diff options
| author | erg@google.com <erg@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-03-02 18:39:22 +0000 |
|---|---|---|
| committer | erg@google.com <erg@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-03-02 18:39:22 +0000 |
| commit | d0aff40acbcf6714daef11e343f409bb11ea7678 (patch) | |
| tree | df07343e1a7cc0cf50d23e84896a080103065bfc /chrome/browser/browser_main_gtk.cc | |
| parent | fc0f7aa679b48f458ecf4e207eefbceef429f063 (diff) | |
| download | chromium_src-d0aff40acbcf6714daef11e343f409bb11ea7678.zip chromium_src-d0aff40acbcf6714daef11e343f409bb11ea7678.tar.gz chromium_src-d0aff40acbcf6714daef11e343f409bb11ea7678.tar.bz2 | |
GTK: Refuse to run as root.
Running chrome with sudo will change the owner of chrome's config files. This
is really bad and more people accidentally run 'sudo chrome' once and then
screw their profile up.
Inspired by a real life support case this morning and rereading jwz's take on
the issue on evanm@'s blog.
BUG=74594
TEST='sudo chrome' pops up a nice error message and all the files in the profile directory aren't owned by root.
Review URL: http://codereview.chromium.org/6591083
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@76565 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/browser/browser_main_gtk.cc')
| -rw-r--r-- | chrome/browser/browser_main_gtk.cc | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/chrome/browser/browser_main_gtk.cc b/chrome/browser/browser_main_gtk.cc index 017bbfa..fd73fcb 100644 --- a/chrome/browser/browser_main_gtk.cc +++ b/chrome/browser/browser_main_gtk.cc @@ -4,6 +4,7 @@ #include "chrome/browser/browser_main_gtk.h" +#include <gtk/gtk.h> #include <sys/stat.h> #include <sys/types.h> #include <unistd.h> @@ -18,8 +19,13 @@ #include "chrome/common/result_codes.h" #include "content/browser/renderer_host/render_sandbox_host_linux.h" #include "content/browser/zygote_host_linux.h" +#include "grit/chromium_strings.h" +#include "grit/generated_resources.h" +#include "ui/base/l10n/l10n_util.h" +#include "ui/base/resource/resource_bundle.h" #include "ui/base/x/x11_util.h" #include "ui/base/x/x11_util_internal.h" +#include "ui/gfx/gtk_util.h" #if defined(USE_NSS) #include "base/nss_util.h" @@ -54,6 +60,8 @@ int BrowserX11IOErrorHandler(Display* d) { } // namespace void BrowserMainPartsGtk::PreEarlyInitialization() { + DetectRunningAsRoot(); + BrowserMainPartsPosix::PreEarlyInitialization(); SetupSandbox(); @@ -64,6 +72,43 @@ void BrowserMainPartsGtk::PreEarlyInitialization() { #endif } +void BrowserMainPartsGtk::DetectRunningAsRoot() { + if (geteuid() == 0) { + const CommandLine& command_line = *CommandLine::ForCurrentProcess(); + gfx::GtkInitFromCommandLine(command_line); + + // Get just enough of our resource machinery up so we can extract the + // locale appropriate string. Note that the GTK implementation ignores the + // passed in parameter and checks the LANG environment variables instead. + ResourceBundle::InitSharedInstance(""); + + std::string message = l10n_util::GetStringFUTF8( + IDS_REFUSE_TO_RUN_AS_ROOT, + l10n_util::GetStringUTF16(IDS_PRODUCT_NAME)); + GtkWidget* dialog = gtk_message_dialog_new( + NULL, + static_cast<GtkDialogFlags>(0), + GTK_MESSAGE_ERROR, + GTK_BUTTONS_CLOSE, + "%s", + message.c_str()); + + message = l10n_util::GetStringFUTF8( + IDS_REFUSE_TO_RUN_AS_ROOT_2, + l10n_util::GetStringUTF16(IDS_PRODUCT_NAME)); + gtk_message_dialog_format_secondary_text(GTK_MESSAGE_DIALOG(dialog), + "%s", + message.c_str()); + + message = l10n_util::GetStringUTF8(IDS_PRODUCT_NAME); + gtk_window_set_title(GTK_WINDOW(dialog), message.c_str()); + + gtk_dialog_run(GTK_DIALOG(dialog)); + gtk_widget_destroy(dialog); + exit(EXIT_FAILURE); + } +} + void BrowserMainPartsGtk::SetupSandbox() { // TODO(evanm): move this into SandboxWrapper; I'm just trying to move this // code en masse out of chrome_main for now. |