0de2390008
commit 347ba11cfe4a49bff6fc29063b49416d90525e52
Author: Fedor Korotkiy <prime@yandex-team.ru>
Date: Sat Feb 8 22:44:26 2020 +0300
Sandboxed test execution.
commit c5c9557dd59c54971a78d424ec118655f6b2005c
Author: Fedor Korotkiy <prime@yandex-team.ru>
Date: Sat Feb 8 21:13:13 2020 +0300
Fix paths used during testing.
commit 1ba21eb0aad08f543c6a99bfd927721207943abb
Author: Fedor Korotkiy <prime@yandex-team.ru>
Date: Sat Feb 8 20:56:32 2020 +0300
Helper for process sandboxing
commit 54f0aa11156c1d2c998a060b60be7af8666d5da4
Author: Fedor Korotkiy <prime@yandex-team.ru>
Date: Sat Feb 8 20:10:56 2020 +0300
Package list helper.
39 lines
548 B
Go
39 lines
548 B
Go
package commands
|
|
|
|
import (
|
|
"log"
|
|
"os/exec"
|
|
"os/user"
|
|
"strconv"
|
|
"syscall"
|
|
)
|
|
|
|
func currentUserIsRoot() bool {
|
|
me, err := user.Current()
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
|
|
return me.Uid == "0"
|
|
}
|
|
|
|
func sandbox(cmd *exec.Cmd) error {
|
|
nobody, err := user.Lookup("nobody")
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
uid, _ := strconv.Atoi(nobody.Uid)
|
|
gid, _ := strconv.Atoi(nobody.Gid)
|
|
|
|
cmd.SysProcAttr = &syscall.SysProcAttr{
|
|
Credential: &syscall.Credential{
|
|
Uid: uint32(uid),
|
|
Gid: uint32(gid),
|
|
},
|
|
}
|
|
|
|
cmd.Env = []string{}
|
|
|
|
return nil
|
|
}
|