X-Git-Url: http://git.hungrycats.org/cgi-bin/gitweb.cgi?p=xscreensaver;a=blobdiff_plain;f=driver%2Fsubprocs.c;h=53dd884e9e56d81e944818fe79ecfd3975db545e;hp=8b6187d9a1b6732cfb17ee13c895e3c570df625c;hb=278c59e14c53fd412b734e699bd4f314f766f804;hpb=551b3de3f619c04c2dd1971ee9b3f02e270c28c9

diff --git a/driver/subprocs.c b/driver/subprocs.c
index 8b6187d9..53dd884e 100644
--- a/driver/subprocs.c
+++ b/driver/subprocs.c
@@ -248,6 +248,17 @@ exec_screenhack (saver_info *si, const char *command)
   Bool hairy_p = !!strpbrk (command, "*?$&!<>[];`'\\\"=");
   /* note: = is in the above because of the sh syntax "FOO=bar cmd". */
 
+  if (getuid() == (uid_t) 0 || geteuid() == (uid_t) 0)
+    {
+      /* If you're thinking of commenting this out, think again.
+         If you do so, you will open a security hole.  Mail jwz
+         so that he may enlighten you as to the error of your ways.
+       */
+      fprintf (stderr, "%s: we're still running as root!  Disaster!\n",
+               blurb());
+      saver_exit (si, 1, 0);
+    }
+
   if (p->verbose_p)
     fprintf (stderr, "%s: spawning \"%s\" in pid %lu%s.\n",
 	     blurb(), command, (unsigned long) getpid (),