 @@ require_once "config.php"; require_once "sanity_config.php"; + if (function_exists('posix_getuid') && posix_getuid() == 0) { + $err_msg = "Please don't run this script as root."; + } + if (CONFIG_VERSION != EXPECTED_CONFIG_VERSION) { $err_msg = "Configuration file (config.php) has incorrect version. Update it with new options from config.php-dist and set CONFIG_VERSION to the correct value."; } @@ -116,7 +120,7 @@ } } - if ($err_msg) { ?> + if ($err_msg && defined($_SERVER['REQUEST_URI'])) { ?> Fatal error @@ -142,6 +146,8 @@