Commit 253e8760 authored by tbrehm's avatar tbrehm
Browse files

Added a blacklist for not allowed shell user names.

parent 525a7316
root
daemon
bin
sys
sync
games
man
lp
mail
news
uucp
proxy
www-data
wwwrun
apache
backup
list
irc
gnats
nobody
Debian-exim
statd
identd
sshd
mysql
postgres
postfix
clamav
amavis
vmail
getmail
ispconfig
courier
dovecot
\ No newline at end of file
......@@ -72,6 +72,17 @@ class page_action extends tform_actions {
parent::onShowNew();
}
function onBeforeInsert() {
global $app, $conf;
// check if the username is not blacklisted
$blacklist = file(ISPC_LIB_PATH.'/shelluser_blacklist');
foreach($blacklist as $line) {
if(strtolower(trim($line)) == strtolower(trim($this->dataRecord['username']))) $app->tform->errorMessage .= 'The username is not allowed.';
}
unset($blacklist);
}
function onAfterInsert() {
global $app, $conf;
......@@ -86,6 +97,17 @@ class page_action extends tform_actions {
}
function onBeforeUpdate() {
global $app, $conf;
// check if the username is not blacklisted
$blacklist = file(ISPC_LIB_PATH.'/shelluser_blacklist');
foreach($blacklist as $line) {
if(strtolower(trim($line)) == strtolower(trim($this->dataRecord['username']))) $app->tform->errorMessage .= 'The username is not allowed.';
}
unset($blacklist);
}
function onAfterUpdate() {
global $app, $conf;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment