Commit 15687e27 authored by Till Brehm's avatar Till Brehm
Browse files

Fixed some errors in user check of apache and nginx plugin.

parent 7d9346a9
......@@ -430,7 +430,7 @@ class functions {
$name_blacklist = array('root','ispconfig','vmail','getmail');
if(in_array($username,$name_blacklist)) return false;
if(preg_match('/^[\w\.\-]{0,32}$/', $username) == false) return false;
if(preg_match('/^[a-zA-Z0-9\.\-]{1,32}$/', $username) == false) return false;
if($restrict_names == true && preg_match('/^web\d+$/', $username) == false) return false;
......@@ -443,7 +443,7 @@ class functions {
$name_blacklist = array('root','ispconfig','vmail','getmail');
if(in_array($groupname,$name_blacklist)) return false;
if(preg_match('/^[\w\.\-]{0,32}$/', $groupname) == false) return false;
if(preg_match('/^[a-zA-Z0-9\.\-]{1,32}$/', $groupname) == false) return false;
if($restrict_names == true && preg_match('/^client\d+$/', $groupname) == false) return false;
......
......@@ -1824,7 +1824,7 @@ class system{
$name_blacklist = array('root','ispconfig','vmail','getmail');
if(in_array($username,$name_blacklist)) return false;
if(preg_match('/^[\w\.\-]{0,32}$/', $username) == false) return false;
if(preg_match('/^[a-zA-Z0-9\.\-]{1,32}$/', $username) == false) return false;
if($check_id && intval($this->getuid($username)) < $this->min_uid) return false;
......@@ -1833,18 +1833,18 @@ class system{
return true;
}
public function is_allowed_group($groupname, $restrict_names = false) {
public function is_allowed_group($groupname, $check_id = true, $restrict_names = false) {
global $app;
echo 1;
$name_blacklist = array('root','ispconfig','vmail','getmail');
if(in_array($groupname,$name_blacklist)) return false;
if(preg_match('/^[\w\.\-]{0,32}$/', $groupname) == false) return false;
if(intval($this->getgid($groupname)) < $this->min_gid) return false;
echo 2;
if(preg_match('/^[a-zA-Z0-9\.\-]{1,32}$/', $groupname) == false) return false;
echo 3;
if($check_id && intval($this->getgid($groupname)) < $this->min_gid) return false;
echo 4;
if($restrict_names == true && preg_match('/^client\d+$/', $groupname) == false) return false;
echo 5;
return true;
}
......
......@@ -344,9 +344,9 @@ class apache2_plugin {
if($data['new']['type'] == 'vhost' || $data['new']['type'] == 'vhostsubdomain') $app->log('document_root not set', LOGLEVEL_WARN);
return 0;
}
if(!$app->system->is_allowed_user($data['new']['system_user'], false, true)
|| !$app->system->is_allowed_group($data['new']['system_group'], false, true)) {
$app->log('Websites cannot be owned by the root user or group.', LOGLEVEL_WARN);
if($app->system->is_allowed_user($data['new']['system_user'], $app->system->is_user($data['new']['system_user']), true) == false
|| $app->system->is_allowed_group($data['new']['system_group'], $app->system->is_group($data['new']['system_group']), true) == false) {
$app->log('Websites cannot be owned by the root user or group. User: '.$data['new']['system_user'].' Group: '.$data['new']['system_group'], LOGLEVEL_WARN);
return 0;
}
if(trim($data['new']['domain']) == '') {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment