From 253e876016e06e801b6951ed105e1374716989ba Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Tue, 10 Jun 2008 20:09:34 +0000
Subject: [PATCH] Added a blacklist for not allowed shell user names.

---
 interface/lib/shelluser_blacklist       | 34 +++++++++++++++++++++++++
 interface/web/sites/shell_user_edit.php | 22 ++++++++++++++++
 2 files changed, 56 insertions(+)
 create mode 100644 interface/lib/shelluser_blacklist

diff --git a/interface/lib/shelluser_blacklist b/interface/lib/shelluser_blacklist
new file mode 100644
index 0000000000..c49d825517
--- /dev/null
+++ b/interface/lib/shelluser_blacklist
@@ -0,0 +1,34 @@
+root
+daemon
+bin
+sys
+sync
+games
+man
+lp
+mail
+news
+uucp
+proxy
+www-data
+wwwrun
+apache
+backup
+list
+irc
+gnats
+nobody
+Debian-exim
+statd
+identd
+sshd
+mysql
+postgres
+postfix
+clamav
+amavis
+vmail
+getmail
+ispconfig
+courier
+dovecot
\ No newline at end of file
diff --git a/interface/web/sites/shell_user_edit.php b/interface/web/sites/shell_user_edit.php
index 633ef46da5..299d1b0e6b 100644
--- a/interface/web/sites/shell_user_edit.php
+++ b/interface/web/sites/shell_user_edit.php
@@ -72,6 +72,17 @@ class page_action extends tform_actions {
 		parent::onShowNew();
 	}
 	
+	function onBeforeInsert() {
+		global $app, $conf;
+		
+		// check if the username is not blacklisted
+		$blacklist = file(ISPC_LIB_PATH.'/shelluser_blacklist');
+		foreach($blacklist as $line) {
+			if(strtolower(trim($line)) == strtolower(trim($this->dataRecord['username']))) $app->tform->errorMessage .= 'The username is not allowed.';
+		}
+		unset($blacklist);
+	}
+	
 	function onAfterInsert() {
 		global $app, $conf;
 		
@@ -86,6 +97,17 @@ class page_action extends tform_actions {
 		
 	}
 	
+	function onBeforeUpdate() {
+		global $app, $conf;
+		
+		// check if the username is not blacklisted
+		$blacklist = file(ISPC_LIB_PATH.'/shelluser_blacklist');
+		foreach($blacklist as $line) {
+			if(strtolower(trim($line)) == strtolower(trim($this->dataRecord['username']))) $app->tform->errorMessage .= 'The username is not allowed.';
+		}
+		unset($blacklist);
+	}
+	
 	function onAfterUpdate() {
 		global $app, $conf;
 		
-- 
GitLab