Security News
Cloudflare Adds Security.txt Setup Wizard
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
sudo-block
Advanced tools
The sudo-block npm package is designed to prevent users from running your Node.js application with superuser (sudo) privileges. This can be useful for security reasons, ensuring that your application does not inadvertently gain elevated permissions.
Preventing sudo execution
This feature prevents the execution of your Node.js application with sudo privileges. By calling `sudoBlock()`, the application will exit with an error message if it detects that it is being run with superuser privileges.
const sudoBlock = require('sudo-block');
sudoBlock();
The is-root package checks if the current process is running as the root user. Unlike sudo-block, it does not prevent execution but simply provides a boolean value indicating whether the process has root privileges. This can be useful for conditional logic based on user permissions.
Block users from running your tool with root permissions.
Install with npm: npm install --save sudo-block
var sudoBlock = require('sudo-block');
sudoBlock('my-module');
When the above file is ran with root permissions it will exit and show an error message telling the user how to fix the problem so they don't have to run it with sudo
.
Options is either a string specifying the package name or an object with these keys:
packageName
: name of the package the error message is printed formessage
: a custom error messageBoolean indicating whether the current user is root
.
MIT License • © Sindre Sorhus
FAQs
Block users from running your app with root permissions
The npm package sudo-block receives a total of 171,822 weekly downloads. As such, sudo-block popularity was classified as popular.
We found that sudo-block demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.
Security News
ENISA’s 2024 report highlights the EU’s top cybersecurity threats, including rising DDoS attacks, ransomware, supply chain vulnerabilities, and weaponized AI.