Security News
NIST Misses 2024 Deadline to Clear NVD Backlog
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
sudo-block
Advanced tools
The sudo-block npm package is designed to prevent users from running your Node.js application with superuser (sudo) privileges. This can be useful for security reasons, ensuring that your application does not inadvertently gain elevated permissions.
Preventing sudo execution
This feature prevents the execution of your Node.js application with sudo privileges. By calling `sudoBlock()`, the application will exit with an error message if it detects that it is being run with superuser privileges.
const sudoBlock = require('sudo-block');
sudoBlock();
The is-root package checks if the current process is running as the root user. Unlike sudo-block, it does not prevent execution but simply provides a boolean value indicating whether the process has root privileges. This can be useful for conditional logic based on user permissions.
Block users from running your app with root permissions
npm install sudo-block
import sudoBlock from 'sudo-block';
sudoBlock();
When a file containing this function is run with root permissions it will exit and show an error message telling the user how to fix the problem, so they don't have to run it with sudo
.
Type: string
A custom message.
FAQs
Block users from running your app with root permissions
The npm package sudo-block receives a total of 171,822 weekly downloads. As such, sudo-block popularity was classified as popular.
We found that sudo-block demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.