From ca40c190df0271e7bbd76e669f47a2c15f997bee Mon Sep 17 00:00:00 2001
From: xSmurf <xsmurf+github@smurfturf.net>
Date: Tue, 16 Jun 2015 01:05:51 +0000
Subject: [PATCH] Prevent oz-init from being called without root, or manually

---
 oz-init/init.go | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/oz-init/init.go b/oz-init/init.go
index 3db3017..4d8fd98 100644
--- a/oz-init/init.go
+++ b/oz-init/init.go
@@ -4,6 +4,7 @@ import (
 	"bufio"
 	"fmt"
 	"io"
+	"io/ioutil"
 	"net"
 	"os"
 	"os/exec"
@@ -63,6 +64,17 @@ func Main() {
 
 func parseArgs() *initState {
 	log := createLogger()
+
+	if os.Getuid() != 0 {
+		log.Error("oz-init must run as root\n")
+		os.Exit(1)
+	}
+	pcontents, _ := ioutil.ReadFile("/proc/1/cmdline")
+	if len(pcontents) > 0 {
+		log.Error("What are you doing? Oz-init cannot be launched manually")
+		os.Exit(1)
+	}
+
 	getvar := func(name string) string {
 		val := os.Getenv(name)
 		if val == "" {