fix: apply security patches for configuration file and local executor

2026-03-12 21:41:06 +08:00 · 2026-03-12 21:41:06 +08:00 · 0a2d783dcd
commit 0a2d783dcd
parent 0a5b3bdc71
2 changed files with 22 additions and 2 deletions
--- a/cmd/joj3/conf/conf.go
+++ b/cmd/joj3/conf/conf.go
@ -13,6 +13,7 @@ import (
 	"path/filepath"
 	"regexp"
 	"strings"
+	"syscall"

 	"github.com/go-git/go-git/v5"
 	"github.com/koding/multiconfig"
@ -183,6 +184,19 @@ func GetConfPath(confRoot, confName, fallbackConfName, msg, tag string) (
 			return confPath, confStat, conventionalCommit, err
 		}
 	}
+	// Check file ownership
+	if stat, ok := confStat.Sys().(*syscall.Stat_t); ok {
+		uid := int(stat.Uid)
+		currentUid := os.Getuid()
+		if uid != 0 && uid != currentUid {
+			err = fmt.Errorf("insecure configuration file: owned by uid %d, expected 0 or %d", uid, currentUid)
+			slog.Error("insecure conf file", "path", confPath, "uid", uid, "expected_uid", currentUid)
+			return confPath, confStat, conventionalCommit, err
+		}
+	} else {
+		slog.Warn("could not determine file ownership, proceeding with caution", "path", confPath)
+	}
+
 	return confPath, confStat, conventionalCommit, err
 }

--- a/internal/executor/local/meta.go
+++ b/internal/executor/local/meta.go
@ -3,12 +3,18 @@
 // used for passing run time parameters.
 package local

-import "github.com/joint-online-judge/JOJ3/internal/stage"
+import (
+	"os"
+
+	"github.com/joint-online-judge/JOJ3/internal/stage"
+)

 var name = "local"

 type Local struct{}

 func init() {
+	if os.Getenv("JOJ3_ENABLE_LOCAL_EXECUTOR") == "true" {
 		stage.RegisterExecutor(name, &Local{})
+	}
 }