Disp: Do not allow running as root

Modify also BR/SIG to avoid package shadowing Fixes scionproto#3067
karampok · Sep 2, 2019 · 394f566 · 394f566
1 parent 5276b4c
commit 394f566
Show file tree

Hide file tree

Showing 4 changed files with 23 additions and 4 deletions.
diff --git a/go/border/main.go b/go/border/main.go
@@ -126,11 +126,11 @@ func setup() error {
 }
 
 func checkPerms() error {
-	user, err := user.Current()
+	u, err := user.Current()
 	if err != nil {
 		return common.NewBasicError("Error retrieving user", err)
 	}
-	if user.Uid == "0" {
+	if u.Uid == "0" {
 		return common.NewBasicError("Running as root is not allowed for security reasons", nil)
 	}
 	return nil

diff --git a/go/godispatcher/BUILD.bazel b/go/godispatcher/BUILD.bazel
@@ -10,6 +10,7 @@ go_library(
         "//go/godispatcher/internal/config:go_default_library",
         "//go/godispatcher/internal/metrics:go_default_library",
         "//go/godispatcher/network:go_default_library",
+        "//go/lib/common:go_default_library",
         "//go/lib/env:go_default_library",
         "//go/lib/fatal:go_default_library",
         "//go/lib/log:go_default_library",

diff --git a/go/godispatcher/main.go b/go/godispatcher/main.go
@@ -21,12 +21,14 @@ import (
 	"net/http"
 	_ "net/http/pprof"
 	"os"
+	"os/user"
 
 	"github.com/BurntSushi/toml"
 
 	"github.com/scionproto/scion/go/godispatcher/internal/config"
 	"github.com/scionproto/scion/go/godispatcher/internal/metrics"
 	"github.com/scionproto/scion/go/godispatcher/network"
+	"github.com/scionproto/scion/go/lib/common"
 	"github.com/scionproto/scion/go/lib/env"
 	"github.com/scionproto/scion/go/lib/fatal"
 	"github.com/scionproto/scion/go/lib/log"
@@ -60,6 +62,11 @@ func realMain() int {
 		return 1
 	}
 
+	if err := checkPerms(); err != nil {
+		log.Crit("Permissions checks failed", "err", err)
+		return 1
+	}
+
 	if err := util.CreateParentDirs(cfg.Dispatcher.ApplicationSocket); err != nil {
 		log.Crit("Unable to create directory tree for socket", "err", err)
 		return 1
@@ -154,3 +161,14 @@ func waitForTeardown() int {
 		return 1
 	}
 }
+
+func checkPerms() error {
+	u, err := user.Current()
+	if err != nil {
+		return common.NewBasicError("Error retrieving user", err)
+	}
+	if u.Uid == "0" {
+		return common.NewBasicError("Running as root is not allowed for security reasons", nil)
+	}
+	return nil
+}
diff --git a/go/sig/main.go b/go/sig/main.go
@@ -192,11 +192,11 @@ func setupIngress(tunIO io.ReadWriteCloser) {
 }
 
 func checkPerms() error {
-	user, err := user.Current()
+	u, err := user.Current()
 	if err != nil {
 		return common.NewBasicError("Error retrieving user", err)
 	}
-	if user.Uid == "0" {
+	if u.Uid == "0" {
 		return common.NewBasicError("Running as root is not allowed for security reasons", nil)
 	}
 	caps, err := capability.NewPid(0)