From f0bd1e98962a6821cdb0543cfc2e5159d443d36a Mon Sep 17 00:00:00 2001 From: techknowlogick Date: Thu, 7 Oct 2021 04:52:08 -0400 Subject: Add protection to disable Gitea when run as root (#17168) Co-authored-by: delvh Co-authored-by: 6543 <6543@obermui.de> --- modules/setting/setting.go | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'modules/setting/setting.go') diff --git a/modules/setting/setting.go b/modules/setting/setting.go index 88302be1d3..2133184cfc 100644 --- a/modules/setting/setting.go +++ b/modules/setting/setting.go @@ -902,6 +902,9 @@ func NewContext() { } RunUser = Cfg.Section("").Key("RUN_USER").MustString(user.CurrentUsername()) + // The following is a purposefully undocumented option. Please do not run Gitea as root. It will only cause future headaches. + // Please don't use root as a bandaid to "fix" something that is broken, instead the broken thing should instead be fixed properly. + unsafeAllowRunAsRoot := Cfg.Section("").Key("I_AM_BEING_UNSAFE_RUNNING_AS_ROOT").MustBool(false) RunMode = Cfg.Section("").Key("RUN_MODE").MustString("prod") // Does not check run user when the install lock is off. if InstallLock { @@ -911,6 +914,15 @@ func NewContext() { } } + // check if we run as root + if os.Getuid() == 0 { + if !unsafeAllowRunAsRoot { + // Special thanks to VLC which inspired the wording of this messaging. + log.Fatal("Gitea is not supposed to be run as root. Sorry. If you need to use privileged TCP ports please instead use setcap and the `cap_net_bind_service` permission") + } + log.Critical("You are running Gitea using the root user, and have purposely chosen to skip built-in protections around this. You have been warned against this.") + } + SSH.BuiltinServerUser = Cfg.Section("server").Key("BUILTIN_SSH_SERVER_USER").MustString(RunUser) newRepository() -- cgit v1.2.3