From: Andrew Dolgov <fox@madoka.volgo-balt.ru>
Date: Fri, 17 Feb 2012 13:36:18 +0000 (+0400)
Subject: sanity check: prevent running tt-rss as root
X-Git-Tag: 1.5.10~5
X-Git-Url: https://git.wh0rd.org/?a=commitdiff_plain;h=3854d15e12e588bd736f2952f9dbbd27ed560018;p=tt-rss.git

sanity check: prevent running tt-rss as root
---

diff --git a/include/sanity_check.php b/include/sanity_check.php
index d1b2873c..3de1593f 100644
--- a/include/sanity_check.php
+++ b/include/sanity_check.php
@@ -11,6 +11,10 @@
 		require_once "config.php";
 		require_once "sanity_config.php";
 
+		if (function_exists('posix_getuid') && posix_getuid() == 0) {
+			$err_msg = "Please don't run this script as root.";
+		}
+
 		if (CONFIG_VERSION != EXPECTED_CONFIG_VERSION) {
 			$err_msg = "Configuration file (config.php) has incorrect version. Update it with new options from config.php-dist and set CONFIG_VERSION to the correct value.";
 		}
@@ -116,7 +120,7 @@
 		}
 	}
 
-	if ($err_msg) { ?>
+	if ($err_msg && defined($_SERVER['REQUEST_URI'])) { ?>
 		<html>
 		<head>
 		<title>Fatal error</title>
@@ -142,6 +146,8 @@
 
 	<?php
 		die;
+	} else if ($err_msg) {
+		die("[sanity_check] $err_msg\n");
 	}
 
 ?>