From 315c9b8849ae7ad764035dc6ceddc0bc35cb0c95 Mon Sep 17 00:00:00 2001
From: Ophestra Umiker <cat@ophivana.moe>
Date: Sun, 13 Oct 2024 20:06:47 +0900
Subject: [PATCH] fortify: refuse to run as root

There is no good reason to run fortify as root and desktop environments typically do not like that either. This check prevents confusion for new users who might mistakenly run it as root or set the setuid bit.

Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
---
 main.go | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/main.go b/main.go
index b0558c1..9ccdf0b 100644
--- a/main.go
+++ b/main.go
@@ -38,6 +38,12 @@ func main() {
 	// shim early exit
 	shim.Try()
 
+	// root check
+	if os.Getuid() == 0 {
+		fmt.Println("fortify: this program must not run as root")
+		os.Exit(1)
+	}
+
 	// version/license/template command early exit
 	tryVersion()
 	tryLicense()