From a2648f5be3d3e5ddbb777adf58983f817a95e6fe Mon Sep 17 00:00:00 2001
From: unknown <jasprose@protonmail.com>
Date: Wed, 16 Nov 2022 09:34:25 +0100
Subject: [PATCH] Warn if running as admin/root

---
 ostools.py    | 16 ++++++++++++++++
 pesterchum.py | 35 ++++++++++++++++++++++++++++++++++-
 2 files changed, 50 insertions(+), 1 deletion(-)

diff --git a/ostools.py b/ostools.py
index 73a3f52..7b94d61 100644
--- a/ostools.py
+++ b/ostools.py
@@ -1,5 +1,6 @@
 import os
 import sys
+import ctypes
 import platform
 
 try:
@@ -39,6 +40,21 @@ def osVer():
         return " ".join(platform.linux_distribution())
 
 
+def isRoot():
+    """Return True if running with elevated privileges."""
+    # Windows
+    try:
+        if isWin32():
+            return ctypes.windll.shell32.IsUserAnAdmin() == 1
+    except OSError as win_issue:
+        print(win_issue)
+    # Unix
+    if hasattr(os, "getuid"):
+        return not os.getuid()  # 0 if root
+    # Just assume it's fine otherwise ig
+    return False
+
+
 def validateDataDir():
     """Checks if data directory is present"""
     # Define paths
diff --git a/pesterchum.py b/pesterchum.py
index da5f18a..10faa5a 100755
--- a/pesterchum.py
+++ b/pesterchum.py
@@ -1304,7 +1304,6 @@ class PesterWindow(MovingWindow):
                 | QtCore.Qt.WindowType.FramelessWindowHint
             ),
         )
-
         # For debugging
         _CONSOLE_ENV.PAPP = self
         # TODO: karxi: SO! At the end of this function it seems like that
@@ -1370,6 +1369,10 @@ class PesterWindow(MovingWindow):
             )
             self.theme = self.userprofile.getTheme()
 
+        # Silly guy prevention pt. 2
+        # We really shouldn't run as root.
+        self.root_check()
+
         # karxi: For the record, these are set via commandline arguments. By
         # default, they aren't usable any other way - you can't set them via
         # the config files.
@@ -1700,6 +1703,36 @@ class PesterWindow(MovingWindow):
         self.updatemenu = None
     """
 
+    def root_check(self):
+        """Raise a warning message box if Pesterchum has admin/root privileges."""
+        if ostools.isRoot():
+            msgbox = QtWidgets.QMessageBox()
+            msg = (
+                "Running with elevated privileges, "
+                "this is potentially a security risk."
+                "\nThere is no valid reason to run Pesterchum as an administrator or as root."
+                "\n\nQuit?"
+            )
+            msgbox.setWindowTitle("Unnecessary permissions warning")
+            msgbox.setStyleSheet(
+                "QMessageBox{ %s }" % self.theme["main/defaultwindow/style"]
+            )
+            msgbox.setInformativeText(msg)
+            msgbox.setIcon(QtWidgets.QMessageBox.Icon.Warning)
+            msgbox.setStandardButtons(
+                QtWidgets.QMessageBox.StandardButton.Yes
+                | QtWidgets.QMessageBox.StandardButton.No
+            )
+            continue_anyway = msgbox.button(QtWidgets.QMessageBox.StandardButton.No)
+            continue_anyway.setText(
+                "I'm a silly little guy and want to continue anyway"
+            )
+            msgbox.setDefaultButton(QtWidgets.QMessageBox.StandardButton.Yes)
+            ret = msgbox.exec()
+            if ret == QtWidgets.QMessageBox.StandardButton.Yes:
+                self.app.quit()  # Optional
+                sys.exit()
+
     @QtCore.pyqtSlot()
     def checkPing(self):
         """Check if server is alive on app level,