ctf: do not allow dwarf2ctf to run as root

This is just insanely dangerous: with the addition of the CTF_DEBUGDIR
info it reads almost arbitrary DWARF.  elfutils is not root-rated and
frankly neither is dwarf2ctf, valgrind or no valgrind.  It's just too
complicated to risk that way.

Signed-off-by: Nick Alcock <nick.alcock@oracle.com>
Reviewed-by: Tomas Jedlicka <tomas.jedlicka@oracle.com>
Orabug: 25815362

diff --git a/scripts/dwarf2ctf/dwarf2ctf.c b/scripts/dwarf2ctf/dwarf2ctf.c
index 639198c70363a62da0a19a3c2c1399c32e11b1cd..6b993ad86b6f4c45f2715c0f69ead0a42c58e26b 100644 (file)
--- a/scripts/dwarf2ctf/dwarf2ctf.c
+++ b/scripts/dwarf2ctf/dwarf2ctf.c
@@ -834,6 +834,11 @@ int main(int argc, char *argv[])
 
        trace = getenv("DWARF2CTF_TRACE");
 
+       if (getuid() == 0 || geteuid() == 0) {
+               fprintf(stderr, "dwarf2ctf: run as a regular user, not root.\n");
+               exit(1);
+       }
+
        if ((argc != 4 && argc != 8) ||
            (argc == 4 && strcmp(argv[2], "-e") != 0)) {
                fprintf(stderr, "Syntax: dwarf2ctf output-file srcdir "