[LON-CAPA-cvs] cvs: loncom(version_1_1_X) / lond

albertel lon-capa-cvs@mail.lon-capa.org
Thu, 08 Apr 2004 20:11:12 -0000


albertel		Thu Apr  8 16:11:12 2004 EDT

  Modified files:              (Branch: version_1_1_X)
    /loncom	lond 
  Log:
  
  - backport 1.186
  
  
Index: loncom/lond
diff -u loncom/lond:1.165.2.3 loncom/lond:1.165.2.4
--- loncom/lond:1.165.2.3	Mon Mar  8 15:13:07 2004
+++ loncom/lond	Thu Apr  8 16:11:12 2004
@@ -2,7 +2,7 @@
 # The LearningOnline Network
 # lond "LON Daemon" Server (port "LOND" 5663)
 #
-# $Id: lond,v 1.165.2.3 2004/03/08 20:13:07 albertel Exp $
+# $Id: lond,v 1.165.2.4 2004/04/08 20:11:12 albertel Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -52,7 +52,7 @@
 my $status='';
 my $lastlog='';
 
-my $VERSION='$Revision: 1.165.2.3 $'; #' stupid emacs
+my $VERSION='$Revision: 1.165.2.4 $'; #' stupid emacs
 my $remoteVERSION;
 my $currenthostid;
 my $currentdomainid;
@@ -2856,6 +2856,16 @@
 	}
     } elsif ($umode eq 'unix') {
 	{
+	    #
+	    #  Don't allow the creation of privileged accounts!!! that would
+	    #  be real bad!!!
+	    #
+	    my $uid = getpwnam($uname);
+	    if((defined $uid) && ($uid == 0)) {
+		&logthis(">>>Attempted to create privilged account blocked");
+		return "no_priv_account_error\n";
+	    }
+
 	    my $execpath="$perlvar{'lonDaemons'}/"."lcuseradd";
 	    {
 		&Debug("Executing external: ".$execpath);