OpenSource/PaperMC
OpenSource/PaperMC
1
0
Fork 0
mirror of https://github.com/PaperMC/Paper.git synced 2025-01-06 10:44:39 +01:00
Code Issues Projects Releases Packages Wiki Activity

Revert "Add root/admin user detection (#2432)"

Browse source 
This reverts commit cca9b1fca7.

Unknown issue on CentOS/RHEL(?) requires further examination.
This commit is contained in:
Zach Brown 2020-02-18 22:32:13 -06:00
parent cca9b1fca7
commit ad370d55b8
1 changed files with 0 additions and 84 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

84
Spigot-Server-Patches/Add-root-admin-user-detection.patch
View file

@ -1,84 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: egg82 <eggys82@gmail.com>
Date: Thu, 8 Aug 2019 14:12:48 -0600
Subject: [PATCH] Add root/admin user detection
This patch detects whether or not the server is currently executing as a privileged user and spits out a warning.
The warning serves as a sort-of PSA for newer server admins who don't understand the risks of running as root.
We've seen plenty of bad/malicious plugins hit markets, and there's been a few close-calls with exploits in the past.
Hopefully this helps mitigate some potential damage to servers, even if it is just a warning.
diff --git a/src/main/java/com/destroystokyo/paper/util/ServerEnvironment.java b/src/main/java/com/destroystokyo/paper/util/ServerEnvironment.java
new file mode 100644
index 000000000..76bfae177
--- /dev/null
+++ b/src/main/java/com/destroystokyo/paper/util/ServerEnvironment.java
@@ -0,0 +0,0 @@
+package com.destroystokyo.paper.util;
+
+import java.io.OutputStream;
+import java.io.PrintStream;
+import java.util.prefs.Preferences;
+
+public class ServerEnvironment {
+ private static final boolean runningAsRootOrAdmin;
+
+ static {
+ // https://stackoverflow.com/a/23538961
+ Preferences prefs = Preferences.systemRoot();
+ PrintStream err = System.err;
+ PrintStream emptyStream = new PrintStream(new OutputStream() {
+ @Override
+ public void write(int b) { }
+ });
+
+ System.err.flush();
+ System.setErr(emptyStream);
+
+ boolean retVal;
+ try {
+ prefs.put("papermc.priv_test", "This is a test performed by the Paper Minecraft server software."); // SecurityException
+ prefs.remove("papermc.priv_test");
+ prefs.flush(); // BackingStoreException
+ retVal = true;
+ } catch (Exception ignored) { // Windows = SecurityException, Linux = BackingStoreException
+ retVal = false;
+ }
+ runningAsRootOrAdmin = retVal;
+
+ System.err.flush();
+ System.setErr(err);
+ }
+
+ public static boolean userIsRootOrAdmin() { return runningAsRootOrAdmin; }
+}
diff --git a/src/main/java/org/bukkit/craftbukkit/Main.java b/src/main/java/org/bukkit/craftbukkit/Main.java
index af05f3c1e..2a0273074 100644
--- a/src/main/java/org/bukkit/craftbukkit/Main.java
+++ b/src/main/java/org/bukkit/craftbukkit/Main.java
@@ -0,0 +0,0 @@
package org.bukkit.craftbukkit;
+import com.destroystokyo.paper.util.ServerEnvironment; // Paper
import java.io.File;
import java.io.IOException;
import java.text.SimpleDateFormat;
@@ -0,0 +0,0 @@ public class Main {
System.setProperty(TerminalConsoleAppender.JLINE_OVERRIDE_PROPERTY, "false"); // Paper
}
+ // Paper start - detect running as root
+ if (ServerEnvironment.userIsRootOrAdmin()) {
+ System.err.println("****************************");
+ System.err.println("YOU ARE RUNNING AS AN ADMINISTRATIVE OR ROOT USER. THIS IS NOT ADVISED.");
+ System.err.println("YOU ARE OPENING YOURSELF UP TO POTENTIAL RISKS WHEN DOING THIS.");
+ System.err.println("MALWARE, BAD PLUGINS, AND ATTACKERS WILL HAVE COMPLETE ACCESS AND CONTROL OF YOUR MACHINE.");
+ System.err.println("****************************");
+ System.err.println();
+ }
+ // Paper end
+
if (Main.class.getPackage().getImplementationVendor() != null && System.getProperty("IReallyKnowWhatIAmDoingISwear") == null) {
Date buildDate = new SimpleDateFormat("yyyyMMdd-HHmm").parse(Main.class.getPackage().getImplementationVendor());
--