downgrade-root
Advanced tools
Comparing version 1.2.2 to 2.0.0
36
index.js
@@ -1,21 +0,23 @@ | ||
'use strict'; | ||
var isRoot = require('is-root'); | ||
var defaultUid = require('default-uid'); | ||
import isRoot from 'is-root'; | ||
import defaultUid from 'default-uid'; | ||
module.exports = function () { | ||
if (isRoot()) { | ||
// setgid needs to happen before setuid to avoid EPERM | ||
if (process.setgid) { | ||
var gid = parseInt(process.env.SUDO_GID, 10); | ||
if (gid && gid > 0) { | ||
process.setgid(gid); | ||
} | ||
export default function downgradeRoot() { | ||
if (!isRoot()) { | ||
return; | ||
} | ||
// `setgid`` needs to happen before setuid to avoid EPERM. | ||
if (process.setgid) { | ||
const gid = Number.parseInt(process.env.SUDO_GID, 10); | ||
if (gid && gid > 0) { | ||
process.setgid(gid); | ||
} | ||
if (process.setuid) { | ||
var uid = parseInt(process.env.SUDO_UID, 10) || defaultUid(); | ||
if (uid && uid > 0) { | ||
process.setuid(uid); | ||
} | ||
} | ||
if (process.setuid) { | ||
const uid = Number.parseInt(process.env.SUDO_UID, 10) || defaultUid(); | ||
if (uid && uid > 0) { | ||
process.setuid(uid); | ||
} | ||
} | ||
}; | ||
} |
{ | ||
"name": "downgrade-root", | ||
"version": "1.2.2", | ||
"description": "Try to downgrade the permissions of a process with root privileges", | ||
"license": "MIT", | ||
"repository": "sindresorhus/downgrade-root", | ||
"author": { | ||
"name": "Sindre Sorhus", | ||
"email": "sindresorhus@gmail.com", | ||
"url": "sindresorhus.com" | ||
}, | ||
"engines": { | ||
"node": ">=0.10.0" | ||
}, | ||
"scripts": { | ||
"test": "ava" | ||
}, | ||
"files": [ | ||
"index.js" | ||
], | ||
"keywords": [ | ||
"sudo", | ||
"root", | ||
"user", | ||
"permissions", | ||
"uid", | ||
"block", | ||
"prevent", | ||
"stop", | ||
"downgrade", | ||
"drop", | ||
"privileges" | ||
], | ||
"dependencies": { | ||
"default-uid": "^1.0.0", | ||
"is-root": "^1.0.0" | ||
}, | ||
"devDependencies": { | ||
"ava": "*" | ||
} | ||
"name": "downgrade-root", | ||
"version": "2.0.0", | ||
"description": "Try to downgrade the permissions of a process with root privileges", | ||
"license": "MIT", | ||
"repository": "sindresorhus/downgrade-root", | ||
"funding": "https://github.com/sponsors/sindresorhus", | ||
"author": { | ||
"name": "Sindre Sorhus", | ||
"email": "sindresorhus@gmail.com", | ||
"url": "https://sindresorhus.com" | ||
}, | ||
"type": "module", | ||
"exports": "./index.js", | ||
"engines": { | ||
"node": ">=12" | ||
}, | ||
"scripts": { | ||
"test": "xo && ava" | ||
}, | ||
"files": [ | ||
"index.js" | ||
], | ||
"keywords": [ | ||
"sudo", | ||
"root", | ||
"user", | ||
"permissions", | ||
"uid", | ||
"block", | ||
"prevent", | ||
"stop", | ||
"downgrade", | ||
"drop", | ||
"privileges" | ||
], | ||
"dependencies": { | ||
"default-uid": "^2.0.0", | ||
"is-root": "^3.0.0" | ||
}, | ||
"devDependencies": { | ||
"ava": "^3.15.0", | ||
"xo": "^0.39.1" | ||
} | ||
} |
@@ -1,2 +0,2 @@ | ||
# downgrade-root [![Build Status](https://travis-ci.org/sindresorhus/downgrade-root.svg?branch=master)](https://travis-ci.org/sindresorhus/downgrade-root) | ||
# downgrade-root | ||
@@ -9,18 +9,16 @@ > Try to downgrade the permissions of a process with root privileges | ||
## Install | ||
``` | ||
$ npm install --save downgrade-root | ||
$ npm install downgrade-root | ||
``` | ||
## Usage | ||
```js | ||
var downgradeRoot = require('downgrade-root'); | ||
import downgradeRoot from 'downgrade-root'; | ||
try { | ||
downgradeRoot(); | ||
} catch (err) { | ||
} catch { | ||
console.error('Couldn\'t downgrade permissions'); | ||
@@ -30,10 +28,4 @@ } | ||
## Tip | ||
Useful for [trying to downgrade permission](https://github.com/sindresorhus/root-check) before [blocking](https://github.com/sindresorhus/sudo-block) using your app as root. | ||
## License | ||
MIT © [Sindre Sorhus](http://sindresorhus.com) |
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
0
Yes
3067
2
30
+ Addeddefault-uid@2.0.0(transitive)
+ Addedis-root@3.0.0(transitive)
- Removeddefault-uid@1.0.0(transitive)
- Removedis-root@1.0.0(transitive)
Updateddefault-uid@^2.0.0
Updatedis-root@^3.0.0