Example #1
0
func ensureNoPrivs() error {
	if isRoot() {
		return errors.New("still have non-zero UID or GID")
	}

	err := setuid.Setuid(0)
	if err == nil {
		return errors.New("Can't drop privileges - setuid(0) still succeeded")
	}

	err = setuid.Setgid(0)
	if err == nil {
		return errors.New("Can't drop privileges - setgid(0) still succeeded")
	}

	if caps.HaveAny() {
		return errors.New("Still have some capabilities after attempting to drop them")
	}

	return nil
}
Example #2
0
// Returns true if either or both of the following are true:
//
// Any of the UID, EUID, GID or EGID are zero.
//
// On supported platforms which support capabilities (currently Linux), any
// capabilities are present.
func IsRoot() bool {
	return caps.HaveAny() || isRoot()
}