fix: apply security patches for configuration file and local executor

cmd/joj3/conf/conf.go

@@ -13,6 +13,7 @@ import (
 	"path/filepath"
 	"regexp"
 	"strings"
+	"syscall"
 
 	"github.com/go-git/go-git/v5"
 	"github.com/koding/multiconfig"
@@ -183,6 +184,19 @@ func GetConfPath(confRoot, confName, fallbackConfName, msg, tag string) (
 			return confPath, confStat, conventionalCommit, err
 		}
 	}
+	// Check file ownership
+	if stat, ok := confStat.Sys().(*syscall.Stat_t); ok {
+		uid := int(stat.Uid)
+		currentUid := os.Getuid()
+		if uid != 0 && uid != currentUid {
+			err = fmt.Errorf("insecure configuration file: owned by uid %d, expected 0 or %d", uid, currentUid)
+			slog.Error("insecure conf file", "path", confPath, "uid", uid, "expected_uid", currentUid)
+			return confPath, confStat, conventionalCommit, err
+		}
+	} else {
+		slog.Warn("could not determine file ownership, proceeding with caution", "path", confPath)
+	}
+
 	return confPath, confStat, conventionalCommit, err
 }
 

internal/executor/local/meta.go

@@ -3,12 +3,18 @@
 // used for passing run time parameters.
 package local
 
-import "github.com/joint-online-judge/JOJ3/internal/stage"
+import (
+	"os"
+
+	"github.com/joint-online-judge/JOJ3/internal/stage"
+)
 
 var name = "local"
 
 type Local struct{}
 
 func init() {
-	stage.RegisterExecutor(name, &Local{})
+	if os.Getenv("JOJ3_ENABLE_LOCAL_EXECUTOR") == "true" {
+		stage.RegisterExecutor(name, &Local{})
+	}
 }