show an alert if running as root

manyfold3d · Jun 12, 2024 · 17ad870 · 17ad870
1 parent 3186251
commit 17ad870
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 0 deletions.
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
@@ -6,6 +6,7 @@ class ApplicationController < ActionController::Base
  before_action :authenticate_user!
  around_action :switch_locale
  before_action :check_for_first_use
+ before_action :show_security_alerts
  before_action :check_scan_status
  before_action :remember_ordering
 
@@ -41,4 +42,9 @@ def switch_locale(&action)
  locale = current_user&.interface_language || request.env["rack.locale"]
  I18n.with_locale(locale, &action)
  end
+
+ def show_security_alerts
+ return unless current_user&.is_administrator?
+ flash.now[:alert] = t("security.running_as_root_html") if Process.uid == 0
+ end
 end
diff --git a/config/locales/en.yml b/config/locales/en.yml
@@ -313,6 +313,8 @@ en:
  webglrenderer: Could not create renderer!
  load: Load
  processing: Reticulating splines...
+ security:
+ running_as_root_html: Manyfold is running as root, which is a security risk. Run as a different system user by setting the <code>PUID</code> and <code>PGID</code> environment variables. See <a href='https://manyfold.app/sysadmin/configuration.html#required'>the configuration documentation</a> for details.
  sites:
  cgtrader: CGTrader
  comicsgamesandthings: Comics, Games, and Things